tag:blogger.com,1999:blog-21995415.post1821642269844848361..comments2024-02-01T11:08:01.659-05:00Comments on Matt Flynn: Information Security | Identity & Access Mgmt.: On Multi-factor AuthenticationMatt Flynnhttp://www.blogger.com/profile/09902381553517250020noreply@blogger.comBlogger2125tag:blogger.com,1999:blog-21995415.post-90728490279282861502009-04-02T10:29:00.000-04:002009-04-02T10:29:00.000-04:00I always thought factor to mean type of authentica...I always thought <I>factor</I> to mean <I>type of authentication mechanism</I>. And honestly, I'm wrestling with Luther's original point that two challenges with the same factor may be as secure as two with different factors. It may depend on which factor.<BR><BR>Two tokens can be easily used when the owner isn't around. But two bios (fingerprint/eye) seem pretty secure. As would password + PIN on a purely cryptographic level. <BR><BR><A HREF="http://superconductor.voltage.com/2009/03/multifactor-authentication.html" REL="nofollow">We continued the discussion at his original post</A>.Matt Flynnhttps://www.blogger.com/profile/09902381553517250020noreply@blogger.comtag:blogger.com,1999:blog-21995415.post-12573189726054683952009-04-01T20:41:00.000-04:002009-04-01T20:41:00.000-04:00I also question if this isn't multi factor in shee...I also question if this isn't multi factor in sheep's clothing, if you will. does factor = method or does factor = unique challenge mechanism? because if you have two distinct passwords, aren't those two unique challenges? which would make them two factors. of course, that's all academic, really.Anonymousnoreply@blogger.com