T\u1ea1i sao n\u00ean s\u1eed d\u1ee5ng Authentication?<\/figcaption><\/figure>\nNg\u0103n ch\u1eb7n gian l\u1eadn<\/strong>: Authentication gi\u00fap ng\u0103n ch\u1eb7n c\u00e1c h\u00e0nh vi gian l\u1eadn v\u00e0 truy c\u1eadp tr\u00e1i ph\u00e9p, b\u1ea3o v\u1ec7 t\u00e0i s\u1ea3n v\u00e0 d\u1eef li\u1ec7u c\u1ee7a t\u1ed5 ch\u1ee9c kh\u1ecfi c\u00e1c m\u1ed1i \u0111e d\u1ecda t\u1eeb b\u00ean ngo\u00e0i.<\/p>\nTu\u00e2n th\u1ee7 quy \u0111\u1ecbnh<\/strong>: Nhi\u1ec1u ng\u00e0nh c\u00f4ng nghi\u1ec7p y\u00eau c\u1ea7u tu\u00e2n th\u1ee7 c\u00e1c quy \u0111\u1ecbnh b\u1ea3o m\u1eadt nghi\u00eam ng\u1eb7t\u00a0nh\u01b0 GDPR ho\u1eb7c HIPAA, v\u00e0 authentication \u0111\u00f3ng vai tr\u00f2 ch\u00ednh trong vi\u1ec7c tu\u00e2n th\u1ee7 c\u00e1c quy \u0111\u1ecbnh n\u00e0y.<\/p>\nC\u1ea3i thi\u1ec7n tr\u1ea3i nghi\u1ec7m ng\u01b0\u1eddi d\u00f9ng<\/strong>: C\u00e1c ph\u01b0\u01a1ng ph\u00e1p x\u00e1c th\u1ef1c hi\u1ec7n \u0111\u1ea1i, nh\u01b0 x\u00e1c th\u1ef1c \u0111a y\u1ebfu t\u1ed1 (MFA), kh\u00f4ng ch\u1ec9 cung c\u1ea5p b\u1ea3o m\u1eadt cao h\u01a1n m\u00e0 c\u00f2n c\u00f3 th\u1ec3 c\u1ea3i thi\u1ec7n tr\u1ea3i nghi\u1ec7m ng\u01b0\u1eddi d\u00f9ng b\u1eb1ng c\u00e1ch gi\u1ea3m thi\u1ec3u r\u1ee7i ro v\u00e0 t\u0103ng c\u01b0\u1eddng s\u1ef1 tin t\u01b0\u1edfng v\u00e0o h\u1ec7 th\u1ed1ng.<\/p>\nD\u1ec5 d\u00e0ng t\u00edch h\u1ee3p<\/strong>: C\u00e1c ph\u01b0\u01a1ng ph\u00e1p x\u00e1c th\u1ef1c c\u00f3 th\u1ec3 d\u1ec5 d\u00e0ng t\u00edch h\u1ee3p v\u1edbi c\u00e1c h\u1ec7 th\u1ed1ng kh\u00e1c, nh\u01b0 qu\u1ea3n l\u00fd danh t\u00ednh v\u00e0 quy\u1ec1n truy c\u1eadp (IAM), gi\u00fap t\u1ed1i \u01b0u h\u00f3a quy tr\u00ecnh b\u1ea3o m\u1eadt t\u1ed5ng th\u1ec3.<\/p>\nS\u1eed d\u1ee5ng authentication l\u00e0 m\u1ed9t y\u1ebfu t\u1ed1 thi\u1ebft y\u1ebfu trong vi\u1ec7c b\u1ea3o v\u1ec7 d\u1eef li\u1ec7u v\u00e0 t\u00e0i s\u1ea3n c\u1ee7a t\u1ed5 ch\u1ee9c, \u0111\u1ed3ng th\u1eddi c\u1ea3i thi\u1ec7n qu\u1ea3n l\u00fd quy\u1ec1n truy c\u1eadp v\u00e0 tu\u00e2n th\u1ee7 quy \u0111\u1ecbnh. Vi\u1ec7c tri\u1ec3n khai c\u00e1c ph\u01b0\u01a1ng ph\u00e1p x\u00e1c th\u1ef1c hi\u1ec7u qu\u1ea3 gi\u00fap t\u0103ng c\u01b0\u1eddng b\u1ea3o m\u1eadt v\u00e0 t\u1ea1o ra m\u1ed9t m\u00f4i tr\u01b0\u1eddng an to\u00e0n cho ng\u01b0\u1eddi d\u00f9ng.<\/p>\n
<\/span>6 ph\u01b0\u01a1ng ph\u00e1p x\u00e1c th\u1ef1c Authentication ph\u1ed5 bi\u1ebfn<\/span><\/h2>\n\u0110\u1ec3 b\u1ea3o v\u1ec7 d\u1eef li\u1ec7u v\u00e0 h\u1ec7 th\u1ed1ng kh\u1ecfi c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng m\u1ea1ng, vi\u1ec7c s\u1eed d\u1ee5ng c\u00e1c ph\u01b0\u01a1ng ph\u00e1p x\u00e1c th\u1ef1c l\u00e0 r\u1ea5t quan tr\u1ecdng. D\u01b0\u1edbi \u0111\u00e2y l\u00e0 6 ph\u01b0\u01a1ng ph\u00e1p x\u00e1c th\u1ef1c ph\u1ed5 bi\u1ebfn hi\u1ec7n nay:<\/p>\n
<\/span>X\u00e1c th\u1ef1c \u0111\u01a1n y\u1ebfu t\u1ed1 (SFA \u2013 Single-Factor Authentication)<\/span><\/h3>\nX\u00e1c th\u1ef1c \u0111\u01a1n y\u1ebfu t\u1ed1 (SFA) l\u00e0 ph\u01b0\u01a1ng ph\u00e1p x\u00e1c th\u1ef1c \u0111\u01a1n gi\u1ea3n nh\u1ea5t v\u00e0 l\u00e2u \u0111\u1eddi nh\u1ea5t, ch\u1ec9 y\u00eau c\u1ea7u ng\u01b0\u1eddi d\u00f9ng cung c\u1ea5p m\u1ed9t y\u1ebfu t\u1ed1 \u0111\u1ec3 x\u00e1c nh\u1eadn danh t\u00ednh. Th\u00f4ng th\u01b0\u1eddng, y\u1ebfu t\u1ed1 n\u00e0y l\u00e0 m\u1eadt kh\u1ea9u ho\u1eb7c PIN. \u0110\u00e2y l\u00e0 ph\u01b0\u01a1ng ph\u00e1p b\u1ea3o m\u1eadt c\u01a1 b\u1ea3n nh\u1ea5t v\u00e0 d\u1ec5 b\u1ecb t\u1ea5n c\u00f4ng, \u0111\u1eb7c bi\u1ec7t n\u1ebfu m\u1eadt kh\u1ea9u b\u1ecb \u0111\u00e1nh c\u1eafp ho\u1eb7c \u0111o\u00e1n \u0111\u01b0\u1ee3c.<\/p>\n![\"X\u00e1c](\"https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2024\/09\/Xac-thuc-don-yeu-to-SFA-\u2013-Single-Factor-Authentication.png\" "\\"\\"")
