Discuss the algebra of authentication and its implications for privacy. That is, assume a situation with two-factor authentication, and call the factors A and B. Consider the four cases in which each one is strong or weak. What conclusions would you draw about the results: weak A and weak B; weak A and strong B; strong A and weak B; strong A and strong B? Does order matter? Does it matter if both factors are of the same type (what you know, what you have, what you are)? What happens if you add a third factor, C?

What will be an ideal response?

Two weak factors will provide weak protection. Two strong factors will provide strong protection, and likely more so if they are of different types (i.e., if someone can steal something you have, that person can likely also steal a second thing you have). One weak factor and one strong factor provide similar protection to strong one-­?factor authentication, regardless of order. Adding more factors does improve protection, particularly if they are of different types.