SlideShare a Scribd company logo

Authentication vs authorization

Download as PPTX, PDF
F
Frank Victory

Authentication vs Authorization. Our book covers authorization, but not authentication

Technology
1 of 7
Authentication VS Authorization Frank H. Vianzon, Adjunct Instructor, GPEN, GCWN, CCNA, MCS E
Authentication • Authentication is the process of submitting and checking credentials to validate or prove user identity. Authentication is used in access control to allow only specific individuals access to a building or computer system. The process of authentication typically starts by providing a username along with one or more of the following credentials:
*Authorization Authorization, by contrast, is the mechanism by which a system determines what level of access a particular authenticated user should have to secured resources controlled by the system • As an instructor, I can look at your grades for my class. I posted them • Can I look at the grades for your English class??
Back to Authentication! • Usernames are not case sensitive, Passwords are • Password Policy settings in the Local Security Policy control characteristics about a password such as how long it must be, how often it must be changed, or whether complex passwords are required. • Account Lockout Policy settings in the Local Security Policy control what happens when users enter incorrect passwords. With account lockout, an account is locked (and cannot be used for logon) when a specified number of incorrect passwords are entered. – Depending on the policy settings, locked accounts might be unlocked automatically after a period of time. – You can unlock a locked account by editing the account properties in Local Users and Groups. – If an account is locked because the user forgot the password, an administrator can change the password using Local Users and Groups. As a best practice when changing the password for a user, the password the administrator configures should be a temporary password. In the user account properties, select the User must change password at next logon option to require the user to change the password after logging on with the temporary password.
Authentication • A disabled account cannot be used for logon. – You will typically disable an account that is no longer needed or that will not be used for a long period of time. – You can manually disable and enable an account; however, you cannot manually lock an account (you can only unlock a locked account). Accounts are locked automatically through the account lockout settings. • When accessing shared folders or Remote Desktop on a network computer, the user account must have been configured with a password. User accounts with blank passwords cannot be used to gain network access to a computer (configure a password first, then try to reconnect).
Three Factors • Something You Know – Passwords • Something You Have – Tokens – Smartcards • Something You Are – Biometrics
Authentication Methods • Password (vs Passphrase) – How many characters can your Windows password be? – Which is harder to crack? A complex password or a long passphrase? • http://www.sans.org/windows-security/2009/06/12/how-long-tocrack-a-password-spreadsheet/ • Smart Card • Biometric – What are the problems with biometrics?

Recommended

Authentication(pswrd,token,certificate,biometric)
Authentication(pswrd,token,certificate,biometric)Authentication(pswrd,token,certificate,biometric)
Authentication(pswrd,token,certificate,biometric)
Ali Raw
 
Web authentication & authorization
Web authentication & authorizationWeb authentication & authorization
Web authentication & authorization
Alexandru Pasaila
 
Difference between authentication and authorization in asp.net
Difference between authentication and authorization in asp.netDifference between authentication and authorization in asp.net
Difference between authentication and authorization in asp.net
Umar Ali
 
Password cracking and brute force
Password cracking and brute forcePassword cracking and brute force
Password cracking and brute force
vishalgohel12195
 
Authentication
AuthenticationAuthentication
Authentication
primeteacher32
 
User authentication
User authenticationUser authentication
User authentication
CAS
 
Authentication and authorization
Authentication and authorization Authentication and authorization
Authentication and authorization
Ratan Parai
 
Authentication, authorization, accounting(aaa) slides
Authentication, authorization, accounting(aaa) slidesAuthentication, authorization, accounting(aaa) slides
Authentication, authorization, accounting(aaa) slides
rahul kundu
 

Recommended

Authentication(pswrd,token,certificate,biometric)
Authentication(pswrd,token,certificate,biometric)Authentication(pswrd,token,certificate,biometric)
Authentication(pswrd,token,certificate,biometric)
Ali Raw
 
Web authentication & authorization
Web authentication & authorizationWeb authentication & authorization
Web authentication & authorization
Alexandru Pasaila
 
Difference between authentication and authorization in asp.net
Difference between authentication and authorization in asp.netDifference between authentication and authorization in asp.net
Difference between authentication and authorization in asp.net
Umar Ali
 
Password cracking and brute force
Password cracking and brute forcePassword cracking and brute force
Password cracking and brute force
vishalgohel12195
 