X\u00e1c th\u1ef1c \u0111\u01a1n y\u1ebfu t\u1ed1 (SFA \u2013 Single-Factor Authentication)<\/figcaption><\/figure>\n\u0110\u1eb7c \u0111i\u1ec3m ch\u00ednh c\u1ee7a ph\u01b0\u01a1ng ph\u00e1p x\u00e1c th\u1ef1c SFA:<\/p>\n
\n- D\u1ec5 s\u1eed d\u1ee5ng<\/strong>: Ng\u01b0\u1eddi d\u00f9ng ch\u1ec9 c\u1ea7n nh\u1edb m\u1ed9t m\u1eadt kh\u1ea9u ho\u1eb7c m\u00e3 PIN.<\/li>\n
- T\u00ednh b\u1ea3o m\u1eadt th\u1ea5p<\/strong>: N\u1ebfu m\u1eadt kh\u1ea9u b\u1ecb l\u1ed9 ho\u1eb7c b\u1ecb t\u1ea5n c\u00f4ng b\u1eb1ng ph\u01b0\u01a1ng ph\u00e1p brute force, h\u1ec7 th\u1ed1ng s\u1ebd d\u1ec5 d\u00e0ng b\u1ecb x\u00e2m nh\u1eadp.<\/li>\n
- Ph\u00f9 h\u1ee3p<\/strong>: Th\u01b0\u1eddng \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng cho c\u00e1c h\u1ec7 th\u1ed1ng kh\u00f4ng y\u00eau c\u1ea7u b\u1ea3o m\u1eadt cao nh\u01b0 t\u00e0i kho\u1ea3n c\u00e1 nh\u00e2n kh\u00f4ng quan tr\u1ecdng.<\/li>\n<\/ul>\n
<\/span>X\u00e1c th\u1ef1c hai y\u1ebfu t\u1ed1 (2FA \u2013 Two-Factor Authentication)<\/span><\/h3>\nX\u00e1c th\u1ef1c hai y\u1ebfu t\u1ed1 (2FA) y\u00eau c\u1ea7u ng\u01b0\u1eddi d\u00f9ng ph\u1ea3i cung c\u1ea5p hai y\u1ebfu t\u1ed1 kh\u00e1c nhau \u0111\u1ec3 x\u00e1c th\u1ef1c danh t\u00ednh. \u0110i\u1ec1u n\u00e0y th\u01b0\u1eddng bao g\u1ed3m: m\u1eadt kh\u1ea9u (y\u1ebfu t\u1ed1 th\u1ee9 nh\u1ea5t – th\u1ee9 b\u1ea1n bi\u1ebft), m\u00e3 OTP g\u1eedi qua SMS, email, ho\u1eb7c \u1ee9ng d\u1ee5ng x\u00e1c th\u1ef1c (y\u1ebfu t\u1ed1 th\u1ee9 hai – th\u1ee9 b\u1ea1n c\u00f3).<\/p>\n
V\u1edbi 2FA, ngay c\u1ea3 khi m\u1eadt kh\u1ea9u b\u1ecb l\u1ed9, hacker c\u0169ng kh\u00f4ng th\u1ec3 truy c\u1eadp v\u00e0o t\u00e0i kho\u1ea3n c\u1ee7a b\u1ea1n m\u00e0 kh\u00f4ng c\u00f3 y\u1ebfu t\u1ed1 x\u00e1c th\u1ef1c th\u1ee9 hai, v\u00ed d\u1ee5 nh\u01b0 m\u00e3 OTP.<\/p>\n
\u0110\u1eb7c \u0111i\u1ec3m ch\u00ednh c\u1ee7a ph\u01b0\u01a1ng ph\u00e1p x\u00e1c th\u1ef1c 2FA:<\/p>\n
\n- B\u1ea3o m\u1eadt cao h\u01a1n SFA<\/strong>: Kh\u1ea3 n\u0103ng b\u1ecb x\u00e2m nh\u1eadp th\u1ea5p h\u01a1n nhi\u1ec1u v\u00ec hacker ph\u1ea3i v\u01b0\u1ee3t qua hai l\u1edbp b\u1ea3o m\u1eadt.<\/li>\n
- D\u1ec5 s\u1eed d\u1ee5ng<\/strong>: M\u1eb7c d\u00f9 ng\u01b0\u1eddi d\u00f9ng ph\u1ea3i th\u1ef1c hi\u1ec7n th\u00eam m\u1ed9t b\u01b0\u1edbc (nh\u1eadp m\u00e3 OTP), nh\u01b0ng ph\u01b0\u01a1ng ph\u00e1p n\u00e0y \u0111\u01b0\u1ee3c \u0111\u00e1nh gi\u00e1 l\u00e0 h\u1ee3p l\u00fd v\u00e0 ti\u1ec7n l\u1ee3i.<\/li>\n
- Ph\u00f9 h\u1ee3p<\/strong>: S\u1eed d\u1ee5ng cho c\u00e1c d\u1ecbch v\u1ee5 y\u00eau c\u1ea7u b\u1ea3o m\u1eadt cao nh\u01b0 t\u00e0i kho\u1ea3n ng\u00e2n h\u00e0ng, email c\u00f4ng vi\u1ec7c, ho\u1eb7c h\u1ec7 th\u1ed1ng doanh nghi\u1ec7p.<\/li>\n<\/ul>\n
