Jump to content

Two-factor authentication译法

我感觉简中也是双重认证也没问题啊(Apple),不过我记得还有叫“两步验证”的,这个的英文应该不是“Two-factor”而是“Two-step”?

而且说实话,在各种语境下我都没听过“双因素认证”,反而只在Wiki.js里面看到过是这样翻译的。

Lakejason0 (talk)05:02, 30 March 2021

“双/多因素 (身份)验证/认证”应该是直译吧,应该也有不少软件和文章在用。还有“多因子身份验证”。是,不同说法,但基本上指同一个东西。

我担心“双重认证”比较含糊,因为通过数字证书、风控系统等宣称做到“多重验证”也是存在的。而如果说“..身份验证”,也许用户更容易理解到“两步”?

YFdyh000 (talk)05:20, 30 March 2021

Apple语境下不会有那种问题,所以我不觉得有问题。但是如果结合你所说的语境的话,可能是个问题。

如果不介意Two-step的不对应的话翻译成两步验证也可?

Lakejason0 (talk)05:27, 30 March 2021
 

And why "two factors" only? A now common generalisation is the "multifactor authentication" (MFA). 2FA is its minimal implementation that just includes a secondary channel to authorize an authentication actually made on a primary site. And MFA is not limited to the web: it can be used to any service (including hardware) that has some means to perform other checks than jsut the primary access method. E.g., it can use biometrics like fingerprints, retina, face recognition, or handheld devices (not necessarily connected to the Internet, it could be a RFID chip, possibly implanted in the body, commonly found for authenticating demestic pets, or breed animals in farming, it can also authenticate material devices, or food/beverage, or shippings, or vehicles, and not just people); secondary authentication is not necessarily electronic (e.g. using a third party service in person, or a hardware seal).

The number of mechanism is not limited, each one having its strengths and weaknesses, but difficult to fool simultaneously as the means are using very different technics.

The most common 2FA mechanims used today are emails (cheapest, but weakest if emails are not themselves strongly signed by certificates or PGP), SMS or voice calls (reliable if the phone operator authenticate the caller/sender, but still not across international boundaries as the routed phone numbers can be arbitrarily set and not all phone operators of the recipient remove faked/unauthenticated caller numbers, due to lack of international support in existing basic ITU protocols used by phone gateways; this is reliable only for domestic calls/messages sent from inside the same country and if the national regulator has enforced this required authentication for all operators, i.e. only inside the European Union and for "geographic" or "mobile" number ranges, excluding special ranges for VoIP and temporary/prepaid mobile numbers and all numbers that are not properly registered in a public diary).

Verdy p (talk)05:47, 30 March 2021
 

翻了一下Apple的帮助文件,中文都翻译成了“双重认证/雙重認證”。

Lakejason0 (talk)05:31, 30 March 2021

Discord也是翻译成了“双重认证/雙重認證”。

Lakejason0 (talk)18:58, 2 April 2021