SlideShare a Scribd company logo

User Auth Principles & Methods

Download as PPTX, PDF
P
Puskar Bhandari

User authentication is the process of verifying a user's identity before granting access to a system or network. There are several important principles to consider, including using strong passwords, two-factor authentication, least privilege access, secure password storage, regular password updates, and access logs. Following these principles helps ensure security and prevent unauthorized access.

Education
1 of 11
Unit-4 User Authentication
User Authentication Principles • User authentication is the process of verifying the identity of a user or device before granting access to a system or network. There are several principles that are important to consider when designing and implementing user authentication systems: 1. Strong passwords: Use passwords that are difficult for others to guess or crack. This includes using a mix of upper and lower case letters, numbers, and special characters, and avoiding using common words or personal information. 2. Two-factor authentication: Use an additional layer of security, such as a code sent to a mobile phone or a biometric factor like a fingerprint, to verify the identity of the user. 3. Least privilege: Grant users the minimum level of access needed to perform their job functions. This helps to prevent unauthorized access to sensitive information. 4. Secure password storage: Store passwords in an encrypted format to protect against unauthorized access in the event that the database is compromised. 5. Regular password updates: Require users to update their passwords on a regular basis to ensure that they remain secure. 6. Access logs: Keep track of user access to systems and networks to help identify and prevent unauthorized access. • By following these principles, you can help ensure the security of your systems and protect against unauthorized access
Password Based Authentication • Password-based authentication is a method of verifying a user's identity by requiring them to enter a password or passphrase. • This is a common form of authentication used by many websites and applications to ensure that only authorized users can access certain resources or perform certain actions. • Important considerations: • Use strong passwords: It's important to use strong, unique passwords for each account to prevent unauthorized access. This can help protect against password cracking and brute force attacks. • Enable two-factor authentication: Two-factor authentication (2FA) adds an extra layer of security by requiring the user to provide an additional piece of information, such as a code sent to their phone, in order to log in. • Change passwords regularly: Regularly changing passwords can help protect against unauthorized access in the event that a password is compromised. • Use a password manager: A password manager can help you generate and store strong, unique passwords for all of your accounts, making it easier to follow best practices for password security.
Token Based Authentication • Token-based authentication is a method of verifying a user's identity by requiring them to provide a unique token, or code, in order to access certain resources or perform certain actions. • Advantages: it is satateless, sclable, secure and flexible. • Disadvantages: It requires a secure means of storing and transmitting tokens and can be complex to implement
Biometric Authentication • Biometric authentication is a method of verifying a user's identity by measuring and analyzing a unique physical characteristic or behavioral trait. • Some examples of biometric authentication methods include: 1. Fingerprint recognition: This involves using sensors to scan and measure the unique patterns on a person's finger, which can then be used to verify their identity. 2. Facial recognition: This involves using cameras and software to analyze and measure the unique characteristics of a person's face, such as the distance between their eyes and the shape of their nose. 3. Voice recognition: This involves using microphones and software to analyze and measure the unique characteristics of a person's voice, such as their pitch and accent. 4. Hand geometry: This involves using sensors to measure the shape and size of a person's hand, which can then be used to verify their identity.
TWO Factor Authentication • Two-factor authentication (2FA) is a method of verifying a user's identity by requiring them to provide two pieces of information in order to access certain resources or perform certain actions. • In 2FA, the user is typically required to provide both their username and password, as well as an additional piece of information, in order to log in to the system • This additional piece of information is usually something that the user has in their possession, such as a mobile phone or a hardware token, or something that is unique to the user, such as a fingerprint or facial recognition.
Security Issues for User Authentication • There are several security issues that can arise when implementing user authentication: • Weak passwords: If users choose weak passwords, it can be easier for attackers to guess or crack them, potentially leading to unauthorized access to the system. • Password reuse: If users reuse the same password for multiple accounts, it can be easier for attackers to gain access to multiple systems if one of their passwords is compromised. • Password storage: If passwords are not stored securely, such as by using a secure hashing algorithm, it can be easier for attackers to obtain them and gain unauthorized access to the system. • Social engineering attacks: Attackers can try to trick users into revealing their login credentials through social engineering techniques, such as phishing attacks or pretexting. • Man-in-the-middle attacks: Attackers can try to intercept communications between the user and the system in order to gain access to login credentials. • Insecure authentication protocols: If the authentication protocols used by the system are insecure, it can be easier for attackers to gain access to the system. • Lack of two-factor authentication: If the system does not use two-factor authentication, it can be easier for attackers to gain access to the system if they are able to obtain a user's login credentials. • To address these security issues, it is important to implement strong password policies, encourage users to use unique passwords for each account, store passwords securely, use two-factor authentication, and educate users about the risks of social engineering attacks
Describe the general concept of a challenge- response protocol • A challenge-response protocol is a security mechanism designed to authenticate the identity of a user or a device requesting access to a system or a resource. • In a challenge-response protocol, the system or server sends a challenge to the user or device, which requires a specific response to prove its identity. The challenge is typically a random string of characters or a cryptographic hash, and the response is generated by the user or device based on a secret key or a password. The basic steps in a challenge-response protocol are as follows: • The system sends a challenge to the user or device. • The user or device receives the challenge and generates a response using a secret key or password. • The user or device sends the response back to the system. • The system verifies the response and grants access if the response is valid. The use of a challenge-response protocol helps to prevent unauthorized access to a system or resource by requiring proof of identity before granting access. The protocol is commonly used in a variety of security applications, such as authentication for remote access, password recovery, and online transactions.
Define authentication system with its components An authentication system is a security mechanism used to verify the identity of a user or entity trying to access a system or resource. It involves a series of steps to ensure that the user or entity is indeed who they claim to be. The components of an authentication system typically include: • User identification: This involves collecting information about the user, such as a username, email address, or employee ID. • Credentials: These are the proof of identity that the user presents to the system. Examples of credentials include passwords, PINs, security tokens, biometric data, and smart cards. • Authentication server: This is the central component of the system that stores and manages user credentials. It is responsible for validating the user's credentials and determining whether or not the user is authorized to access the requested resource.
Define authentication system with its components • Authentication protocols: These are the rules and procedures that the system uses to verify the user's identity. Examples of authentication protocols include the OAuth, SAML, OpenID Connect, and Kerberos. • Access controls: Once the user has been authenticated, the system uses access controls to determine what resources the user is authorized to access. These access controls can be based on role-based access control, attribute-based access control, or other methods. • Audit trail: An audit trail is used to record all authentication attempts, successful or not, and can be used for forensic purposes or compliance reasons.