<\/span>X\u00e1c th\u1ef1c \u0111a y\u1ebfu t\u1ed1 (MFA – Multi-Factor Authentication)<\/span><\/h3>\nX\u00e1c th\u1ef1c \u0111a y\u1ebfu t\u1ed1 (MFA – Multi-Factor Authentication) n\u00e2ng cao th\u00eam m\u1ed9t b\u01b0\u1edbc n\u1eefa b\u1eb1ng c\u00e1ch y\u00eau c\u1ea7u ba y\u1ebfu t\u1ed1 x\u00e1c th\u1ef1c kh\u00e1c nhau. Ba y\u1ebfu t\u1ed1 n\u00e0y bao g\u1ed3m: m\u1eadt kh\u1ea9u (th\u1ee9 b\u1ea1n bi\u1ebft), thi\u1ebft b\u1ecb x\u00e1c th\u1ef1c nh\u01b0 \u0111i\u1ec7n tho\u1ea1i ho\u1eb7c token (th\u1ee9 b\u1ea1n c\u00f3) v\u00e0 y\u1ebfu t\u1ed1 sinh tr\u1eafc h\u1ecdc nh\u01b0 d\u1ea5u v\u00e2n tay ho\u1eb7c nh\u1eadn di\u1ec7n khu\u00f4n m\u1eb7t (th\u1ee9 thu\u1ed9c v\u1ec1 b\u1ea1n).<\/p>\n![\"X\u00e1c](\"https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2024\/09\/Xac-thuc-da-yeu-to-MFA-Multi-Factor-Authentication.png\" "\\"\\"")
X\u00e1c th\u1ef1c \u0111a y\u1ebfu t\u1ed1 (MFA – Multi-Factor Authentication)<\/figcaption><\/figure>\n\u0110\u1eb7c \u0111i\u1ec3m ch\u00ednh c\u1ee7a ph\u01b0\u01a1ng ph\u00e1p x\u00e1c th\u1ef1c \u0111a y\u1ebfu t\u1ed1 MFA:<\/p>\n
\n- T\u0103ng c\u01b0\u1eddng b\u1ea3o m\u1eadt<\/strong>: MFA l\u00e0m gi\u1ea3m \u0111\u00e1ng k\u1ec3 r\u1ee7i ro b\u1ecb t\u1ea5n c\u00f4ng b\u1eb1ng c\u00e1ch t\u0103ng s\u1ed1 l\u01b0\u1ee3ng c\u00e1c r\u00e0o c\u1ea3n m\u00e0 hacker ph\u1ea3i v\u01b0\u1ee3t qua.<\/li>\n
- Kh\u00f3 b\u1ecb t\u1ea5n c\u00f4ng<\/strong>: Ngay c\u1ea3 khi m\u1eadt kh\u1ea9u b\u1ecb l\u1ed9, hacker v\u1eabn c\u1ea7n c\u00f3 th\u00eam c\u00e1c y\u1ebfu t\u1ed1 x\u00e1c th\u1ef1c kh\u00e1c \u0111\u1ec3 truy c\u1eadp v\u00e0o t\u00e0i kho\u1ea3n.<\/li>\n
- Linh ho\u1ea1t<\/strong>: MFA cho ph\u00e9p k\u1ebft h\u1ee3p nhi\u1ec1u y\u1ebfu t\u1ed1 x\u00e1c th\u1ef1c kh\u00e1c nhau \u0111\u1ec3 ph\u00f9 h\u1ee3p v\u1edbi nhu c\u1ea7u b\u1ea3o m\u1eadt c\u1ee7a t\u1eebng h\u1ec7 th\u1ed1ng.<\/li>\n<\/ul>\n
Hi\u1ec7n nay, MFA (X\u00e1c th\u1ef1c \u0111a y\u1ebfu t\u1ed1) c\u0169ng \u0111\u00e3 tr\u1edf th\u00e0nh ph\u01b0\u01a1ng ph\u00e1p x\u00e1c th\u1ef1c \u0111\u01b0\u1ee3c khuy\u1ebfn ngh\u1ecb v\u00e0 ph\u1ed5 bi\u1ebfn nh\u1ea5t nh\u1edd v\u00e0o m\u1ee9c \u0111\u1ed9 b\u1ea3o m\u1eadt v\u01b0\u1ee3t tr\u1ed9i m\u00e0 n\u00f3 mang l\u1ea1i. MFA y\u00eau c\u1ea7u ng\u01b0\u1eddi d\u00f9ng cung c\u1ea5p t\u1eeb hai y\u1ebfu t\u1ed1 tr\u1edf l\u00ean \u0111\u1ec3 x\u00e1c th\u1ef1c, th\u01b0\u1eddng k\u1ebft h\u1ee3p gi\u1eefa m\u1eadt kh\u1ea9u, m\u00e3 OTP, v\u00e0 d\u1eef li\u1ec7u sinh tr\u1eafc h\u1ecdc.<\/p>\n
X\u00e1c th\u1ef1c MFA gi\u00fap gi\u1ea3m thi\u1ec3u \u0111\u00e1ng k\u1ec3 r\u1ee7i ro b\u1ecb x\u00e2m nh\u1eadp tr\u00e1i ph\u00e9p ngay c\u1ea3 khi m\u1ed9t y\u1ebfu t\u1ed1 b\u1ea3o m\u1eadt b\u1ecb l\u1ed9. V\u1edbi s\u1ef1 gia t\u0103ng c\u1ee7a c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng m\u1ea1ng, nhi\u1ec1u t\u1ed5 ch\u1ee9c l\u1edbn, bao g\u1ed3m c\u1ea3 Google v\u00e0 c\u00e1c n\u1ec1n t\u1ea3ng c\u00f4ng ngh\u1ec7 h\u00e0ng \u0111\u1ea7u, \u0111\u1ec1u khuy\u1ebfn kh\u00edch s\u1eed d\u1ee5ng MFA \u0111\u1ec3 b\u1ea3o v\u1ec7 t\u00e0i kho\u1ea3n v\u00e0 d\u1eef li\u1ec7u c\u00e1 nh\u00e2n m\u1ed9t c\u00e1ch t\u1ed1i \u01b0u.<\/p>\n
<\/span>X\u00e1c th\u1ef1c \u0111\u0103ng nh\u1eadp m\u1ed9t l\u1ea7n (SSO – Single Sign-On Authentication)<\/span><\/h3>\nSingle Sign-On (SSO) cho ph\u00e9p ng\u01b0\u1eddi d\u00f9ng ch\u1ec9 c\u1ea7n \u0111\u0103ng nh\u1eadp m\u1ed9t l\u1ea7n \u0111\u1ec3 truy c\u1eadp nhi\u1ec1u \u1ee9ng d\u1ee5ng ho\u1eb7c h\u1ec7 th\u1ed1ng kh\u00e1c nhau. \u0110i\u1ec1u n\u00e0y gi\u00fap ng\u01b0\u1eddi d\u00f9ng kh\u00f4ng c\u1ea7n ph\u1ea3i \u0111\u0103ng nh\u1eadp nhi\u1ec1u l\u1ea7n cho c\u00e1c d\u1ecbch v\u1ee5 li\u00ean quan, ti\u1ebft ki\u1ec7m th\u1eddi gian v\u00e0 n\u00e2ng cao tr\u1ea3i nghi\u1ec7m ng\u01b0\u1eddi d\u00f9ng.<\/p>\n
