Authentication is the digital way to let some user in or not that can be compared with a guard on duty or a door connected to a access control system. The authentication methods are continuously developing and our recommendation is to use a trusted party for this built upon Zero Trust.
There are several methods for a user to be authenticated but here are a few:
- Username & password - This method needs to be changed into a more secure type.
- SMS - There is a possibility to clone a SIM-card and this method needs to be replaced.
- TOTP - Time-based One Time Password generates new codes that adds extra security to the login process.
- Security token - A hardware key such as a Yubikey that adds a second factor to the login experience.
- FIDO - Uses the protocol Webauthn that is associated with a private and public key which is derived from the username and website.
- User certificate - A certificate contains user information and a validity. It's also possible to revoke a certificate if it has been compromised.
- SSO - Single Sign On is a method to harmonized login experience with many accounts. Example SAML, OIDC, OAuth2.
- Biometric - The authentication can add an extra layer with a third factor, such as facial or thumbprint.
- National Identity - BankID (SE), FrejaEID (SE), bankID (NO), FTN (FI)
