Authentication Factors
How does a system know you are really you?
- Define authentication
- Describe the three authentication factors
- Classify common authentication methods by factor
Overview
Authentication is proving that you are the person you claim to be. Every login screen is an authentication challenge. Security experts group all authentication methods into three factors: something you know, something you have, and something you are. Combining factors is much stronger than adding rules to a single one.
Something You Know
Passwords, PINs and security questions. Cheapest to deploy but easiest to steal — through phishing, guessing or shoulder-surfing.
Something You Have
Phone with an authenticator app, hardware key (YubiKey), or bank card. Attackers must physically steal or clone the device.
Something You Are
Biometrics: fingerprint, face, iris, voice. Very convenient, but cannot be changed if leaked.
Classify the Methods
- Take the list of 10 authentication methods (password, fingerprint, OTP, face unlock, PIN, hardware key, voice, retina, USB card, pattern lock).
- In pairs, sort each into know / have / are.
- Highlight any method that uses more than one factor.
- Name the three authentication factors.
Reveal answer
Something you know, something you have, something you are.
- Why is a fingerprint riskier than a password once leaked?
Reveal answer
You cannot change your fingerprint.
- Give one authentication method for each factor.
Reveal answer
Password (know), phone OTP (have), face unlock (are).
List every login you used today. Beside each, mark which factor(s) were required.