V\u00ed d\u1ee5<\/strong>: Khi b\u1ea1n \u0111\u0103ng nh\u1eadp v\u00e0o t\u00e0i kho\u1ea3n Google, b\u1ea1n c\u00f3 th\u1ec3 truy c\u1eadp Gmail, YouTube, Google Drive m\u00e0 kh\u00f4ng c\u1ea7n ph\u1ea3i \u0111\u0103ng nh\u1eadp l\u1ea1i.<\/p>\n\u0110\u1eb7c \u0111i\u1ec3m ch\u00ednh c\u1ee7a ph\u01b0\u01a1ng ph\u00e1p x\u00e1c th\u1ef1c SSO:<\/p>\n
\n- Ti\u1ec7n l\u1ee3i<\/strong>: Ng\u01b0\u1eddi d\u00f9ng ch\u1ec9 c\u1ea7n nh\u1edb m\u1ed9t l\u1ea7n \u0111\u0103ng nh\u1eadp duy nh\u1ea5t.<\/li>\n
- T\u0103ng hi\u1ec7u su\u1ea5t<\/strong>: Gi\u1ea3m thi\u1ec3u vi\u1ec7c ph\u1ea3i \u0111\u0103ng nh\u1eadp nhi\u1ec1u l\u1ea7n, gi\u00fap ng\u01b0\u1eddi d\u00f9ng truy c\u1eadp nhanh h\u01a1n.<\/li>\n
- Ph\u00f9 h\u1ee3p<\/strong>: Ph\u1ed5 bi\u1ebfn trong c\u00e1c m\u00f4i tr\u01b0\u1eddng doanh nghi\u1ec7p l\u1edbn v\u1edbi nhi\u1ec1u \u1ee9ng d\u1ee5ng li\u00ean k\u1ebft v\u1edbi nhau.<\/li>\n<\/ul>\n
<\/span>M\u1eadt kh\u1ea9u d\u00f9ng m\u1ed9t l\u1ea7n (OTP \u2013 One-Time Password)<\/span><\/h3>\nM\u1eadt kh\u1ea9u d\u00f9ng m\u1ed9t l\u1ea7n (OTP) l\u00e0 m\u1ed9t m\u00e3 x\u00e1c th\u1ef1c ch\u1ec9 c\u00f3 th\u1ec3 s\u1eed d\u1ee5ng m\u1ed9t l\u1ea7n v\u00e0 th\u01b0\u1eddng \u0111\u01b0\u1ee3c g\u1eedi t\u1edbi ng\u01b0\u1eddi d\u00f9ng qua email, SMS, ho\u1eb7c \u1ee9ng d\u1ee5ng x\u00e1c th\u1ef1c. M\u00e3 OTP th\u01b0\u1eddng c\u00f3 th\u1eddi h\u1ea1n s\u1eed d\u1ee5ng ng\u1eafn (th\u01b0\u1eddng t\u1eeb 30 gi\u00e2y \u0111\u1ebfn v\u00e0i ph\u00fat), sau \u0111\u00f3 s\u1ebd h\u1ebft hi\u1ec7u l\u1ef1c v\u00e0 kh\u00f4ng th\u1ec3 s\u1eed d\u1ee5ng l\u1ea1i.<\/p>\n![\"M\u1eadt](\"https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2024\/09\/Mat-khau-dung-mot-lan-OTP-\u2013-One-Time-Password.jpg\" "\\"\\"")
M\u1eadt kh\u1ea9u d\u00f9ng m\u1ed9t l\u1ea7n (OTP \u2013 One-Time Password)<\/figcaption><\/figure>\nOTP th\u01b0\u1eddng \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng trong x\u00e1c th\u1ef1c hai y\u1ebfu t\u1ed1 ho\u1eb7c \u0111\u1ec3 t\u0103ng c\u01b0\u1eddng b\u1ea3o m\u1eadt khi ng\u01b0\u1eddi d\u00f9ng truy c\u1eadp t\u1eeb m\u1ed9t thi\u1ebft b\u1ecb l\u1ea1 ho\u1eb7c t\u1eeb m\u1ed9t v\u1ecb tr\u00ed b\u1ea5t th\u01b0\u1eddng.<\/p>\n
\u0110\u1eb7c \u0111i\u1ec3m ch\u00ednh c\u1ee7a ph\u01b0\u01a1ng ph\u00e1p x\u00e1c th\u1ef1c OTP:<\/p>\n
\n- B\u1ea3o m\u1eadt cao<\/strong>: M\u00e3 OTP ch\u1ec9 c\u00f3 th\u1ec3 s\u1eed d\u1ee5ng m\u1ed9t l\u1ea7n v\u00e0 c\u00f3 th\u1eddi gian h\u1ebft h\u1ea1n, gi\u1ea3m nguy c\u01a1 b\u1ecb t\u1ea5n c\u00f4ng.<\/li>\n
- D\u1ec5 s\u1eed d\u1ee5ng<\/strong>: M\u00e3 OTP \u0111\u01b0\u1ee3c g\u1eedi tr\u1ef1c ti\u1ebfp t\u1edbi ng\u01b0\u1eddi d\u00f9ng, kh\u00f4ng c\u1ea7n nh\u1edb hay l\u01b0u tr\u1eef.<\/li>\n
- Ph\u00f9 h\u1ee3p<\/strong>: \u0110\u01b0\u1ee3c s\u1eed d\u1ee5ng r\u1ed9ng r\u00e3i trong c\u00e1c h\u1ec7 th\u1ed1ng ng\u00e2n h\u00e0ng, d\u1ecbch v\u1ee5 email, v\u00e0 c\u00e1c d\u1ecbch v\u1ee5 y\u00eau c\u1ea7u x\u00e1c th\u1ef1c b\u1ed5 sung khi truy c\u1eadp t\u1eeb thi\u1ebft b\u1ecb m\u1edbi.<\/li>\n<\/ul>\n
