3 Types of Authentication:

  1. Knowledge
  2. Ownership
  3. Inherence

Access Control Steps (IAAAA)

Authentication Schemes

Ranked from Unsecurest → Securest

  1. Basic Authentication
  2. One Time Passwords
  3. Challenge/ Response
  4. Anonymous Key Exchange
  5. Zero-Knowledge Passwords
  6. Server Certificate + User Authentication
  7. Mutual Public Key Authentication

Vulnerability Matrix

image.png

1. Basic Authentication

image.png

2. One Time Password

image.png