O'Reilly logo

Two-Factor Authentication by Mark Stanislav

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CHAPTER 3: UNDERSTANDING THE BASICS

In-band and out-of-band authentication

To understand the current options on the market for two-factor authentication, two key concepts are in-band and out-of-band methods. The choice of how to authenticate is more than just the mechanism (e.g. hardware, software, etc.) but also the medium used to transmit authentication data.

When using a device like a hardware token that generates a one-time password, that value is likely sent through the same transmission channel of authentication as your primary credentials. Imagine, for instance, if you were to log into a web-based email account with your username and password. As part of the authentication process, you would also have to transmit the generated OTP value ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required