What is the 4th factor in 4 factor authentication

The Principle for 3-Factor authentication is

Something you have (like a smartcard) Something you know (like a pin) Something you are (like a fingerprint)

Then what is the 4t开发者_开发技巧h factor. Is it like 4D :)

I don't think 4-factor authentication is a well defined concept - it'd just be called "multi-factor".

Probably somewhere you are! You can only log in if you and device are in a certain location, for example.

THe 4 are something you know (e.g. password), something you have (e.g. card) something you are (biometric), and more recently where you are (location).

Note that one can argue biometric are really something you know (behiavorial like signature) or something you have physical (finger/face) that are simply harder to share/steal. As Mikko points out, non-revocable biometrics are weak because they cannot be cancled, new revocable ones are better.

The new 4th factor, my location, is still controversial, useful when used in conjunction as others since it makes it harder to spoof when I am in say Colorado springs this am, and someone tries to authenticate as me in Nigeria this afternoon.

Four factor authentication is a series of having 4 levels

Level 1. Passwords
Level 2. Smart Cards
Level 3. Bio-metrics
Level 4. GPS