2021년 2월 17일 (수) 08:24에 Pythagoras0님의 편집

2021-02-17T08:24:27Z

Pythagoras0: /* 메타데이터 */ 새 문단

2020-12-26T12:25:42Z

메타데이터: 새 문단

Pythagoras0: /* 노트 */ 새 문단

2020-12-21T08:35:34Z

노트: 새 문단

새 문서

== 노트 ==

===위키데이터===
* ID : [https://www.wikidata.org/wiki/Q7878662 Q7878662]
===말뭉치===
# Users can register themselves for both self-service password reset and Azure AD Multi-Factor Authentication in one step to simplify the on-boarding experience.<ref name="ref_2b1c965d">[https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-mfa-howitworks Azure AD Multi-Factor Authentication overview]</ref>
# Azure AD Multi-Factor Authentication helps safeguard access to data and applications while maintaining simplicity for users.<ref name="ref_2b1c965d" />
# Your applications or services don't need to make any changes to use Azure AD Multi-Factor Authentication.<ref name="ref_2b1c965d" />
# When a user signs in to an application or service and receive an MFA prompt, they can choose from one of their registered forms of additional verification.<ref name="ref_2b1c965d" />
# The goal of MFA is to create a layered defense and make it more difficult for an unauthorized person to access a target such as a physical location, computing device, network or database.<ref name="ref_a13ca3e1">[https://searchsecurity.techtarget.com/definition/multifactor-authentication-MFA What is multifactor authentication (MFA)?]</ref>
# In the past, MFA systems typically relied upon two-factor authentication.<ref name="ref_a13ca3e1" />
# Hardware tokens provide the possession factor for multifactor authentication.<ref name="ref_a13ca3e1" />
# AWS Multi-Factor Authentication (MFA) is a simple best practice that adds an extra layer of protection on top of your user name and password.<ref name="ref_061ec080">[https://aws.amazon.com/iam/features/mfa/ Multi-factor Authentication]</ref>
# You can enable MFA for your AWS account and for individual IAM users you have created under your account.<ref name="ref_061ec080" />
# You can also protect cross-account access using MFA.<ref name="ref_061ec080" />
# The main benefit of MFA is it will enhance your organization's security by requiring your users to identify themselves by more than a username and password.<ref name="ref_2f7f231a">[https://www.onelogin.com/learn/what-is-mfa What is Multi-Factor Authentication (MFA) and How Does it Work?]</ref>
# MFA works by requiring additional verification information (factors).<ref name="ref_2f7f231a" />
# One of the most common MFA factors that users encounter are one-time passwords (OTP).<ref name="ref_2f7f231a" />
# Another subset of MFA is Adaptive Authentication also referred to as Risk-based Authentication.<ref name="ref_2f7f231a" />
# MFA is quite simple, and organizations are focusing more than ever on creating a smooth user experience.<ref name="ref_29684d50">[https://www.nist.gov/itl/applied-cybersecurity/tig/back-basics-multi-factor-authentication Back to basics: Multi-factor authentication (MFA)]</ref>
# MFA, sometimes referred to as two-factor authentication or 2FA, is a security enhancement that allows you to present two pieces of evidence – your credentials – when logging in to an account.<ref name="ref_29684d50" />
# If you’ve turned on MFA or your bank turned it on for you, things will go a little differently.<ref name="ref_29684d50" />
# Most MFA approaches will remember a device.<ref name="ref_29684d50" />
# Learn why your password doesn’t matter, but MFA does.<ref name="ref_e0d59214">[https://www.microsoft.com/en/security/business/identity/mfa Multi-factor authentication (MFA)]</ref>
# Multi-factor authentication (MFA) is defined as a security mechanism that requires an individual to provide two or more credentials in order to authenticate their identity.<ref name="ref_ee347752">[https://securityboulevard.com/2019/10/what-is-multi-factor-authentication-mfa/ What is Multi-Factor Authentication (MFA)?]</ref>
# Using any combination of the examples above is technically MFA, although most implementations leverage two factors, which is why MFA is also known as two-factor authentication (2FA).<ref name="ref_ee347752" />
# MFA works in roughly the same manner for both types.<ref name="ref_ee347752" />
# Many multi-factor authentication techniques rely on password as one factor of authentication.<ref name="ref_ef089d91">[https://en.wikipedia.org/wiki/Multi-factor_authentication Multi-factor authentication]</ref>
# Many multi-factor authentication vendors offer mobile phone-based authentication.<ref name="ref_ef089d91" />
# Many multi-factor authentication products require users to deploy client software to make multi-factor authentication systems work.