CHAPTER 3: UNDERSTANDING THE BASICS
In-band and out-of-band authentication
To understand the current options on the market for two-factor authentication, two key concepts are in-band and out-of-band methods. The choice of how to authenticate is more than just the mechanism (e.g. hardware, software, etc.) but also the medium used to transmit authentication data.
When using a device like a hardware token that generates a one-time password, that value is likely sent through the same transmission channel of authentication as your primary credentials. Imagine, for instance, if you were to log into a web-based email account with your username and password. As part of the authentication process, you would also have to transmit the generated OTP value ...
Get Two-Factor Authentication now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