<\/span>Sinh tr\u1eafc h\u1ecdc<\/span><\/h3>\nX\u00e1c th\u1ef1c sinh tr\u1eafc h\u1ecdc s\u1eed d\u1ee5ng c\u00e1c y\u1ebfu t\u1ed1 sinh h\u1ecdc \u0111\u1ed9c nh\u1ea5t c\u1ee7a m\u1ed7i c\u00e1 nh\u00e2n, ch\u1eb3ng h\u1ea1n nh\u01b0 d\u1ea5u v\u00e2n tay, nh\u1eadn di\u1ec7n khu\u00f4n m\u1eb7t, ho\u1eb7c qu\u00e9t v\u00f5ng m\u1ea1c, \u0111\u1ec3 x\u00e1c th\u1ef1c danh t\u00ednh. Ph\u01b0\u01a1ng ph\u00e1p n\u00e0y mang l\u1ea1i t\u00ednh b\u1ea3o m\u1eadt cao v\u00e0 ti\u1ec7n l\u1ee3i v\u00ec c\u00e1c y\u1ebfu t\u1ed1 sinh h\u1ecdc r\u1ea5t kh\u00f3 b\u1ecb sao ch\u00e9p.<\/p>\n![\"X\u00e1c](\"https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2024\/09\/Xac-thuc-sinh-trac-hoc.webp\" "\\"\\"")
X\u00e1c th\u1ef1c sinh tr\u1eafc h\u1ecdc<\/figcaption><\/figure>\nSinh tr\u1eafc h\u1ecdc ng\u00e0y c\u00e0ng tr\u1edf n\u00ean ph\u1ed5 bi\u1ebfn v\u00e0 \u0111\u01b0\u1ee3c t\u00edch h\u1ee3p trong nhi\u1ec1u thi\u1ebft b\u1ecb hi\u1ec7n \u0111\u1ea1i nh\u01b0 \u0111i\u1ec7n tho\u1ea1i th\u00f4ng minh, m\u00e1y t\u00ednh b\u1ea3ng, v\u00e0 c\u00e1c h\u1ec7 th\u1ed1ng b\u1ea3o m\u1eadt c\u1ee7a doanh nghi\u1ec7p.<\/p>\n
\u0110\u1eb7c \u0111i\u1ec3m ch\u00ednh c\u1ee7a ph\u01b0\u01a1ng ph\u00e1p sinh tr\u1eafc h\u1ecdc:<\/p>\n
\n- B\u1ea3o m\u1eadt r\u1ea5t cao<\/strong>: Sinh tr\u1eafc h\u1ecdc l\u00e0 y\u1ebfu t\u1ed1 duy nh\u1ea5t v\u00e0 kh\u00f4ng th\u1ec3 sao ch\u00e9p d\u1ec5 d\u00e0ng.<\/li>\n
- Ti\u1ec7n l\u1ee3i<\/strong>: Ng\u01b0\u1eddi d\u00f9ng kh\u00f4ng c\u1ea7n ph\u1ea3i nh\u1edb m\u1eadt kh\u1ea9u hay m\u00e3 PIN.<\/li>\n
- Ph\u00f9 h\u1ee3p<\/strong>: S\u1eed d\u1ee5ng r\u1ed9ng r\u00e3i trong c\u00e1c h\u1ec7 th\u1ed1ng b\u1ea3o m\u1eadt hi\u1ec7n \u0111\u1ea1i, \u0111\u1eb7c bi\u1ec7t l\u00e0 thi\u1ebft b\u1ecb di \u0111\u1ed9ng v\u00e0 c\u00e1c \u1ee9ng d\u1ee5ng y\u00eau c\u1ea7u b\u1ea3o m\u1eadt nghi\u00eam ng\u1eb7t nh\u01b0 ng\u00e2n h\u00e0ng, ch\u00ednh ph\u1ee7.<\/li>\n<\/ul>\n
M\u1ed7i ph\u01b0\u01a1ng ph\u00e1p x\u00e1c th\u1ef1c c\u00f3 nh\u1eefng \u01b0u v\u00e0 nh\u01b0\u1ee3c \u0111i\u1ec3m ri\u00eang, v\u00e0 l\u1ef1a ch\u1ecdn ph\u01b0\u01a1ng ph\u00e1p ph\u00f9 h\u1ee3p t\u00f9y thu\u1ed9c v\u00e0o nhu c\u1ea7u b\u1ea3o m\u1eadt c\u1ee7a t\u1eebng h\u1ec7 th\u1ed1ng. X\u00e1c th\u1ef1c \u0111\u01a1n y\u1ebfu t\u1ed1 (SFA) tuy \u0111\u01a1n gi\u1ea3n nh\u01b0ng b\u1ea3o m\u1eadt th\u1ea5p, trong khi x\u00e1c th\u1ef1c hai y\u1ebfu t\u1ed1 (2FA) v\u00e0 ba y\u1ebfu t\u1ed1 (3FA) cung c\u1ea5p m\u1ee9c \u0111\u1ed9 an to\u00e0n cao h\u01a1n nhi\u1ec1u.<\/p>\n
Ngo\u00e0i ra, ph\u01b0\u01a1ng ph\u00e1p SSO gi\u00fap ng\u01b0\u1eddi d\u00f9ng d\u1ec5 d\u00e0ng h\u01a1n trong vi\u1ec7c qu\u1ea3n l\u00fd \u0111\u0103ng nh\u1eadp, c\u00f2n OTP v\u00e0 sinh tr\u1eafc h\u1ecdc mang \u0111\u1ebfn b\u1ea3o m\u1eadt v\u00e0 ti\u1ec7n l\u1ee3i tuy\u1ec7t \u0111\u1ed1i. Vi\u1ec7c l\u1ef1a ch\u1ecdn \u0111\u00fang ph\u01b0\u01a1ng ph\u00e1p x\u00e1c th\u1ef1c s\u1ebd gi\u00fap h\u1ec7 th\u1ed1ng b\u1ea3o m\u1eadt th\u00f4ng tin v\u00e0 d\u1eef li\u1ec7u t\u1ed1t h\u01a1n, gi\u1ea3m thi\u1ec3u nguy c\u01a1 t\u1ea5n c\u00f4ng t\u1eeb c\u00e1c cu\u1ed9c x\u00e2m nh\u1eadp tr\u00e1i ph\u00e9p.<\/p>\n
<\/span>C\u01a1 ch\u1ebf l\u01b0u gi\u1eef \u0111\u0103ng nh\u1eadp ng\u01b0\u1eddi d\u00f9ng<\/span><\/h2>\n<\/span>1. Basic Authentication<\/span><\/h3>\nFlow<\/strong>: Ng\u01b0\u1eddi d\u00f9ng g\u1eedi y\u00eau c\u1ea7u \u0111\u1ebfn m\u00e1y ch\u1ee7 v\u1edbi th\u00f4ng tin \u0111\u0103ng nh\u1eadp (username v\u00e0 password) \u0111\u01b0\u1ee3c m\u00e3 h\u00f3a. M\u00e1y ch\u1ee7 ki\u1ec3m tra th\u00f4ng tin, n\u1ebfu kh\u1edbp, truy c\u1eadp s\u1ebd \u0111\u01b0\u1ee3c c\u1ea5p quy\u1ec1n.