Users can authenticate themselves when signing on to systems in many ways. The traditional way is to enter a user name and system-specific password manually. This is time consuming, particularly when there are many systems and people need to sign on and off frequently. It also challenges data security, as remembering passwords and updating them often enough is difficult.

The paradox of data security and usability

The relationship between data security and usability is often said to be paradoxical. This is because higher security comes at the cost of usability and the most usable systems can only be achieved by compromising on data security. However, this does not have to be the case, as a range of technical solutions can bring both data security and usability to a high level.

Multi-factor, strong authentication

Multi-factor authentication (MFA) uses two or more ways to identify a user when logging in to a system or service. MFA uses:

  1. something you know (usually a password)
  2. something you have (e.g., smart card, mobile device or email) and
  3. something you are (a physical attribute, such as a fingerprint).

Multiple stages are used to ascertain that a user is who he or she claims to be.

Strong authentication methods also include for example smart cards, changing passwords and public key infrastructure (PKI) solutions.

Single sign-on (SSO)

The SSO method replaces the usernames and passwords that need to be entered manually. Instead, a smart card or badge are among the SSO methods that can be used. SSO can be turned into strong identification by adding multi-factor or certificate-based identification.

Combining SSO and strong authentication solves the paradox of data security and usability, with the result of high data security and terrific usability.

Single sign-on