Recommended

Password management
Password managementPassword management
Password managementWilmington University
 
User authentication
User authenticationUser authentication
User authenticationCAS
 
Seminar-Two Factor Authentication
Seminar-Two Factor AuthenticationSeminar-Two Factor Authentication
Seminar-Two Factor AuthenticationDilip Kr. Jangir
 
Malware analysis
Malware analysisMalware analysis
Malware analysisPrakashchand Suthar
 
Introduction to Malware Analysis
Introduction to Malware AnalysisIntroduction to Malware Analysis
Introduction to Malware AnalysisAndrew McNicol
 
Malware analysis, threat intelligence and reverse engineering
Malware analysis, threat intelligence and reverse engineeringMalware analysis, threat intelligence and reverse engineering
Malware analysis, threat intelligence and reverse engineeringbartblaze
 
malware analysis
malware analysismalware analysis
malware analysis20CS201AkashR
 
Password Management
Password ManagementPassword Management
Password ManagementRick Chin
 

Recommended

Password management
Password managementPassword management
Password managementWilmington University
 
User authentication
User authenticationUser authentication
User authenticationCAS
 
Seminar-Two Factor Authentication
Seminar-Two Factor AuthenticationSeminar-Two Factor Authentication
Seminar-Two Factor AuthenticationDilip Kr. Jangir
 
Malware analysis
Malware analysisMalware analysis
Malware analysisPrakashchand Suthar
 
Introduction to Malware Analysis
Introduction to Malware AnalysisIntroduction to Malware Analysis
Introduction to Malware AnalysisAndrew McNicol
 