Authentication
AuthenticationAuthentication
Authentication
primeteacher32
 
User authentication
User authenticationUser authentication
User authentication
CAS
 
Authentication and authorization
Authentication and authorization Authentication and authorization
Authentication and authorization
Ratan Parai
 
Authentication, authorization, accounting(aaa) slides
Authentication, authorization, accounting(aaa) slidesAuthentication, authorization, accounting(aaa) slides
Authentication, authorization, accounting(aaa) slides
rahul kundu
 
Token-based uthentication
Token-based uthenticationToken-based uthentication
Token-based uthentication
Will Adams
 
Authentication techniques
Authentication techniquesAuthentication techniques
Authentication techniques
IGZ Software house
 
Transport Layer Security (TLS)
Transport Layer Security (TLS)Transport Layer Security (TLS)
Transport Layer Security (TLS)
Arun Shukla
 
secure socket layer
secure socket layersecure socket layer
secure socket layer
Amar Shah
 
Enumeration and system hacking
Enumeration and system hackingEnumeration and system hacking
Enumeration and system hacking
begmohsin
 
Operating system security
Operating system securityOperating system security
Operating system security
Ramesh Ogania
 
public key infrastructure
public key infrastructurepublic key infrastructure
public key infrastructure
vimal kumar
 
Privilege escalation from 1 to 0 Workshop
Privilege escalation from 1 to 0 Workshop Privilege escalation from 1 to 0 Workshop
Privilege escalation from 1 to 0 Workshop
Hossam .M Hamed
 
Authenticated Encryption Gcm Ccm
Authenticated Encryption Gcm CcmAuthenticated Encryption Gcm Ccm
Authenticated Encryption Gcm Ccm
Vittorio Giovara
 
Block Cipher
Block CipherBlock Cipher
Block Cipher
Brandon Byungyong Jo
 
Network Security
Network SecurityNetwork Security
Network Security
Manoj Singh
 
Password management for you
Password management for youPassword management for you
Password management for you
Chit Ko Ko Win
 
Kerberos protocol
Kerberos protocolKerberos protocol
Kerberos protocol
Ajit Dadresa
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Altacit Global
 
Presentation on Web Attacks
Presentation on Web AttacksPresentation on Web Attacks
Presentation on Web Attacks
Vivek Sinha Anurag
 
Encryption algorithms
Encryption algorithmsEncryption algorithms
Encryption algorithms
trilokchandra prakash
 
Unit-4-User-Authentication.pptx
Unit-4-User-Authentication.pptxUnit-4-User-Authentication.pptx
Unit-4-User-Authentication.pptx
Puskar Bhandari
 
Ch07 Access Control Fundamentals
Ch07 Access Control FundamentalsCh07 Access Control Fundamentals
Ch07 Access Control Fundamentals
Information Technology
 
Intruders
IntrudersIntruders
Intruders
techn
 
Authentication methods
Authentication methodsAuthentication methods
Authentication methods
sana mateen
 
Authentication and Authorization in Asp.Net
Authentication and Authorization in Asp.NetAuthentication and Authorization in Asp.Net
Authentication and Authorization in Asp.Net
Shivanand Arur
 
Authentication and Authorization Architecture in the MEAN Stack
Authentication and Authorization Architecture in the MEAN StackAuthentication and Authorization Architecture in the MEAN Stack
Authentication and Authorization Architecture in the MEAN Stack
FITC
 

More Related Content

What's hot

Ch07 Access Control Fundamentals
Ch07 Access Control FundamentalsCh07 Access Control Fundamentals
Ch07 Access Control Fundamentals
Information Technology
 
Intruders
IntrudersIntruders
Intruders
techn
 

What's hot (20)

Token-based uthentication
Token-based uthenticationToken-based uthentication
Token-based uthentication
 
Authentication techniques
Authentication techniquesAuthentication techniques
Authentication techniques
 
Transport Layer Security (TLS)
Transport Layer Security (TLS)Transport Layer Security (TLS)
Transport Layer Security (TLS)
 
secure socket layer
secure socket layersecure socket layer
secure socket layer
 
Enumeration and system hacking
Enumeration and system hackingEnumeration and system hacking
Enumeration and system hacking
 
Operating system security
Operating system securityOperating system security
Operating system security
 
public key infrastructure
public key infrastructurepublic key infrastructure
public key infrastructure
 
