Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key


Play button


Play button




Click to flip

27 Cards in this Set

  • Front
  • Back

Allows entities to prove their identity by using credentials known to another entity


Occurs when a user claims or professes an identity, such as with a username, an email address, a PIV card, or by using biometrics


Occurs when an entity provides proof of an identity (such as a password)


The authenticator that verifies the authentication

A second identity

Provides access to resources based on a proven identity


Five Factors of authentication

- Something you know

- Something you have

- Something you are

- Somewhere you are

- Something you do

Username and password

Example of something you know factor

Smart card, CAC, PIV, or a token

Example of something you have factor

Biometrics, such as fingerprints or retina scans

Example of something you are factor

Location using geolocation technologies

Example of somewhere you are factor

Gestures on a touch screen

Example of something you do factor

Typically refers to a shared secret, such as a password or PIN. This is the least secure form of authentication

Something you know factor

Should be strong and changed often. Strong ones are complex and at least eight characters long.


Automate password recovery

Self-service password systems

Administrators should do this before resetting the user's password

Verify a user's identity

Lock out an account after a user enters an incorrect password too many times

Account lockout policies

Credit card-sized cards that have embedded certificates used for authentication. They require a PKI to issue certificates.

Smart cards

Can be used as photo IDs and as smart cards (both identification and authentication)

Common Access Cards (CACs) and Personal Identity Verification (PIV) cards

Display numbers in an LCD. These numbers provide rolling, one-time use passwords and are synchronized with a server.

Tokens (or key fobs)

Include an embedded chip and a USB connection

USB tokens

Open sources standards used to create one-time-use passwords


Creates a one-time-use password that does not expire


Creates a one-time password that expires after 30 seconds


Most difficult methods to falsify, physical methods include fingerprints, retina scans, iris scans, and palm scans. Methods can also be used for identification.


Includes one or more authentication methods in the same factor, such as a PIN and a password.

Single-factor authentication

Uses two factors of authentication, such as a USB token and a PIN.

Dual-factor (or two-factor) authentication

Uses two or more factors of authentication and is stronger than any form of single-factor authentication

Multifactor authentication