What Factors Are Used For the User Authentication?

In the context of online security, User Authentication is of high importance. It is the process of confirming or verifying identity of a user over the internet. This process determines whether the individual is who he claims to be or not. For authenticating a user, the login credentials entered are compared to those on file in a database of authorized users’ information within an authentication server. If the credentials match, then the process is completed and the user is considered as an authentic user. Availability, Integrity, Authentication, Confidentiality and Non-repudiation are the five pillars of IA (Information Assurance).

Password-based authentication

Authenticating the users through the combination of just usernames and passwords is known as password-based authentication process. In this form of authentication, authenticity of the users is checked based only on the login credentials entered by them. There is no other factor involved to verify identity of the user. The passwords can be easily compromised by the hackers or intruders using the advanced hacking techniques, therefore password-based authentication is not considered to provide adequately strong security to the online accounts, sensitive data and information.

Authentication factors

The following factors are used for authenticating the users online:

Knowledge factors (something you know) – username, password, PIN, a security question. It is known as 1FA (One Factor Authentication).

Possession factors (something you have) – credit & a debit card, mobile phone. The combination of ‘something you know’ and ‘something you have’ forms 2FA (Two Factor Authentication) or Two Step Verification.

Inherence factors (something you are) – biometrics of the user such as iris, retina, face scan, voice recognition, fingerprint. The combination of ‘something you know’, ‘something you have’ and ‘something you are’ forms 3FA (Three Factor Authentication).

Time and Location factors – user location and current time are considered the fourth factor and fifth factor for authenticating a user.


2FA (Two Factor Authentication) and 3FA (Three Factor Authentication) are becoming common. 4FA and 5FA systems are used in some extremely high-security installations. The use of multiple factors increases security. It is because an attacker can’t access all the elements required in the authentication process. Each additional factor increases the security of the system and decreases the likelihood that it could be breached or compromised.

2FA – It’s Recommended for Every Online Account

Has your online account ever been compromised by hackers? If No, then it’s good from security point of view. But, if the answer is Yes, then you must have learned the importance of a good account security. Being an authentic end user, you have been thinking about how to best protect your online accounts from all sorts of cyberattacks. The simple and best method that provides a better account protection from rapidly increasing malicious activities over the internet is 2FA.

What exactly is 2FA process?

2FA, also referred to as Two Factor Authentication or Two Step Verification, is a security measure used to confirm the identity of an account holder. In fact, it is an extra security step to prevent an individual who is not the user of an account from accessing or transferring funds.

Two Factor Authentication or 2FA, as the name suggests, is implemented using two different factors; secret password and a unique verification code or OTP (One Time Passcode), in the login procedure to verify identity of the user who is logging in to the account. The unique verification code is sent to the registered mobile or any other device of the user, and is valid only for a few seconds. Since it is not likely that an intruder would have access to both your secret password and mobile device, 2FA security method will protect your valuable online account from being compromised.

Possible factors of authentication

Something you know (the knowledge factors) – username, password, PIN, a secret question.

Something you have (the possession factors) – credit/debit card, mobile phone.

Something you are (the inherence factors) – biometric characteristics of the user such as iris, retina, face scan, voice recognition, fingerprint.

In short, 2FA = something you know + something you have.

Final words

2FA is a highly secure method that protects all your sensitive online data, information and accounts from security breaches. It is because with 2FA, the secret password is not the only thing that the hackers or intruders need to gain access to your online account. They also need a unique verification code along with the secret password to complete the second step and access the account successfully. Due to this reason, 2FA is recommended for every online account.