Authentication Types
There are various types of authentication, and in this section, we are going to look at these, starting with security tokens and devices. Let's first look at biometric controls, followed by identity management using certificates.
Security Tokens and Devices
There are different types of tokens that have different time limits. Let's look at the difference between the Time-Based One-Time Password and the HMAC-Based One-Time Password:
- Time-Based One-Time Password (TOTP): A TOTP requires time synchronization because the password needs to be used in a very short period, normally between 30 and 60 seconds. In the following diagram, we can see the TOTP that has come to a phone. It can also come to a device similar to the RSA Secure ID token. TOTP could be used when you want to access secure cloud storage or your online bank account: