<div>
<div class="content wysiwyg-content">
Some of my secure online web sites have me request a one time password which can be sent as a text message to my phone, sent to an email account or heard via telephone robot. &nbsp;Then to access the site in question you enter your name password and the one time password. &nbsp;This appears to be a type of two factor authentication also. &nbsp;It would seem superior to manage to a smart card in that smart cards break, get out of synch etc. &nbsp;Everyone pretty much already owns a smart phone (or is afforded one from their company). &nbsp;<br />
<br />
From a PCI perspective would username, password plus this type of One Time Password count as two factor?
</div>
</div>


Some of my secure online web sites have me request a one time password which can be sent as a text message to my phone, sent to an email account or heard via telephone robot.  Then to access the site in question you enter your name password and the one time password.  This appears to be a type of two factor authentication also.  It would seem superior to manage to a smart card in that smart cards break, get out of synch etc.  Everyone pretty much already owns a smart phone (or is afforded one from their company).  

From a PCI perspective would username, password plus this type of One Time Password count as two factor?

PCI Question: One Time Passwords and Two Factor Authentication

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.

Network Security

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.