<\/p>\nUsecase<\/strong>: Th\u01b0\u1eddng s\u1eed d\u1ee5ng trong c\u00e1c h\u1ec7 th\u1ed1ng \u0111\u01a1n gi\u1ea3n ho\u1eb7c c\u00f3 y\u00eau c\u1ea7u b\u1ea3o m\u1eadt c\u01a1 b\u1ea3n, nh\u01b0 c\u00e1c \u1ee9ng d\u1ee5ng web nh\u1ecf kh\u00f4ng y\u00eau c\u1ea7u s\u1ef1 b\u1ea3o m\u1eadt qu\u00e1 cao.<\/p>\n<\/span>2. Session-based Authentication<\/span><\/h3>\nFlow<\/strong>: Sau khi ng\u01b0\u1eddi d\u00f9ng \u0111\u0103ng nh\u1eadp, m\u00e1y ch\u1ee7 t\u1ea1o m\u1ed9t phi\u00ean l\u00e0m vi\u1ec7c (session) v\u00e0 l\u01b0u tr\u1eef th\u00f4ng tin x\u00e1c th\u1ef1c c\u1ee7a ng\u01b0\u1eddi d\u00f9ng trong phi\u00ean \u0111\u00f3. Th\u00f4ng tin phi\u00ean \u0111\u01b0\u1ee3c l\u01b0u trong cookie, v\u00e0 m\u1ed7i l\u1ea7n ng\u01b0\u1eddi d\u00f9ng g\u1eedi y\u00eau c\u1ea7u, m\u00e1y ch\u1ee7 ki\u1ec3m tra session \u0111\u1ec3 x\u00e1c th\u1ef1c.<\/p>\nUsecase<\/strong>: Th\u01b0\u1eddng \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng trong c\u00e1c \u1ee9ng d\u1ee5ng web l\u1edbn, n\u01a1i ng\u01b0\u1eddi d\u00f9ng c\u00f3 th\u1ec3 duy tr\u00ec phi\u00ean \u0111\u0103ng nh\u1eadp trong m\u1ed9t th\u1eddi gian d\u00e0i m\u00e0 kh\u00f4ng c\u1ea7n x\u00e1c th\u1ef1c l\u1ea1i.<\/p>\n<\/span>3. Token-based Authentication<\/span><\/h3>\nFlow<\/strong>: Sau khi x\u00e1c th\u1ef1c th\u00e0nh c\u00f4ng, m\u00e1y ch\u1ee7 g\u1eedi v\u1ec1 m\u1ed9t m\u00e3 token. Token n\u00e0y s\u1ebd \u0111\u01b0\u1ee3c l\u01b0u tr\u1eef \u1edf ph\u00eda client v\u00e0 \u0111\u01b0\u1ee3c g\u1eedi k\u00e8m v\u1edbi m\u1ed7i y\u00eau c\u1ea7u ti\u1ebfp theo \u0111\u1ebfn m\u00e1y ch\u1ee7. Sau \u0111\u00f3, m\u00e1y ch\u1ee7 ki\u1ec3m tra token v\u00e0 quy\u1ebft \u0111\u1ecbnh c\u1ea5p quy\u1ec1n truy c\u1eadp.<\/p>\nUsecase<\/strong>: Ph\u1ed5 bi\u1ebfn trong c\u00e1c \u1ee9ng d\u1ee5ng RESTful API v\u00e0 c\u00e1c h\u1ec7 th\u1ed1ng ph\u00e2n t\u00e1n, n\u01a1i y\u00eau c\u1ea7u qu\u1ea3n l\u00fd nhi\u1ec1u phi\u00ean v\u00e0 ng\u01b0\u1eddi d\u00f9ng tr\u00ean nhi\u1ec1u m\u00e1y ch\u1ee7 kh\u00e1c nhau.<\/p>\n<\/span>S\u1ef1 kh\u00e1c bi\u1ec7t gi\u1eefa Authentication v\u00e0 Authorization<\/span><\/h2>\nAuthentication (x\u00e1c th\u1ef1c) v\u00e0 Authorization (\u1ee7y quy\u1ec1n) l\u00e0 hai kh\u00e1i ni\u1ec7m quan tr\u1ecdng trong b\u1ea3o m\u1eadt th\u00f4ng tin, th\u01b0\u1eddng b\u1ecb nh\u1ea7m l\u1eabn nh\u01b0ng th\u1ef1c ch\u1ea5t c\u00f3 nh\u1eefng ch\u1ee9c n\u0103ng kh\u00e1c nhau. D\u01b0\u1edbi \u0111\u00e2y l\u00e0 s\u1ef1 ph\u00e2n bi\u1ec7t chi ti\u1ebft gi\u1eefa hai kh\u00e1i ni\u1ec7m n\u00e0y:<\/p>\n
\u0110\u1ecbnh ngh\u0129a<\/strong><\/p>\nAuthentication (X\u00e1c th\u1ef1c)<\/strong>: L\u00e0 qu\u00e1 tr\u00ecnh x\u00e1c minh danh t\u00ednh c\u1ee7a ng\u01b0\u1eddi d\u00f9ng. N\u00f3 \u0111\u1ea3m b\u1ea3o r\u1eb1ng ng\u01b0\u1eddi d\u00f9ng l\u00e0 ai m\u00e0 h\u1ecd tuy\u00ean b\u1ed1. Qu\u00e1 tr\u00ecnh n\u00e0y th\u01b0\u1eddng y\u00eau c\u1ea7u ng\u01b0\u1eddi d\u00f9ng cung c\u1ea5p th\u00f4ng tin nh\u01b0 t\u00ean \u0111\u0103ng nh\u1eadp v\u00e0 m\u1eadt kh\u1ea9u, ho\u1eb7c c\u00e1c y\u1ebfu t\u1ed1 kh\u00e1c nh\u01b0 m\u00e3 OTP, sinh tr\u1eafc h\u1ecdc, v.v.<\/p>\nAuthorization (\u1ee6y quy\u1ec1n)<\/strong>: L\u00e0 qu\u00e1 tr\u00ecnh x\u00e1c \u0111\u1ecbnh quy\u1ec1n truy c\u1eadp c\u1ee7a ng\u01b0\u1eddi d\u00f9ng sau khi \u0111\u00e3 x\u00e1c th\u1ef1c. N\u00f3 x\u00e1c \u0111\u1ecbnh ng\u01b0\u1eddi d\u00f9ng c\u00f3 quy\u1ec1n truy c\u1eadp v\u00e0o t\u00e0i nguy\u00ean n\u00e0o v\u00e0 c\u00f3 th\u1ec3 th\u1ef1c hi\u1ec7n nh\u1eefng h\u00e0nh \u0111\u1ed9ng g\u00ec tr\u00ean c\u00e1c t\u00e0i nguy\u00ean \u0111\u00f3.