International Business Machines Corporation
Multi-factor authentication of internet of things devices

Abstract:

A computer-implemented method, system and computer program product for utilizing multi-factor authentication to authenticate an Internet of Things (IoT) device. The identity credentials of neighboring IoT device(s) are obtained by the IoT device to be authenticated. Upon providing a request to the authentication system to prove its identity, the IoT device provides the authentication system a first factor credential, such as a username and password. The authentication system, upon confirming the accuracy of the first factor credential, challenges the IoT device to provide the second factor credential. After receiving the challenge from the authentication system to provide the second factor credential, the IoT device returns the second factor credential that was generated based on the obtained identity credentials from the neighboring IoT device(s). Upon determining that the received second factor credential includes the identity credentials from the minimum number of required neighboring IoT devices, the authentication system approves authentication.