Authentication Factors

Factor

Benefits

Weaknesses

Examples

Something you know: Password

Cheap to implement, portable

Sniffing attacks

Can't detect sniffing attacks

Passwords are either easy to guess or hard to remember

Cost of handling forgotten passwords

Password, PIN, Safe combination

Something you have: Token

Hardest to abuse

Expensive

Can be lost or stolen

Risk of hardware failure

Not always portable

Token, Smart card, Secret data embedded in a file or device, Mechanical key

Something you are: Biometric

Easiest to authenticate with, portable

Expensive

Replay threats

Privacy risks

Characteristic can't be changed

False rejection of legitimate users

Characteristic can be injured

Fingerprint, Hand, Face, Iris, Voice, Hand Vein, recognition