Using Single-factor Authentication

From Guidance Share
Jump to navigationJump to search


The use of single-factor authentication can lead to unnecessary risk of compromise when compared with the benefits of a dual-factor authentication scheme. Dual-factor authentication includes both a secret you can state (such as a password) and a secret you can carry (such as a harware pin, biometrics, or smartcard).

Applies To

  • Languages: All
  • Operating platform: All


The follow code shows the use of single-factor authentication:

unsigned char *check_passwd(char *plaintext){
if (ctext==secret_password())
// Log me in


  • Authentication: If the secret in a single-factor authentication scheme gets compromised, full authentication is possible.


  • Use of single factor authentication in systems where authentication compromise can have critical consequences.


  • Design: Use multiple independent authentication schemes, which ensures that -- if one of the methods is compromised -- the system itself is still likely safe from compromise.

Vulnerability Patterns

How Tos