Strong authentication is any method of verifying the identity of a user or device that is intrinsically stringent enough to ensure the security of the system it protects by withstanding any attacks it is likely to encounter.
Strong authentication is a commonly-used term that is largely without a standardized definition. According to the European Central Bank (and the many organizations that follow its guidelines), strong authentication combines at least two mutually-independent factors so that the compromise of one method should not lead to the compromise of the second. Additionally, the authentication method must include one non-reusable element, which cannot easily be reproduced or stolen from the Internet.
The term strong authentication is often used synonymously with two-factor authentication (2FA) or multifactor authentication (MFA). However, that usage is misleading because some types of very secure authentication rely on a single authentication factor.
In some cases, for example, systems using multiple challenge / response answers are considered strong authentication. However, such systems are based on multiple instances of the knowledge factor, rather than multiple independent factors and as such are single-factor authentication (SFA). Similarly, some types of biometric authentication are reliable enough when used alone that they are considered strong authentication.
This was last updated in February 2015
Next Steps
Expert David Strom reviews the benefits and features of Dell Defender multifactor authentication software.
Continue Reading About strong authentication
Related Terms
- What is a unique identifier (UID)?
- A unique identifier (UID) is a numeric or alphanumeric string that is associated with a single entity within a given system.Seecompletedefinition
- What is LDAP (Lightweight Directory Access Protocol)?
- LDAP (Lightweight Directory Access Protocol) is a software protocol used for locating data about organizations, individuals and ...Seecompletedefinition
- What is voice recognition and how does it work?
- Voice or speaker recognition is the ability of a machine or program to receive and interpret dictation or to understand and ...Seecompletedefinition