Malware analysis, threat intelligence and reverse engineering
Malware analysis, threat intelligence and reverse engineeringMalware analysis, threat intelligence and reverse engineering
Malware analysis, threat intelligence and reverse engineeringbartblaze
 
malware analysis
malware analysismalware analysis
malware analysis20CS201AkashR
 
Password Management
Password ManagementPassword Management
Password ManagementRick Chin
 
zero day exploits
zero day exploitszero day exploits
zero day exploitsAdv. Prashant Mali ♛ [Bsc(Phy),MSc(Comp Sci), CCFP,CISSA,LLM]
 
Security tools
Security toolsSecurity tools
Security toolsarfan shahzad
 
Web security
Web securityWeb security
Web securitySubhash Basistha
 
Network Security 1st Lecture
Network Security 1st LectureNetwork Security 1st Lecture
Network Security 1st Lecturebabak danyal
 
User Authentication: Passwords and Beyond
User Authentication: Passwords and BeyondUser Authentication: Passwords and Beyond
User Authentication: Passwords and BeyondJim Fenton
 
Secure password - CYBER SECURITY
Secure password - CYBER SECURITYSecure password - CYBER SECURITY
Secure password - CYBER SECURITYSupanShah2
 
Password Attack
Password Attack Password Attack
Password Attack Sina Manavi
 
Internet security
Internet securityInternet security
Internet securityat1211
 
User Authentication Overview
User Authentication OverviewUser Authentication Overview
User Authentication OverviewJim Fenton
 
Computer security
Computer securityComputer security
Computer securityMahesh Singh Madai
 
Security & protection in operating system
Security & protection in operating systemSecurity & protection in operating system
Security & protection in operating systemAbou Bakr Ashraf
 
Log Analysis
Log AnalysisLog Analysis
Log Analysisn|u - The Open Security Community
 
Information Security Principles - Access Control
Information Security Principles - Access ControlInformation Security Principles - Access Control
Information Security Principles - Access Controlidingolay
 
Two factor authentication presentation mcit
Two factor authentication presentation mcitTwo factor authentication presentation mcit
Two factor authentication presentation mcitmmubashirkhan
 
Different types of attacks in internet
Different types of attacks in internetDifferent types of attacks in internet
Different types of attacks in internetRohan Bharadwaj
 
tai lieu dao tao nhan thuc attt
tai lieu dao tao nhan thuc attttai lieu dao tao nhan thuc attt
tai lieu dao tao nhan thuc atttNguyen Xuan Quang
 
Authentication vs authorization
Authentication vs authorizationAuthentication vs authorization
Authentication vs authorizationFrank Victory
 
Security in Windows operating system
Security in Windows operating systemSecurity in Windows operating system
Security in Windows operating systemabdullah roomi
 
cyber security legal perspective
cyber security legal perspectivecyber security legal perspective
cyber security legal perspectiveShoeb Ahmed
 
Digital certificates
Digital certificatesDigital certificates
Digital certificatesBuddhika Karunanayaka
 
Cyber Security # Lec 5
Cyber Security # Lec 5Cyber Security # Lec 5
Cyber Security # Lec 5Kabul Education University
 
Eds user authenticationuser authentication methods
Eds user authenticationuser authentication methodsEds user authenticationuser authentication methods
Eds user authenticationuser authentication methodslapao2014
 

More Related Content

What's hot

Network Security 1st Lecture
Network Security 1st LectureNetwork Security 1st Lecture
Network Security 1st Lecturebabak danyal
 
User Authentication: Passwords and Beyond
User Authentication: Passwords and BeyondUser Authentication: Passwords and Beyond
User Authentication: Passwords and BeyondJim Fenton
 
Secure password - CYBER SECURITY
Secure password - CYBER SECURITYSecure password - CYBER SECURITY
Secure password - CYBER SECURITYSupanShah2
 
Password Attack
Password Attack Password Attack
Password Attack Sina Manavi
 
Internet security
Internet securityInternet security
Internet securityat1211
 
User Authentication Overview
User Authentication OverviewUser Authentication Overview
User Authentication OverviewJim Fenton
 
Security & protection in operating system
Security & protection in operating systemSecurity & protection in operating system
Security & protection in operating systemAbou Bakr Ashraf
 
Information Security Principles - Access Control
Information Security Principles - Access ControlInformation Security Principles - Access Control
Information Security Principles - Access Controlidingolay
 