Privilege escalation from 1 to 0 Workshop
Privilege escalation from 1 to 0 Workshop Privilege escalation from 1 to 0 Workshop
Privilege escalation from 1 to 0 Workshop
 
Authenticated Encryption Gcm Ccm
Authenticated Encryption Gcm CcmAuthenticated Encryption Gcm Ccm
Authenticated Encryption Gcm Ccm
 
Block Cipher
Block CipherBlock Cipher
Block Cipher
 
Network Security
Network SecurityNetwork Security
Network Security
 
Password management for you
Password management for youPassword management for you
Password management for you
 
Kerberos protocol
Kerberos protocolKerberos protocol
Kerberos protocol
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Presentation on Web Attacks
Presentation on Web AttacksPresentation on Web Attacks
Presentation on Web Attacks
 
Encryption algorithms
Encryption algorithmsEncryption algorithms
Encryption algorithms
 
Unit-4-User-Authentication.pptx
Unit-4-User-Authentication.pptxUnit-4-User-Authentication.pptx
Unit-4-User-Authentication.pptx
 
Ch07 Access Control Fundamentals
Ch07 Access Control FundamentalsCh07 Access Control Fundamentals
Ch07 Access Control Fundamentals
 
Intruders
IntrudersIntruders
Intruders
 
Authentication methods
Authentication methodsAuthentication methods
Authentication methods
 

Viewers also liked

Access Control Presentation
Access Control PresentationAccess Control Presentation
Access Control Presentation
Wajahat Rajab
 
8. operations security
8. operations security8. operations security
8. operations security
7wounders
 
Operating system security
Operating system securityOperating system security
Operating system security
Sarmad Makhdoom
 
Unix Shell Scripting Basics
Unix Shell Scripting BasicsUnix Shell Scripting Basics
Unix Shell Scripting Basics
Dr.Ravi
 

Viewers also liked (20)

Authentication and Authorization in Asp.Net
Authentication and Authorization in Asp.NetAuthentication and Authorization in Asp.Net
Authentication and Authorization in Asp.Net
 
Authentication and Authorization Architecture in the MEAN Stack
Authentication and Authorization Architecture in the MEAN StackAuthentication and Authorization Architecture in the MEAN Stack
Authentication and Authorization Architecture in the MEAN Stack
 
Access Control Presentation
Access Control PresentationAccess Control Presentation
Access Control Presentation
 
Web Servers (ppt)
Web Servers (ppt)Web Servers (ppt)
Web Servers (ppt)
 
Introduction to mvc architecture
Introduction to mvc architectureIntroduction to mvc architecture
Introduction to mvc architecture
 
Windows PowerShell
Windows PowerShellWindows PowerShell
Windows PowerShell
 
A Scalable Client Authentication & Authorization Service for Container-Based ...
A Scalable Client Authentication & Authorization Service for Container-Based ...A Scalable Client Authentication & Authorization Service for Container-Based ...
A Scalable Client Authentication & Authorization Service for Container-Based ...
 
PowerShell Technical Overview
PowerShell Technical OverviewPowerShell Technical Overview
PowerShell Technical Overview
 
8. operations security
8. operations security8. operations security
8. operations security
 
Powershell Demo Presentation
Powershell Demo PresentationPowershell Demo Presentation
Powershell Demo Presentation
 
JavaOne 2014 - Securing RESTful Resources with OAuth2
JavaOne 2014 - Securing RESTful Resources with OAuth2JavaOne 2014 - Securing RESTful Resources with OAuth2
JavaOne 2014 - Securing RESTful Resources with OAuth2
 
Data security authorization and access control
Data security authorization and access controlData security authorization and access control
Data security authorization and access control
 
Soft Computing
Soft ComputingSoft Computing
Soft Computing
 
Accountability in schools
Accountability in schoolsAccountability in schools
Accountability in schools
 
Introduction To Windows Power Shell
Introduction To Windows Power ShellIntroduction To Windows Power Shell
Introduction To Windows Power Shell
 
Administrative Accountability
Administrative Accountability Administrative Accountability
Administrative Accountability
 
An Introduction to OAuth 2
An Introduction to OAuth 2An Introduction to OAuth 2
An Introduction to OAuth 2
 
System protection in Operating System
System protection in Operating SystemSystem protection in Operating System
System protection in Operating System
 
Operating system security
Operating system securityOperating system security
Operating system security
 
