03. Alternative Authentication Methods

Alternative Authentication Methods

Single Sign-On (SSO)

ND004 C03 L02 A04.1 Alternative Authentication Methods 1

Multi-Factor Authentication

ND004 C03 L02 A04.3 Alternative Authentication Methods 1

Passwordless

ND004 C03 L02 A04.2 Alternative Authentication Methods 1

Biometric Authentication

ND004 C03 L02 A04.4 Alternative Authentication Methods 1

A Friendly Reminder of Risk

ND004 C03 L02 A04.5 Alternative Authentication Methods 1

These alternative methods are not sure proof. As with all systems presented, there are always still risks associated with the method. For example, multi-factor auth has and continues to be thwarted with malicious apps on android which used to be able to read SMS messages. Once this vulnerability was discovered, Google changed the permission system to access these messages. However, the adversaries found a new exploit, by reading the message in the notification bar . By combining these methods, and thinking about the most critical parts of the system, you as the developer can minimize risk - but never truly eliminate it.