Two factor authentication presentation mcit
Two factor authentication presentation mcitTwo factor authentication presentation mcit
Two factor authentication presentation mcitmmubashirkhan
 
Different types of attacks in internet
Different types of attacks in internetDifferent types of attacks in internet
Different types of attacks in internetRohan Bharadwaj
 
tai lieu dao tao nhan thuc attt
tai lieu dao tao nhan thuc attttai lieu dao tao nhan thuc attt
tai lieu dao tao nhan thuc atttNguyen Xuan Quang
 
Authentication vs authorization
Authentication vs authorizationAuthentication vs authorization
Authentication vs authorizationFrank Victory
 
Security in Windows operating system
Security in Windows operating systemSecurity in Windows operating system
Security in Windows operating systemabdullah roomi
 
cyber security legal perspective
cyber security legal perspectivecyber security legal perspective
cyber security legal perspectiveShoeb Ahmed
 

What's hot (20)

zero day exploits
zero day exploitszero day exploits
zero day exploits
 
Security tools
Security toolsSecurity tools
Security tools
 
Web security
Web securityWeb security
Web security
 
Network Security 1st Lecture
Network Security 1st LectureNetwork Security 1st Lecture
Network Security 1st Lecture
 
User Authentication: Passwords and Beyond
User Authentication: Passwords and BeyondUser Authentication: Passwords and Beyond
User Authentication: Passwords and Beyond
 
Secure password - CYBER SECURITY
Secure password - CYBER SECURITYSecure password - CYBER SECURITY
Secure password - CYBER SECURITY
 
Password Attack
Password Attack Password Attack
Password Attack
 
Internet security
Internet securityInternet security
Internet security
 
User Authentication Overview
User Authentication OverviewUser Authentication Overview
User Authentication Overview
 
Computer security
Computer securityComputer security
Computer security
 
Security & protection in operating system
Security & protection in operating systemSecurity & protection in operating system
Security & protection in operating system
 
Log Analysis
Log AnalysisLog Analysis
Log Analysis
 
Information Security Principles - Access Control
Information Security Principles - Access ControlInformation Security Principles - Access Control
Information Security Principles - Access Control
 
Two factor authentication presentation mcit
Two factor authentication presentation mcitTwo factor authentication presentation mcit
Two factor authentication presentation mcit
 
Different types of attacks in internet
Different types of attacks in internetDifferent types of attacks in internet
Different types of attacks in internet
 
tai lieu dao tao nhan thuc attt
tai lieu dao tao nhan thuc attttai lieu dao tao nhan thuc attt
tai lieu dao tao nhan thuc attt
 
Authentication vs authorization
Authentication vs authorizationAuthentication vs authorization
Authentication vs authorization
 
Security in Windows operating system
Security in Windows operating systemSecurity in Windows operating system
Security in Windows operating system
 
cyber security legal perspective
cyber security legal perspectivecyber security legal perspective
cyber security legal perspective
 
Digital certificates
Digital certificatesDigital certificates
Digital certificates
 

Similar to User Auth Principles & Methods

Eds user authenticationuser authentication methods
Eds user authenticationuser authentication methodsEds user authenticationuser authentication methods
Eds user authenticationuser authentication methodslapao2014
 
Information and network security 47 authentication applications
Information and network security 47 authentication applicationsInformation and network security 47 authentication applications
Information and network security 47 authentication applicationsVaibhav Khanna
 
Computer Security Primer - Eric Vanderburg - JURINNOV
Computer Security Primer - Eric Vanderburg - JURINNOVComputer Security Primer - Eric Vanderburg - JURINNOV
Computer Security Primer - Eric Vanderburg - JURINNOVEric Vanderburg
 
Addressing Insider Threat using "Where You Are" as Fourth Factor Authentication
Addressing Insider Threat using "Where You Are" as Fourth Factor AuthenticationAddressing Insider Threat using "Where You Are" as Fourth Factor Authentication
Addressing Insider Threat using "Where You Are" as Fourth Factor AuthenticationPeter Choi
 
attack vectors by chimwemwe.pptx
attack vectors by chimwemwe.pptxattack vectors by chimwemwe.pptx
attack vectors by chimwemwe.pptxJenetSilence
 