<ref name="ref_ef089d91" />
# There are drawbacks to multi-factor authentication that are keeping many approaches from becoming widespread.<ref name="ref_ef089d91" />
# The most common example of MFA is the process for using an ATM at a bank.<ref name="ref_3bdd4ef0">[https://www.cisco.com/c/en/us/products/security/what-is-multi-factor-authentication.html What Is Multi-Factor Authentication (MFA)?]</ref>
# MFA requires means of verification that unauthorized users won't have.<ref name="ref_3bdd4ef0" />
# Since passwords are insufficient for verifying identity, MFA requires multiple pieces of evidence to verify identity.<ref name="ref_3bdd4ef0" />
# Proper multi-factor authentication uses factors from at least two different categories.<ref name="ref_3bdd4ef0" />
# Protect yourself by enabling two-factor authentication (2FA).<ref name="ref_a8b31735">[https://authy.com/ Two-factor Authentication (2FA) App & Guides]</ref>
# Enable 2FA now to protect your accounts online.<ref name="ref_a8b31735" />
# In this section, we'll look at some of the vulnerabilities that can occur in multi-factor authentication mechanisms.<ref name="ref_43305c52">[https://portswigger.net/web-security/authentication/multi-factor Vulnerabilities in multi-factor authentication]</ref>
# However, it is increasingly common to see both mandatory and optional two-factor authentication (2FA) based on something you know and something you have.<ref name="ref_43305c52" />
# It is also worth noting that the full benefits of multi-factor authentication are only achieved by verifying multiple different factors.<ref name="ref_43305c52" />
# Email-based 2FA is one such example.<ref name="ref_43305c52" />
# But the sobering reality is that if multi-factor authentication (MFA) is not in place, these other security measures can be bypassed.<ref name="ref_9779d410">[https://techbeacon.com/security/8-reasons-you-should-turn-multi-factor-authentication 8 reasons you should turn to multi-factor authentication]</ref>
# A best practice for IT managers is to categorize their systems to identify the ones that contain access to business-critical data, and then add MFA on top of those.<ref name="ref_9779d410" />
# MFA has low complexity, which makes it an easy addition.<ref name="ref_9779d410" />
# Using MFA, administrators can adapt the level of support needed using contextual information, such as login behavior patterns, geo-location, and type of login system being accessed.<ref name="ref_9779d410" />
# But while those standards are still being adopted, the next best way to secure your accounts is two-factor authentication, or 2FA.<ref name="ref_4a7cb8ea">[https://www.theverge.com/2017/6/17/15772142/how-to-set-up-two-factor-authentication How to set up two-factor authentication on all your online accounts]</ref>
# To activate 2FA on your mobile app, head over to your profile and click the hamburger menu on the upper-right corner.<ref name="ref_4a7cb8ea" />
# To turn on 2FA using the web, log in and head to your profile.<ref name="ref_4a7cb8ea" />
# If you prefer to not use 2FA each time you log in from the same device (say, your personal laptop or phone), you can also set up your trusted devices under the Authorized Logins menu.<ref name="ref_4a7cb8ea" />
# Multi-factor authentication (MFA) provides a method to verify a user's identity by requiring them to provide more than one piece of identifying information.<ref name="ref_76c6f561">[https://auth0.com/docs/mfa Multi-factor Authentication in Auth0]</ref>
# Next, perform any further setup required to configure that factor, then choose whether you wish to force MFA all the time, never, or if Auth0 determines that a login is high risk.<ref name="ref_76c6f561" />
# The multi-factor authentication feature is an enhanced security measure that was implemented throughout our CRA login services.<ref name="ref_dc5a02e5">[https://www.canada.ca/en/revenue-agency/services/e-services/cra-login-services/multi-factor-authentication-access-cra-login-services.html Multi-factor authentication to access CRA login services]</ref>
# When prompted to enroll in the multi-factor authentication service, users will need to provide a cell or landline phone number.<ref name="ref_dc5a02e5" />
# First you will be required to enroll in the multi-factor authentication process.<ref name="ref_dc5a02e5" />
# Currently there is no online option to disable the multi-factor authentication feature.<ref name="ref_dc5a02e5" />
# During one of the intrusions, Volexity researchers noticed the hackers using a novel technique to bypass MFA protections provided by Duo.