Open Access  Subscription Access

隨著雲端服務的興起，使用者有越來越多的資訊儲存在雲端服務中。傳統的文字密碼機制已無法保障使用者的帳號安全，使用第二因子認證及兩階段認證已逐漸成為趨勢。本文介紹Google所提供的兩階段驗證機制Google authenticator，及FIDO聯盟所提出的通用認證框架（Universal Authentication Framework，UAF）、通用第二因子認證（Universal 2nd Factor，U2F）及FIDO2機制。With the rise of cloud services, users have more and more information stored in cloud services. The traditional text password mechanism has been unable to protect the user's account security. The use of the second factor authentication and two-stage authentication has gradually become a trend. This article introduces the Google authenticator, a two-stage authentication mechanism provided by Google, and the Universal Authentication Framework (UAF), Universal 2nd Factor (U2F), and FIDO2 mechanisms proposed by the FIDO Alliance.

兩階段驗證; 身分認證; 第二因子認證; two-step verification; user authentication; second-factor authentication