Network Security_4th Module_Dr. Shivashankar
Network Security_4th Module_Dr. ShivashankarNetwork Security_4th Module_Dr. Shivashankar
Network Security_4th Module_Dr. ShivashankarDr. Shivashankar
 
Access Control Fundamentals
Access Control FundamentalsAccess Control Fundamentals
Access Control FundamentalsSetiya Nugroho
 
Two-factor authentication- A sample writing _Zaman
Two-factor authentication- A sample writing _ZamanTwo-factor authentication- A sample writing _Zaman
Two-factor authentication- A sample writing _ZamanAsad Zaman
 
CSI-503 - 10. Security & Protection (Operating System)
CSI-503 - 10. Security & Protection (Operating System) CSI-503 - 10. Security & Protection (Operating System)
CSI-503 - 10. Security & Protection (Operating System) ghayour abbas
 
BAIT1103 Chapter 7
BAIT1103 Chapter 7BAIT1103 Chapter 7
BAIT1103 Chapter 7limsh
 
Presentation2 (2)
Presentation2 (2)Presentation2 (2)
Presentation2 (2)ITNet
 
CompTIA Security+ Module1: Security fundamentals
CompTIA Security+ Module1: Security fundamentalsCompTIA Security+ Module1: Security fundamentals
CompTIA Security+ Module1: Security fundamentalsGanbayar Sukhbaatar
 
crisc_wk_5.pptx
crisc_wk_5.pptxcrisc_wk_5.pptx
crisc_wk_5.pptxdotco
 
Definitive Security Testing Checklist Shielding Your Applications against Cyb...
Definitive Security Testing Checklist Shielding Your Applications against Cyb...Definitive Security Testing Checklist Shielding Your Applications against Cyb...
Definitive Security Testing Checklist Shielding Your Applications against Cyb...Knoldus Inc.
 

Similar to User Auth Principles & Methods (20)

Cyber Security # Lec 5
Cyber Security # Lec 5Cyber Security # Lec 5
Cyber Security # Lec 5
 
Eds user authenticationuser authentication methods
Eds user authenticationuser authentication methodsEds user authenticationuser authentication methods
Eds user authenticationuser authentication methods
 
Information and network security 47 authentication applications
Information and network security 47 authentication applicationsInformation and network security 47 authentication applications
Information and network security 47 authentication applications
 
Computer Security Primer - Eric Vanderburg - JURINNOV
Computer Security Primer - Eric Vanderburg - JURINNOVComputer Security Primer - Eric Vanderburg - JURINNOV
Computer Security Primer - Eric Vanderburg - JURINNOV
 
Intruders
IntrudersIntruders
Intruders
 
Addressing Insider Threat using "Where You Are" as Fourth Factor Authentication
Addressing Insider Threat using "Where You Are" as Fourth Factor AuthenticationAddressing Insider Threat using "Where You Are" as Fourth Factor Authentication
Addressing Insider Threat using "Where You Are" as Fourth Factor Authentication
 
attack vectors by chimwemwe.pptx
attack vectors by chimwemwe.pptxattack vectors by chimwemwe.pptx
attack vectors by chimwemwe.pptx
 
Network Security_4th Module_Dr. Shivashankar
Network Security_4th Module_Dr. ShivashankarNetwork Security_4th Module_Dr. Shivashankar
Network Security_4th Module_Dr. Shivashankar
 
Access Control Fundamentals
Access Control FundamentalsAccess Control Fundamentals
Access Control Fundamentals
 
security in is.pptx
security in is.pptxsecurity in is.pptx
security in is.pptx
 
Chapter 7
Chapter 7Chapter 7
Chapter 7
 
Two-factor authentication- A sample writing _Zaman
Two-factor authentication- A sample writing _ZamanTwo-factor authentication- A sample writing _Zaman
Two-factor authentication- A sample writing _Zaman
 
CSI-503 - 10. Security & Protection (Operating System)
CSI-503 - 10. Security & Protection (Operating System) CSI-503 - 10. Security & Protection (Operating System)
CSI-503 - 10. Security & Protection (Operating System)
 
BAIT1103 Chapter 7
BAIT1103 Chapter 7BAIT1103 Chapter 7
BAIT1103 Chapter 7
 
Presentation2 (2)
Presentation2 (2)Presentation2 (2)
Presentation2 (2)
 