<ref name="ref_83efc42d">[https://arstechnica.com/information-technology/2020/12/solarwinds-hackers-have-a-clever-way-to-bypass-multi-factor-authentication/ SolarWinds hackers have a clever way to bypass multi-factor authentication]</ref>
# This was unexpected for a few reasons, not least of which was the targeted mailbox was protected by MFA.<ref name="ref_83efc42d" />
# This allowed the attacker with knowledge of a user account and password to then completely bypass the MFA set on the account.<ref name="ref_83efc42d" />
# This event underscores the need to ensure that all secrets associated with key integrations, such as those with an MFA provider, should be changed following a breach.<ref name="ref_83efc42d" />
# You can use MFA with any of the other authentication providers.<ref name="ref_11990496">[https://www.home-assistant.io/docs/authentication/multi-factor-auth/ Multi-factor authentication]</ref>
# The Notify MFA module uses the notify component to send you an HMAC-based One-Time Password.<ref name="ref_11990496" />
# After restarting Home Assistant, go to your profile page and there should be a “Multi-factor Authentication Modules” section.<ref name="ref_11990496" />
# MFA has become a necessary evil.<ref name="ref_5b4624a5">[https://www.trusona.com/multi-factor-authentication-mfa Multi-factor Authentication (MFA) — Trusona]</ref>
# Trusona has engineered a passwordless multi-factor authentication solution which is both more secure and more simple to use.<ref name="ref_5b4624a5" />
# Multi-Factor Authentication (MFA) is the process whereby multiple technologies are used to authenticate the user's identity.<ref name="ref_10664683">[https://www.onespan.com/topics/multi-factor-authentication What is Multi-Factor Authentication (MFA)?]</ref>
# To achieve multi-factor authentication, at least two different technologies from at least two different technology groups must be used for authentication process.<ref name="ref_10664683" />
# As a result, using a PIN coupled with a password would not be considered multi-factor authentication, while using a PIN with facial recognition as a second factor would be.<ref name="ref_10664683" />
# Multi-factor authentication provides increased security over static passwords and single-factor authentication processes.<ref name="ref_10664683" />
# Whether math thrills you or fills you with dread, just know that MFA has nothing to do with high school algebra.<ref name="ref_935dab45">[https://trailhead.salesforce.com/modules/identity_login/units/identity_login_2fa Secure Your Users' Identity Unit]</ref>
# By the way, you may be more familiar with the terms two-factor authentication or 2FA.<ref name="ref_935dab45" />
# You might not have known what it’s called, but you’ve probably already used multi-factor authentication.<ref name="ref_935dab45" />
# , LastPass MFA secures every access point to the business.<ref name="ref_81619d16">[https://www.lastpass.com/products/multifactor-authentication Adaptive Multi-Factor Authentication]</ref>
# Be aware that setting up 2FA can actually break access within some older services.<ref name="ref_6b1ea120">[https://www.pcmag.com/how-to/two-factor-authentication-who-has-it-and-how-to-set-it-up Two-Factor Authentication: Who Has It and How to Set It Up]</ref>
# The following is not an exhaustive list of services with 2FA ability, but we cover the major services everyone tends to use, and walk you through the setup.<ref name="ref_6b1ea120" />
# Look for Security > Two-Factor Authentication and click "Get Started..." You are then furnished with steps on how to set up 2FA for Apple using either iOS or macOS.<ref name="ref_6b1ea120" />
# Dashlane Two-Factor Authentication A password manager favorite, Dashlane also supports 2FA.<ref name="ref_6b1ea120" />
# Two-factor authentication, or multi-factor authentication, simply adds a step to this process.<ref name="ref_59fbf338">[https://www.eiresystems.com/multi-factor-authentication-for-small-business/ Two- and Multi-Factor Authentication for Small Business]</ref>
# Multi-factor authentication makes this information useless without the other authenticators.<ref name="ref_59fbf338" />
# Multi-factor authentication should be included the same way your business uses firewalls, anti-spam and anti-virus.<ref name="ref_59fbf338" />
# Multifactor Authentication is an added layer of security that you can enable within LastPass, and requires a second step before you can gain access to your account.<ref name="ref_fe7fd5a1">[https://support.logmeininc.com/lastpass/help/enable-multifactor-authentication-lp010002 Enable Multifactor Authentication (Users)]</ref>
# Alternatively, you can disable multifactor authentication in your Account Settings.