Quiz Entry - updated: 2026.07.14
What are the four main authentication mechanisms?
Username/password (something you know), client certificate (cryptographic key), biometric (something you are), and context-based (location/device/time).
| Mechanism | How it works | Strength | Weakness |
|---|---|---|---|
| Username/Password | User proves knowledge of secret | Universal, simple | Phishing, brute force, credential stuffing |
| Client Certificate | Cryptographic proof via mTLS | Very strong, no phishing | Complex deployment, certificate management |
| Biometric | Fingerprint, face, iris scan | Can't be forgotten or shared | Can't be changed if compromised |
| Context-based | Location, device, time of day | Transparent to user | Not sufficient alone, only supplementary |
Tip: No single mechanism is perfect — that's why MFA combines multiple mechanisms from different categories.