Introduce
常见的用户认证方法有:
- Password
- 2FA/MFA
- OTP (HOTP, TOTP)
- SMS/EMail OTP or Link
- Registered Device Push
- PGP MFA
- FIDO(WebAuthn, Passkey)
- PKI Sign (BTC/ETH …)
- SSH Key Sign (SSH)
- PGP Sign (yum)
- Smart Card
- PIV
- OpenPGP Card
- Encryption with MAC
Digital Identity Guidelines
https://pages.nist.gov/800-63-3/
Document | Title | URL |
---|---|---|
SP 800-63-3 | Digital Identity Guidelines | https://doi.org/10.6028/NIST.SP.800-63-3 |
SP 800-63A | Enrollment and Identity Proofing | https://doi.org/10.6028/NIST.SP.800-63a |
SP 800-63B | Authentication and Lifecycle Management | https://doi.org/10.6028/NIST.SP.800-63b |
SP 800-63C | Federation and Assertions | https://doi.org/10.6028/NIST.SP.800-63c |