Access control is a way of limiting access to a system or to physical or virtual resources.
In access control systems, users must present credentials before they can be granted access. In physical systems, these credentials may come in many forms, but credentials that can't be transferred provide the most security.
For example, a key card may act as an access control and grant the bearer access to a classified area. Because this credential can be transferred or even stolen, it is not a secure way of handling access control.
A more secure method for access control involves two-factor authentication. The person who desires access must show credentials and a second factor to corroborate identity. The second factor could be an access code, a PIN or even a biometric reading.
There are three factors that can be used for authentication:
- Something only known to the user, such as a password or PIN
- Something that is part of the user, such as a fingerprint, retina scan or another biometric measurement.
- Something that belongs to the user, such as a card or a key.