<\/p>\nVai tr\u00f2 trong b\u1ea3o m\u1eadt<\/strong><\/p>\nAuthentication<\/strong>: T\u1eadp trung v\u00e0o b\u1ea3o m\u1eadt danh t\u00ednh, ng\u0103n ch\u1eb7n vi\u1ec7c k\u1ebb x\u1ea5u gi\u1ea3 m\u1ea1o ng\u01b0\u1eddi d\u00f9ng h\u1ee3p l\u1ec7 \u0111\u1ec3 truy c\u1eadp h\u1ec7 th\u1ed1ng. N\u1ebfu authentication b\u1ecb t\u1ea5n c\u00f4ng, ng\u01b0\u1eddi x\u1ea5u c\u00f3 th\u1ec3 gi\u1ea3 danh ng\u01b0\u1eddi d\u00f9ng h\u1ee3p l\u1ec7 v\u00e0 x\u00e2m nh\u1eadp h\u1ec7 th\u1ed1ng.<\/p>\nAuthorization<\/strong>: T\u1eadp trung v\u00e0o b\u1ea3o m\u1eadt quy\u1ec1n truy c\u1eadp, \u0111\u1ea3m b\u1ea3o r\u1eb1ng ch\u1ec9 nh\u1eefng ng\u01b0\u1eddi c\u00f3 quy\u1ec1n h\u1ee3p l\u1ec7 m\u1edbi c\u00f3 th\u1ec3 truy c\u1eadp v\u00e0 th\u1ef1c hi\u1ec7n c\u00e1c h\u00e0nh \u0111\u1ed9ng nh\u1ea5t \u0111\u1ecbnh trong h\u1ec7 th\u1ed1ng. N\u1ebfu authorization kh\u00f4ng \u0111\u01b0\u1ee3c thi\u1ebft l\u1eadp \u0111\u00fang, m\u1ed9t ng\u01b0\u1eddi d\u00f9ng c\u00f3 th\u1ec3 truy c\u1eadp v\u00e0o t\u00e0i nguy\u00ean m\u00e0 h\u1ecd kh\u00f4ng c\u00f3 quy\u1ec1n.<\/p>\nQuy tr\u00ecnh<\/strong><\/p>\nAuthentication<\/strong>: Di\u1ec5n ra tr\u01b0\u1edbc khi ng\u01b0\u1eddi d\u00f9ng c\u00f3 th\u1ec3 truy c\u1eadp v\u00e0o h\u1ec7 th\u1ed1ng. Ng\u01b0\u1eddi d\u00f9ng c\u1ea7n x\u00e1c th\u1ef1c danh t\u00ednh c\u1ee7a m\u00ecnh \u0111\u1ec3 c\u00f3 th\u1ec3 ti\u1ebfn h\u00e0nh b\u01b0\u1edbc ti\u1ebfp theo.<\/p>\nAuthorization<\/strong>: Di\u1ec5n ra sau khi ng\u01b0\u1eddi d\u00f9ng \u0111\u00e3 \u0111\u01b0\u1ee3c x\u00e1c th\u1ef1c th\u00e0nh c\u00f4ng. H\u1ec7 th\u1ed1ng s\u1ebd ki\u1ec3m tra c\u00e1c quy\u1ec1n h\u1ea1n c\u1ee7a ng\u01b0\u1eddi d\u00f9ng \u0111\u1ec3 quy\u1ebft \u0111\u1ecbnh xem h\u1ecd c\u00f3 th\u1ec3 truy c\u1eadp v\u00e0o t\u00e0i nguy\u00ean hay kh\u00f4ng.<\/p>\n![\"S\u1ef1](\"https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2024\/09\/Su-khac-biet-giua-Authentication-va-Authorization.jpg\" "\\"\\"")
S\u1ef1 kh\u00e1c bi\u1ec7t gi\u1eefa Authentication v\u00e0 Authorization<\/figcaption><\/figure>\n\u00a0V\u00ed d\u1ee5<\/strong><\/p>\nAuthentication<\/strong>: Khi b\u1ea1n \u0111\u0103ng nh\u1eadp v\u00e0o m\u1ed9t trang web, b\u1ea1n nh\u1eadp t\u00ean \u0111\u0103ng nh\u1eadp v\u00e0 m\u1eadt kh\u1ea9u. H\u1ec7 th\u1ed1ng s\u1ebd ki\u1ec3m tra th\u00f4ng tin n\u00e0y \u0111\u1ec3 x\u00e1c th\u1ef1c b\u1ea1n l\u00e0 ai.<\/p>\nAuthorization<\/strong>: Sau khi b\u1ea1n \u0111\u00e3 \u0111\u0103ng nh\u1eadp, h\u1ec7 th\u1ed1ng s\u1ebd ki\u1ec3m tra quy\u1ec1n c\u1ee7a b\u1ea1n. V\u00ed d\u1ee5, m\u1ed9t nh\u00e2n vi\u00ean c\u00f3 th\u1ec3 c\u00f3 quy\u1ec1n truy c\u1eadp v\u00e0o th\u00f4ng tin c\u00e1 nh\u00e2n c\u1ee7a m\u00ecnh nh\u01b0ng kh\u00f4ng c\u00f3 quy\u1ec1n truy c\u1eadp v\u00e0o th\u00f4ng tin c\u1ee7a c\u00e1c nh\u00e2n vi\u00ean kh\u00e1c.<\/p>\nTh\u00f4ng tin truy\u1ec1n t\u1ea3i<\/strong><\/p>\nAuthentication<\/strong>: Th\u01b0\u1eddng truy\u1ec1n t\u1ea3i th\u00f4ng tin qua m\u1ed9t ID Token, x\u00e1c nh\u1eadn danh t\u00ednh ng\u01b0\u1eddi d\u00f9ng.<\/p>\nAuthorization<\/strong>: Th\u01b0\u1eddng truy\u1ec1n t\u1ea3i th\u00f4ng tin qua m\u1ed9t Access Token, x\u00e1c nh\u1eadn quy\u1ec1n truy c\u1eadp c\u1ee7a ng\u01b0\u1eddi d\u00f9ng.<\/p>\nPh\u01b0\u01a1ng ph\u00e1p th\u1ef1c hi\u1ec7n<\/strong><\/p>\nAuthentication<\/strong>: Th\u01b0\u1eddng \u0111\u01b0\u1ee3c th\u1ef1c hi\u1ec7n th\u00f4ng qua c\u00e1c ph\u01b0\u01a1ng ph\u00e1p nh\u01b0:<\/p>\n\n- T\u00ean ng\u01b0\u1eddi d\u00f9ng v\u00e0 m\u1eadt kh\u1ea9u.<\/li>\n