Chapter006
Chapter006Chapter006
Chapter006
 
Ethical hacking
Ethical hacking Ethical hacking
Ethical hacking
 
CompTIA Security+ Module1: Security fundamentals
CompTIA Security+ Module1: Security fundamentalsCompTIA Security+ Module1: Security fundamentals
CompTIA Security+ Module1: Security fundamentals
 
crisc_wk_5.pptx
crisc_wk_5.pptxcrisc_wk_5.pptx
crisc_wk_5.pptx
 
Definitive Security Testing Checklist Shielding Your Applications against Cyb...
Definitive Security Testing Checklist Shielding Your Applications against Cyb...Definitive Security Testing Checklist Shielding Your Applications against Cyb...
Definitive Security Testing Checklist Shielding Your Applications against Cyb...
 

Recently uploaded

Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaVirag Sontakke
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
Gas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxGas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxDr.Ibrahim Hassaan
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Celine George
 
Hierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of managementHierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of managementmkooblal
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxiammrhaywood
 
Pharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfPharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfMahmoud M. Sallam
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
MICROBIOLOGY biochemical test detailed.pptx
MICROBIOLOGY biochemical test detailed.pptxMICROBIOLOGY biochemical test detailed.pptx
MICROBIOLOGY biochemical test detailed.pptxabhijeetpadhi001
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxRaymartEstabillo3
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
MARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupMARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupJonathanParaisoCruz
 
Capitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptxCapitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptxCapitolTechU
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersSabitha Banu
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatYousafMalik24
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...Marc Dusseiller Dusjagr
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 

Recently uploaded (20)

Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of India
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
Gas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxGas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptx
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17
 
Hierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of managementHierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of management
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
 
Pharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfPharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdf
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
MICROBIOLOGY biochemical test detailed.pptx
MICROBIOLOGY biochemical test detailed.pptxMICROBIOLOGY biochemical test detailed.pptx
MICROBIOLOGY biochemical test detailed.pptx
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
MARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupMARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized Group
 
Capitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptxCapitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptx
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginners
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice great
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 

