The present invention relates generally to the field of user authentication, and more particularly to providing second factor authorization using a hardware token device.
A common way to access a restricted website is for a user to sign into the website using credentials such as a username and a password. The username identifies the user while the password is a string of characters, known by the user, that is used for authentication. Since the password is known by the user, a password is considered part of the “knowledge” category of authentication (i.e., something the user knows). Additional categories include “possession” (something that a user has, such as a bank card) and “inherence” (something that a user is, such as a fingerprint of the user).
Two factor authorization (2FA) is a form of multi-factor authorization (MFA). MFA requires a user to submit multiple pieces of evidence to an authentication mechanism prior to being granted access to a computer, a website, etc. In 2FA, two different components are required to confirm the identity of a user before being granted access. A well-known 2FA example is withdrawing money from an automated teller machine (ATM). A user first inserts a bank card into the ATM (first factor—something the user has) and is then prompted to enter a personal identification number or PIN (second factor—something the user knows). Once the two factors are authenticated, the user is able to complete transactions via the ATM.