Write review about this article with references in APA format
In our world today, one cannot deny the impact that the Internet has on all aspects of our society and security is more thought of today during software designs. Two-factor authentication is mostly based on the concept of something you know, something you have, something you are and where you are.
Two-factor authentication also known as 2FA is one of the greatest means of improving an online security account. Fortunately, most websites have adopted this new security measure and it has become a lot more common on the web today, adding an extra layer of security to our accounts online. Incorporating any of these two methods together will provide a higher level of security to a website or software, making compromise harder.
Using a password in combination with images and games can help strengthen the security of a website but care should be taken when combining authentication types that are not common because of user rejection.
This goes back to the CIA triad where an increase in one could affect the other. Our objective is simply to permit the right amount of security. But more security features will almost always influence the ease of use. To provide a true dependable two-way authentication between humans and computers a CAPTCHA is a wildly accepted method. By combining CAPTCHA with other forms of authentication, true human authentication can be achieved.
A middleperson attack simply is like listening in on a conversation between two systems. When information is sent from a system to a server or website, anyone along the path of that information such as an ISP can be able to intercept that information or even modify it. Detecting a middleperson attack can be very difficult and the best solution is preventing it.
The most common solution is the use of VPNs which provides encryption for your data passing through your ISP. On the down side, if you are using a commercially available or paid VPN service, they too can be able to employ a middleperson attack. The best solution to middleperson attack will be end-to-end encryption.
This method is the best but also not feasible on all websites since we cannot implement encryption on systems we do not own. In the book of Proverbs 25:2 it says, "It is the glory of God to conceal a thing: but the honor of kings is to search out a matter".
References Anderson, R.J. (2008). Security Engineering: A Guide to Building Dependable Distributed Systems (2nd ed.). Hoboken, NJ: Wiley. ISBN: 9780470068526. Two-factor authentication. (2007, October). Database and Network Journal, 37(5), 26.