User Auth Principles & Methods

  • 2. User Authentication Principles • User authentication is the process of verifying the identity of a user or device before granting access to a system or network. There are several principles that are important to consider when designing and implementing user authentication systems: 1. Strong passwords: Use passwords that are difficult for others to guess or crack. This includes using a mix of upper and lower case letters, numbers, and special characters, and avoiding using common words or personal information. 2. Two-factor authentication: Use an additional layer of security, such as a code sent to a mobile phone or a biometric factor like a fingerprint, to verify the identity of the user. 3. Least privilege: Grant users the minimum level of access needed to perform their job functions. This helps to prevent unauthorized access to sensitive information. 4. Secure password storage: Store passwords in an encrypted format to protect against unauthorized access in the event that the database is compromised. 5. Regular password updates: Require users to update their passwords on a regular basis to ensure that they remain secure. 6. Access logs: Keep track of user access to systems and networks to help identify and prevent unauthorized access. • By following these principles, you can help ensure the security of your systems and protect against unauthorized access
  • 3. Password Based Authentication • Password-based authentication is a method of verifying a user's identity by requiring them to enter a password or passphrase. • This is a common form of authentication used by many websites and applications to ensure that only authorized users can access certain resources or perform certain actions. • Important considerations: • Use strong passwords: It's important to use strong, unique passwords for each account to prevent unauthorized access. This can help protect against password cracking and brute force attacks. • Enable two-factor authentication: Two-factor authentication (2FA) adds an extra layer of security by requiring the user to provide an additional piece of information, such as a code sent to their phone, in order to log in. • Change passwords regularly: Regularly changing passwords can help protect against unauthorized access in the event that a password is compromised. • Use a password manager: A password manager can help you generate and store strong, unique passwords for all of your accounts, making it easier to follow best practices for password security.
  • 4. Token Based Authentication • Token-based authentication is a method of verifying a user's identity by requiring them to provide a unique token, or code, in order to access certain resources or perform certain actions. • Advantages: it is satateless, sclable, secure and flexible. • Disadvantages: It requires a secure means of storing and transmitting tokens and can be complex to implement
  • 5. Biometric Authentication • Biometric authentication is a method of verifying a user's identity by measuring and analyzing a unique physical characteristic or behavioral trait. • Some examples of biometric authentication methods include: 1. Fingerprint recognition: This involves using sensors to scan and measure the unique patterns on a person's finger, which can then be used to verify their identity. 2. Facial recognition: This involves using cameras and software to analyze and measure the unique characteristics of a person's face, such as the distance between their eyes and the shape of their nose. 3. Voice recognition: This involves using microphones and software to analyze and measure the unique characteristics of a person's voice, such as their pitch and accent. 4. Hand geometry: This involves using sensors to measure the shape and size of a person's hand, which can then be used to verify their identity.
  • 6. TWO Factor Authentication • Two-factor authentication (2FA) is a method of verifying a user's identity by requiring them to provide two pieces of information in order to access certain resources or perform certain actions. • In 2FA, the user is typically required to provide both their username and password, as well as an additional piece of information, in order to log in to the system • This additional piece of information is usually something that the user has in their possession, such as a mobile phone or a hardware token, or something that is unique to the user, such as a fingerprint or facial recognition.
  • 7. Security Issues for User Authentication • There are several security issues that can arise when implementing user authentication: • Weak passwords: If users choose weak passwords, it can be easier for attackers to guess or crack them, potentially leading to unauthorized access to the system. • Password reuse: If users reuse the same password for multiple accounts, it can be easier for attackers to gain access to multiple systems if one of their passwords is compromised. • Password storage: If passwords are not stored securely, such as by using a secure hashing algorithm, it can be easier for attackers to obtain them and gain unauthorized access to the system. • Social engineering attacks: Attackers can try to trick users into revealing their login credentials through social engineering techniques, such as phishing attacks or pretexting. • Man-in-the-middle attacks: Attackers can try to intercept communications between the user and the system in order to gain access to login credentials. • Insecure authentication protocols: If the authentication protocols used by the system are insecure, it can be easier for attackers to gain access to the system. • Lack of two-factor authentication: If the system does not use two-factor authentication, it can be easier for attackers to gain access to the system if they are able to obtain a user's login credentials. • To address these security issues, it is important to implement strong password policies, encourage users to use unique passwords for each account, store passwords securely, use two-factor authentication, and educate users about the risks of social engineering attacks
  • 8. Describe the general concept of a challenge- response protocol • A challenge-response protocol is a security mechanism designed to authenticate the identity of a user or a device requesting access to a system or a resource. • In a challenge-response protocol, the system or server sends a challenge to the user or device, which requires a specific response to prove its identity. The challenge is typically a random string of characters or a cryptographic hash, and the response is generated by the user or device based on a secret key or a password. The basic steps in a challenge-response protocol are as follows: • The system sends a challenge to the user or device. • The user or device receives the challenge and generates a response using a secret key or password. • The user or device sends the response back to the system. • The system verifies the response and grants access if the response is valid. The use of a challenge-response protocol helps to prevent unauthorized access to a system or resource by requiring proof of identity before granting access. The protocol is commonly used in a variety of security applications, such as authentication for remote access, password recovery, and online transactions.
  • 9.
  • 10. Define authentication system with its components An authentication system is a security mechanism used to verify the identity of a user or entity trying to access a system or resource. It involves a series of steps to ensure that the user or entity is indeed who they claim to be. The components of an authentication system typically include: • User identification: This involves collecting information about the user, such as a username, email address, or employee ID. • Credentials: These are the proof of identity that the user presents to the system. Examples of credentials include passwords, PINs, security tokens, biometric data, and smart cards. • Authentication server: This is the central component of the system that stores and manages user credentials. It is responsible for validating the user's credentials and determining whether or not the user is authorized to access the requested resource.
  • 11. Define authentication system with its components • Authentication protocols: These are the rules and procedures that the system uses to verify the user's identity. Examples of authentication protocols include the OAuth, SAML, OpenID Connect, and Kerberos. • Access controls: Once the user has been authenticated, the system uses access controls to determine what resources the user is authorized to access. These access controls can be based on role-based access control, attribute-based access control, or other methods. • Audit trail: An audit trail is used to record all authentication attempts, successful or not, and can be used for forensic purposes or compliance reasons.