How to Achieve Strong Authentication on the Web While Balancing Security, Usability and Cost

When implementing strong authentication on a website, IT professionals must find a balance among three separate forces whose goals are often at odds: the cost and security needs of the company, the impact on user behavior, and the motivations of the would-be attacker. This paper gives practical strategies achieving the optimal balance of security, usability and costs and it evaluates the pros and cons of various authentication approaches so IT professionals can choose what is right for their business.