Unix Shell Scripting Basics
Unix Shell Scripting BasicsUnix Shell Scripting Basics
Unix Shell Scripting Basics
 

Similar to Authentication vs authorization

Similar to Authentication vs authorization (20)

How to be a Security Minded Admin by Chris Zullo
How to be a Security Minded Admin by Chris ZulloHow to be a Security Minded Admin by Chris Zullo
How to be a Security Minded Admin by Chris Zullo
 
Password management
Password managementPassword management
Password management
 
CNIT 129S - Ch 6a: Attacking Authentication
CNIT 129S - Ch 6a: Attacking AuthenticationCNIT 129S - Ch 6a: Attacking Authentication
CNIT 129S - Ch 6a: Attacking Authentication
 
Owasp security testing methodlogies –part2
Owasp security testing methodlogies –part2Owasp security testing methodlogies –part2
Owasp security testing methodlogies –part2
 
Security asp.net application
Security asp.net applicationSecurity asp.net application
Security asp.net application
 
CNIT 129S: Ch 6: Attacking Authentication
CNIT 129S: Ch 6: Attacking AuthenticationCNIT 129S: Ch 6: Attacking Authentication
CNIT 129S: Ch 6: Attacking Authentication
 
Ch 6: Attacking Authentication
Ch 6: Attacking AuthenticationCh 6: Attacking Authentication
Ch 6: Attacking Authentication
 
Salesforce admin training 2
Salesforce admin training 2Salesforce admin training 2
Salesforce admin training 2
 
Class 8 -Authentication Controls.pptx
Class 8 -Authentication Controls.pptxClass 8 -Authentication Controls.pptx
Class 8 -Authentication Controls.pptx
 
Self-service Password Reset
Self-service Password ResetSelf-service Password Reset
Self-service Password Reset
 
Information and network security 47 authentication applications
Information and network security 47 authentication applicationsInformation and network security 47 authentication applications
Information and network security 47 authentication applications
 
CNIT 129: 6. Attacking Authentication
CNIT 129: 6. Attacking AuthenticationCNIT 129: 6. Attacking Authentication
CNIT 129: 6. Attacking Authentication
 
BeyondCorp: Closing the Adherence Gap
BeyondCorp: Closing the Adherence GapBeyondCorp: Closing the Adherence Gap
BeyondCorp: Closing the Adherence Gap
 
Introduccion a la seguridad Windows 7
Introduccion a la seguridad Windows 7Introduccion a la seguridad Windows 7
Introduccion a la seguridad Windows 7
 
Authentication Methods authauthauthauthauthautha
Authentication Methods authauthauthauthauthauthaAuthentication Methods authauthauthauthauthautha
Authentication Methods authauthauthauthauthautha
 
CNS Review PPT.pptx
CNS Review PPT.pptxCNS Review PPT.pptx
CNS Review PPT.pptx
 
Maximizing Value
Maximizing ValueMaximizing Value
Maximizing Value
 
Broken Authentication and Authorization(1).pptx
Broken Authentication and Authorization(1).pptxBroken Authentication and Authorization(1).pptx
Broken Authentication and Authorization(1).pptx
 
Eds user authenticationuser authentication methods
Eds user authenticationuser authentication methodsEds user authenticationuser authentication methods
Eds user authenticationuser authentication methods
 
Biometrics_basicsandcharacteristics_.pdf
Biometrics_basicsandcharacteristics_.pdfBiometrics_basicsandcharacteristics_.pdf
Biometrics_basicsandcharacteristics_.pdf
 

More from Frank Victory

Kealy OWASP interactive_artifacts
Kealy OWASP interactive_artifactsKealy OWASP interactive_artifacts
Kealy OWASP interactive_artifacts
Frank Victory
 
Lesson 6 web based attacks
Lesson 6 web based attacksLesson 6 web based attacks
Lesson 6 web based attacks
Frank Victory
 

More from Frank Victory (12)

Container security Familiar problems in new technology
Container security Familiar problems in new technologyContainer security Familiar problems in new technology
Container security Familiar problems in new technology
 
Kealy OWASP interactive_artifacts
Kealy OWASP interactive_artifactsKealy OWASP interactive_artifacts
Kealy OWASP interactive_artifacts
 
Automation and open source turning the tide on the attackers
Automation and open source turning the tide on the attackersAutomation and open source turning the tide on the attackers
Automation and open source turning the tide on the attackers
 
