Information Technology Reference
In-Depth Information
Some token-based systems even require a password along with the pin and code from the
token. This is known as two-factor authentication.
Figure 12-10 shows two-factor authentication using a username and password, along with
a token access code.
Connect to
www.cisco.com
The server
www.cisco.com
at CCO requires a username and
password.
Warning: The server is requesting that your username and
password be sent in an insecure manner (basic: authentication
with a secure connection).
User name:
Password:
Remember my password
Access is Granted or Denied
OK
Cancel
Authentication Server
Figure 12-10
Using Tokens
Certificates
Certificates are used to digitally prove your identity or right to access information or serv-
ices. Certificates, also known as digital certificates, bind an identity to a pair of electronic
keys that can be used to encrypt and sign digital information. A digital certificate is
signed and issued by a certification authority (CA) with the CA's private key. A digital cer-
tificate contains the following:
Owner's public key
■
Owner's name
■
Expiration date of the public key
■
Name of the certificate authority
■
Serial number
■
Digital signature of the CA
■
Certificates can be read or written by an application conforming to the X.509 CCITT in-
ternational standard and are typical when deploying Secure Sockets Layer (SSL)-based
server applications.