Today's primary method for permitting access to host computers and other networked or networking devices is the username and password combination. This method, which provides the simplest form of verifying the authenticity of a user trying to access the resource, is known as user authentication. Grand schemes are sometimes developed to authenticate users, but most can be broken down into three primary authentication factors:
This is the simplest and most common form of user authentication. It might be a password, PIN, or secret phrase that only "trusted" users would know.
This would be something a trusted user possesses, such as a secret decoder ring, or a token-generator such as RSA Security's SecurID product.
Lots of new development is occurring here in a field known as biometrics. This involves offering your fingerprint or a scan of your retinas, or looking into a camera, so that your facial features can be scanned and matched against a trusted user facial profile.
Many systems implement two or more of these authentication factors—for instance, the user must know a PIN and possess a security token before access is permitted. This is known as two-factor authentication. ScreenOS provides native username and password authentication, and you can configure it to integrate with external authentication systems running within the network that provide authentication and authorization ...