<ref name="ref_fe7fd5a1" />
# It is recommended that you complete the steps for enabling Multifactor Authentication in the Admin Console.<ref name="ref_fe7fd5a1" />
# You will need to register your device(s) to use MFA.<ref name="ref_fde1ff29">[https://www.it.northwestern.edu/security/multi-factor-authentication/ Multi-factor Authentication at Northwestern: Information Technology]</ref>
# Below are the ways you can choose to verify your identify when logging in to MFA-enabled University systems.<ref name="ref_fde1ff29" />
# To help you choose which option fits your situation, see the MFA Notification Comparison.<ref name="ref_fde1ff29" />
# Hardware Token A Duo MFA token a small, battery-powered device that you can attach to a keychain.<ref name="ref_fde1ff29" />
# As these incidents become more prevalent, you should consider using multi-factor authentication, which is often also called strong authentication, or two-factor authentication.<ref name="ref_fb995541">[https://www.cisecurity.org/newsletter/securing-online-accounts-with-multi-factor-authentication/ Securing Online Accounts with Multi-factor Authentication]</ref>
# Multi-factor authentication (MFA) is defined as a security process that requires more than one method of authentication from independent sources to verify the user’s identity.<ref name="ref_fb995541" />
# MFA should be used to add an additional layer of security around sites containing sensitive information, or whenever enhanced security is desirable.<ref name="ref_fb995541" />
# MFA makes it more difficult for unauthorized people to log in as the account holder.<ref name="ref_fb995541" />
# However, “Multi-Factor Authentication” or “MFA” requires more than just a username or password to unlock.<ref name="ref_f438a881">[https://konfirmi.com/blog/multi-factor-authentication-mfa-benefits/ Understanding Multi Factor Authentication (MFA) And Its Benefits]</ref>
# Multi-factor authentication (MFA) is the name for an authentication method that relies on more than one factor when determining whether to grant access to a computer user.<ref name="ref_45810a56">[https://curity.io/resources/architect/mfa/introduction-to-mfa/ Introduction to Multi-Factor Authentication]</ref>
# Consequently, even in the consumer world, there has been a growing push toward Two-factor Authentication (2FA), also sometimes called Two-step Verification or Two-step Authentication.<ref name="ref_45810a56" />
# A basic principle of good MFA practice is to vary the categories of factors involved.<ref name="ref_45810a56" />
# Multifactor authentication basically means that you use more than a password to authenticate yourself to a computer system.<ref name="ref_838be8e0">[https://www.sciencedirect.com/topics/computer-science/multifactor-authentication Multifactor Authentication - an overview]</ref>
# Multifactor authentication (MFA), or Two-Factor Authentication (2FA) is when a user is required to present more than one type of evidence in order to authenticate on a system.<ref name="ref_1a5ff0ec">[https://cheatsheetseries.owasp.org/cheatsheets/Multifactor_Authentication_Cheat_Sheet.html Multifactor Authentication]</ref>
# Additionally, while the following sections discuss the disadvantage and weaknesses of various different types of MFA, in many cases these are only relevant against targeted attacks.<ref name="ref_1a5ff0ec" />
# The biggest disadvantage of MFA is the increase in management complexity for both administrators and end users.<ref name="ref_1a5ff0ec" />
# Many less technical users may find it difficult to configure and use MFA.<ref name="ref_1a5ff0ec" />
# Marshall University has implemented a new Multi-Factor Authentication (MFA) system that is required for all active accountholders.<ref name="ref_e020b4e8">[https://www.marshall.edu/it/mfa/ Multi-Factor Authentication -]</ref>
# PS: This shouldn't mean that users should disable SMS or voice-based MFA for their accounts.<ref name="ref_498dfcee">[https://www.zdnet.com/article/microsoft-urges-users-to-stop-using-phone-based-multi-factor-authentication/ Microsoft urges users to stop using phone-based multi-factor authentication]</ref>
===소스===
<references />

@@ 103번째 줄: / 103번째 줄: @@
   <references />
-== 메타데이터 ==
+==메타데이터==
 ===위키데이터===
 * ID :  [https://www.wikidata.org/wiki/Q7878662 Q7878662]

← 이전 판		2020년 12월 26일 (토) 12:25 판
102번째 줄:		102번째 줄:
	===소스===		===소스===
	<references />		<references />
		+
		+	== 메타데이터 ==
		+
		+	===위키데이터===
		+	* ID : [https://www.wikidata.org/wiki/Q7878662 Q7878662]

다요소 인증 - 편집 역사

2021년 2월 17일 (수) 08:24에 Pythagoras0님의 편집

Pythagoras0: /* 메타데이터 */ 새 문단

Pythagoras0: /* 노트 */ 새 문단