Introduction
Passwords are the most widespread form of user authentication on the web today. Although many password replacement schemes have been proposed, none of them compete with the deploy ability and usability of passwords.
Recently, large service providers, including Google, Facebook, and Microsoft, have deployed an optional 2FA layer as part of their authentication processes to defend against account compromise. Two-factor authentication requires users to present two of the following types of authentication factors:
1. Something they know (traditionally a password)
2. Something they have (such as a phone or hardware token)
3. Something they are (referring to biometrics, such as a fingerprint)
