HMAC Authentication

HMAC Authentication is short for Hash-Based Message Authentication Code, a strategy used to verify the integrity and authenticity of a message. This strategy is different from other authenticaton methods in the way that it used a cryptographic key along with a hash function. The algorithm behind the hashed message authentication code is complicated by hashing being performed twice. This helps in resisting forms of cryptographic analysis and protecting against threats. A hashed message authentication code is considered to be more secure than other similar message authentication codes, as the data transmitted and key used in the process are hashed separately.

Sources: Techopedia, Mark Wolfe

Additional Reading: Detailing Veracode’s HMAC API Authentication

Related Terms: Authentication, Cryptography, Hashing, Two-Factor Authentication

What does this mean for an SMB?

SMBs and any other business should enable HMAC Authentication whenever possible. Just like two-factor authentication, HMAC authentication will improve account and message security. If you are a Managed Service Provider or manage a team of IT resources, you should ensure your IT professionals know how to implement and use HMAC Authentication.
 
If you develop software, you should consider using HMAC Authentication to establish secure communication between any clients you develop and the servers they connect to. Just be sure to validate the underlying cryptographic algorithms you’re using.

To learn more about HMAC Authentication, watch this 2 minute video:

https://www.youtube.com/watch?v=TcmLVilowb8

Are you doing enough to protect your business?

Sign up with CyberHoot today and sleep better knowing your

employees are cyber trained and on guard!

Sign Up Today!