Structured Lists Directory

INI

Authentication Methods - INI

Authentication methods are core security technologies used to verify that users are who they claim to be in digital systems. Various techniques exist including password-based authentication, multi-factor authentication (MFA), biometric authentication, single sign-on (SSO), certificate-based authentication, token-based authentication, and passwordless authentication. In recent years, passkey authentication based on the phishing-resistant FIDO2/WebAuthn standard has rapidly gained adoption, with major tech companies fully committing to passwordless transitions by 2025. The choice of authentication method is based on balancing security level, usability, and implementation costs.

authentication security MFA biometrics SSO passwordless FIDO2 WebAuthn passkey 
[item.password-based]
code=01
slug=password-based
name=Password-Based Authentication
description=The most common authentication method using something the user knows (password).
factorType=Knowledge (Something you know)

[item.multi-factor-authentication]
code=02
slug=multi-factor-authentication
name=Multi-Factor Authentication (MFA)
description=An authentication method that enhances security by combining two or more different authentication factors.
factorType=Combined (Knowledge, Possession, Inherence)

[item.two-factor-authentication]
code=03
slug=two-factor-authentication
name=Two-Factor Authentication (2FA)
description=A specific type of MFA that uses exactly two authentication factors.
factorType=Combined (2 factors)

[item.biometric-authentication]
code=04
slug=biometric-authentication
name=Biometric Authentication
description=Authentication using physical characteristics such as fingerprints, face, or iris patterns.
factorType=Inherence (Something you are)

[item.single-sign-on]
code=05
slug=single-sign-on
name=Single Sign-On (SSO)
description=Authentication allowing access to multiple systems with a single login.
factorType=Protocol/Mechanism

[item.certificate-based-authentication]
code=06
slug=certificate-based-authentication
name=Certificate-Based Authentication
description=High-security authentication using digital certificates and cryptographic techniques.
factorType=Possession (Something you have)

[item.token-based-authentication]
code=07
slug=token-based-authentication
name=Token-Based Authentication
description=Authentication using physical or digital tokens to grant access.
factorType=Possession (Something you have)

[item.passwordless-authentication]
code=08
slug=passwordless-authentication
name=Passwordless Authentication
description=Authentication without passwords using more secure and user-friendly methods.
factorType=Combined (Possession, Inherence)

[item.adaptive-authentication]
code=09
slug=adaptive-authentication
name=Adaptive Authentication
description=Authentication that dynamically adjusts requirements based on risk factors.
factorType=Risk-based

[item.hardware-security-keys]
code=10
slug=hardware-security-keys
name=Hardware Security Keys
description=The most secure authentication method currently available using physical devices.
factorType=Possession (Something you have)

[item.oauth-openid-connect]
code=11
slug=oauth-openid-connect
name=OAuth/OpenID Connect
description=Authentication and authorization protocols using third-party identity providers.
factorType=Protocol