- M\u00e3 OTP (One-Time Password).<\/li>\n
- Sinh tr\u1eafc h\u1ecdc (nh\u1eadn di\u1ec7n khu\u00f4n m\u1eb7t, d\u1ea5u v\u00e2n tay).<\/li>\n
- X\u00e1c th\u1ef1c hai y\u1ebfu t\u1ed1 (2FA \u2013 Two-Factor Authentication).<\/li>\n
- X\u00e1c th\u1ef1c ba y\u1ebfu t\u1ed1 (3FA \u2013 Three-Factor Authentication)<\/li>\n
- X\u00e1c th\u1ef1c \u0111\u0103ng nh\u1eadp m\u1ed9t l\u1ea7n (Single Sign-On Authentication)<\/li>\n<\/ul>\n
Authorization<\/strong>: Th\u01b0\u1eddng \u0111\u01b0\u1ee3c th\u1ef1c hi\u1ec7n d\u1ef1a tr\u00ean c\u00e1c ch\u00ednh s\u00e1ch, quy\u1ec1n h\u1ea1n v\u00e0 vai tr\u00f2 c\u1ee7a ng\u01b0\u1eddi d\u00f9ng trong h\u1ec7 th\u1ed1ng, v\u00ed d\u1ee5 nh\u01b0:<\/p>\n\n- Vai tr\u00f2 (Role-based Access Control – RBAC): Ng\u01b0\u1eddi d\u00f9ng v\u1edbi c\u00e1c vai tr\u00f2 kh\u00e1c nhau c\u00f3 quy\u1ec1n truy c\u1eadp kh\u00e1c nhau.<\/li>\n
- Ch\u00ednh s\u00e1ch truy c\u1eadp: Quy \u0111\u1ecbnh c\u1ee5 th\u1ec3 v\u1ec1 quy\u1ec1n truy c\u1eadp t\u00e0i nguy\u00ean.<\/li>\n<\/ul>\n
Giao th\u1ee9c<\/strong><\/p>\nAuthentication<\/strong>: Th\u01b0\u1eddng \u0111\u01b0\u1ee3c qu\u1ea3n l\u00fd b\u1edfi giao th\u1ee9c OpenID Connect (OIDC). OIDC l\u00e0 m\u1ed9t giao th\u1ee9c \u0111\u01b0\u1ee3c x\u00e2y d\u1ef1ng tr\u00ean OAuth 2.0, gi\u00fap th\u1ef1c hi\u1ec7n qu\u00e1 tr\u00ecnh x\u00e1c th\u1ef1c (authentication), b\u1ed5 sung th\u00eam ID Token \u0111\u1ec3 x\u00e1c nh\u1eadn danh t\u00ednh ng\u01b0\u1eddi d\u00f9ng sau khi qu\u00e1 tr\u00ecnh x\u00e1c th\u1ef1c ho\u00e0n t\u1ea5t.<\/p>\nAuthorization<\/strong>: OAuth 2.0 l\u00e0 m\u1ed9t giao th\u1ee9c gi\u00fap th\u1ef1c hi\u1ec7n qu\u00e1 tr\u00ecnh \u1ee7y quy\u1ec1n m\u1ed9t c\u00e1ch an to\u00e0n v\u00e0 linh ho\u1ea1t. OAuth 2.0 kh\u00f4ng tr\u1ef1c ti\u1ebfp x\u1eed l\u00fd qu\u00e1 tr\u00ecnh x\u00e1c th\u1ef1c, m\u00e0 t\u1eadp trung v\u00e0o \u1ee7y quy\u1ec1n, \u0111\u1ea3m b\u1ea3o r\u1eb1ng c\u00e1c \u1ee9ng d\u1ee5ng ch\u1ec9 \u0111\u01b0\u1ee3c ph\u00e9p truy c\u1eadp \u0111\u00fang t\u00e0i nguy\u00ean m\u00e0 ng\u01b0\u1eddi d\u00f9ng \u0111\u00e3 \u0111\u1ed3ng \u00fd.<\/p>\n<\/span>M\u1ed9t s\u1ed1 c\u00e2u h\u1ecfi li\u00ean quan \u0111\u1ebfn Authentication<\/span><\/h2>\n<\/span>T\u1ea1i sao x\u00e1c th\u1ef1c l\u1ea1i quan tr\u1ecdng trong b\u1ea3o m\u1eadt h\u1ec7 th\u1ed1ng?<\/span><\/h3>\nX\u00e1c th\u1ef1c l\u00e0 l\u1edbp b\u1ea3o m\u1eadt \u0111\u1ea7u ti\u00ean gi\u00fap b\u1ea3o v\u1ec7 h\u1ec7 th\u1ed1ng kh\u1ecfi c\u00e1c truy c\u1eadp tr\u00e1i ph\u00e9p, \u0111\u1ea3m b\u1ea3o ch\u1ec9 nh\u1eefng ng\u01b0\u1eddi \u0111\u01b0\u1ee3c \u1ee7y quy\u1ec1n m\u1edbi c\u00f3 th\u1ec3 ti\u1ebfp c\u1eadn th\u00f4ng tin.<\/p>\n
<\/span>C\u00f3 bao nhi\u00eau ph\u01b0\u01a1ng ph\u00e1p x\u00e1c th\u1ef1c ph\u1ed5 bi\u1ebfn?<\/span><\/h3>\nC\u00f3 nhi\u1ec1u ph\u01b0\u01a1ng ph\u00e1p x\u00e1c th\u1ef1c kh\u00e1c nhau nh\u01b0: x\u00e1c th\u1ef1c \u0111\u01a1n y\u1ebfu t\u1ed1 (SFA), x\u00e1c th\u1ef1c hai y\u1ebfu t\u1ed1 (2FA), x\u00e1c th\u1ef1c \u0111a y\u1ebfu t\u1ed1 (MFA), v\u00e0 x\u00e1c th\u1ef1c sinh tr\u1eafc h\u1ecdc.<\/p>\n
<\/span>X\u00e1c th\u1ef1c hai y\u1ebfu t\u1ed1 (2FA) c\u00f3 an to\u00e0n h\u01a1n kh\u00f4ng?<\/span><\/h3>\n