What are authentication assurance levels?
Authenticator assurance levels (AAL) are a NIST standard that assess the degree of confidence and trust in an authentication.
Why are authenticator assurance levels important?
Authenticator assurance levels determine the strength of the authentication and level of security assurance provided by different authentication methods. There are three levels:
- AAL1: Little to no confidence in the asserted identity's validity. Simple, phishable authentication methods.
- AAL2: Moderate level of confidence in the asserted identity. Stronger authentication processes, including MFA.
- AAL3: Highest level of assurance in digital identity. Multiple phish-resistant authentication factors used, including a hardware based authenticator