CNG 256 cloud computing
CNG 256 cloud computingCNG 256 cloud computing
CNG 256 cloud computing
 
CNG 256 wireless wi-fi and bluetooth
CNG 256 wireless wi-fi and bluetoothCNG 256 wireless wi-fi and bluetooth
CNG 256 wireless wi-fi and bluetooth
 
Differential learning SnowFROC 2017
Differential learning SnowFROC 2017Differential learning SnowFROC 2017
Differential learning SnowFROC 2017
 
Phishing Forensics - SnowFROC - Denver Chapter of OWASP
Phishing Forensics - SnowFROC - Denver Chapter of OWASP Phishing Forensics - SnowFROC - Denver Chapter of OWASP
Phishing Forensics - SnowFROC - Denver Chapter of OWASP
 
Active defensecombo clean
Active defensecombo cleanActive defensecombo clean
Active defensecombo clean
 
Dns security threats and solutions
Dns security threats and solutionsDns security threats and solutions
Dns security threats and solutions
 
Cng 125 – chapter 12 network policies
Cng 125 – chapter 12 network policiesCng 125 – chapter 12 network policies
Cng 125 – chapter 12 network policies
 
9.0 security (2)
9.0 security (2)9.0 security (2)
9.0 security (2)
 
Lesson 6 web based attacks
Lesson 6 web based attacksLesson 6 web based attacks
Lesson 6 web based attacks
 

Recently uploaded

The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and Insight
Safe Software
 
ChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps Productivity
VictorSzoltysek
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 

Recently uploaded (20)

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Navigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern EnterpriseNavigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern Enterprise
 
The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and Insight
 
ChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps Productivity
 
Simplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptxSimplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptx
 
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Choreo: Empowering the Future of Enterprise Software Engineering
Choreo: Empowering the Future of Enterprise Software EngineeringChoreo: Empowering the Future of Enterprise Software Engineering
Choreo: Empowering the Future of Enterprise Software Engineering
 
Modernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaModernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using Ballerina
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Decarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational PerformanceDecarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational Performance
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 

Authentication vs authorization

  • 1. Authentication VS Authorization Frank H. Vianzon, Adjunct Instructor, GPEN, GCWN, CCNA, MCS E
  • 2. Authentication • Authentication is the process of submitting and checking credentials to validate or prove user identity. Authentication is used in access control to allow only specific individuals access to a building or computer system. The process of authentication typically starts by providing a username along with one or more of the following credentials:
  • 3. *Authorization Authorization, by contrast, is the mechanism by which a system determines what level of access a particular authenticated user should have to secured resources controlled by the system • As an instructor, I can look at your grades for my class. I posted them • Can I look at the grades for your English class??
  • 4. Back to Authentication! • Usernames are not case sensitive, Passwords are • Password Policy settings in the Local Security Policy control characteristics about a password such as how long it must be, how often it must be changed, or whether complex passwords are required. • Account Lockout Policy settings in the Local Security Policy control what happens when users enter incorrect passwords. With account lockout, an account is locked (and cannot be used for logon) when a specified number of incorrect passwords are entered. – Depending on the policy settings, locked accounts might be unlocked automatically after a period of time. – You can unlock a locked account by editing the account properties in Local Users and Groups. – If an account is locked because the user forgot the password, an administrator can change the password using Local Users and Groups. As a best practice when changing the password for a user, the password the administrator configures should be a temporary password. In the user account properties, select the User must change password at next logon option to require the user to change the password after logging on with the temporary password.
  • 5. Authentication • A disabled account cannot be used for logon. – You will typically disable an account that is no longer needed or that will not be used for a long period of time. – You can manually disable and enable an account; however, you cannot manually lock an account (you can only unlock a locked account). Accounts are locked automatically through the account lockout settings. • When accessing shared folders or Remote Desktop on a network computer, the user account must have been configured with a password. User accounts with blank passwords cannot be used to gain network access to a computer (configure a password first, then try to reconnect).
  • 6. Three Factors • Something You Know – Passwords • Something You Have – Tokens – Smartcards • Something You Are – Biometrics
  • 7. Authentication Methods • Password (vs Passphrase) – How many characters can your Windows password be? – Which is harder to crack? A complex password or a long passphrase? • http://www.sans.org/windows-security/2009/06/12/how-long-tocrack-a-password-spreadsheet/ • Smart Card • Biometric – What are the problems with biometrics?