2. The Current Crop

In our last article, we took a look at some of the security threats that face the ordinary Joe who is logging into online services today. From that you will have (I hope) received a very succinct impression regarding the state of your personal security as you transact online.

Let us take a look at the types of solutions that are being used on the Internet right now, culminating with a look at 2 Factor Authentication.

Single Factor Authentication Solutions: this is where the password is not ciphered or disguised in a manner that protects it from key loggers/screen scrapers, and social engineering techniques such as phishing. We'll be looking at:

The fully transmitted login password The partially transmitted login password Scramble Pads Virtual Keyboard

2 (Separate) Factor Authentication Solutions: this is where two factors exist to produce unrelated information as sources for the login process. This means that a password or PIN is entered, plus a separate piece of data that is sourced from something other than the computer.

The Bingo Card (Static Grid Card) The TAN list Mobile Phone SMS Password

2 (Combined) Factor Authentication Solutions: this is where the user combines their password and an issued token to produce either a ciphered representation of a password/PIN, or a unique one time password/PIN dispatched through a mobile phone or similar device. In this category we'll be examining:

The Dynamic Grid Card OTP Electronic Token OTP Mobile Phone/PDA OTP

Let us begin at the beginning, with that dreaded login box.