Glossary

2FA / Two-factor authentication

The process of using a secondary means of identification during a login or user discovery step. Typically, your first authentication system is a username and password, then your second factor of authentication may be a code provided by SMS to a registered phone number, a registered fingerprint, code via email, etc.

Ciphertext

Unreadable output of an encryption algorithm.

Cleartext

Human-readable data that is transmitted or stored unencrypted.

EFF

The Electronic Frontier Foundation. A nonprofit dedicated to protecting user privacy and civil liberties in the digital world.

Entropy

In the context of identity, this concerns the amount of information that is discoverable about users, determining the likelihood that users are who they say they are.

MFA

Multifactor authentication is a means of user identification that requires more than one method of authenication (username and password, SMS code, email code, fingerprint, etc.).

NIST

The National Institute of Standards and Technology, a unit of the US Commerce Department. NIST promotes and maintains measurement standards and maintains active programs for encouraging and assisting industry and science to develop and use these standards.

OWASP

The Open Web Application Security Project is a community that maintains tools, documentation, and guides in the field of web application security, and is considered a forefront standard in the space.

Plain text

Human-readable data that is ...