monacofamily, profile picture
Uploaded bymonacofamily
243 views

Recommendation For Improving Authentication For Our Online Systems At Pace V2.0

The document discusses authentication practices for online systems at Pace University. It provides an overview of authentication methods ranging from no authentication to multi-factor authentication. It also summarizes Pace's current complex password rules and recommendations for improving authentication, which include assigning risk categories to users and enforcing more frequent password changes for high-risk users. The document also discusses the use of biometrics and multi-factor authentication at other universities.

Embed presentation

Recommendations for improving authentication for our online systems at Pace
Authentication practices in Higher Education - from bad to good No authentication Weak Passwords Complex Passwords Complex Passwords with frequent mandatory changes, depending on risk Biometrics Multi-Factor bad good
Current Pace Complex Password Rules must not contain more than 3 consecutive characters of your first name, last name, or username must be 8 or more characters long. must contain at least one character from three of these four categories: UPPERcase characters (A, B, C, ...) lowercase character (a, b, c, ...) numbers (1, 2, 3, ...) special characters (! * + - / : ? _ # $) (i.e. must have at least one uppercase letter, one lowercase letter, and one number) must not be one that you have recently used (you cannot use one of your last 3 passwords) cannot be changed more than once every 24 hours
Some useful hints for selecting a password Use the first letters of each word from a song, phrase, or quote and replace some letters with numbers. For example, "Mary had a little lamb who's fleece was white as snow!" would become Mha11wfwwa5! (substituting 1 for l and 5 for s). Include punctuation for a more secure password (only use the allowed special characters, which are ! % * + - / : ? _). Try to make the password as long as possible. The longer the password, the harder it is to crack or guess it. Do not write the password down and place on your desk!
What some other universities are doing about authentication… Enforced password resets occur routinely at: New York University—all users every 365 days Hofstra University—all users every 180 days New Jersey Institute of Technology—all users every 120 days Cornell University—all users every 180 days Seton Hall University—every 90 days for administrative systems University of Maryland—all users every 180 days Penn State—all users every 365 days Columbia University—faculty/staff every 90 days for ERP SUNY Purchase—faculty/staff every 90 days Note: Rutgers – uses Multi-Factor for some ERP Applications
Biometric Authentication in Higher Education ECAR, Core Data Services, FY 2006, Chapter 4 In Computer Security, Biometrics refers to authentication techniques that rely on measurable physical characteristics that can be automatically checked. Examples include retinal scans, computer analysis of fingerprints or speech, or other physiological means of user identification for security purposes.
Multi-Factor (two Factor) Authentication Refers to any authentication protocol that requires more than one form of authentication to access a system. This contrasts with tradition password authentication, which requires only one factor (knowledge of the password) in order to gain access to a system. Three standard kinds of authentication factors are recognized: something you know (like a password or PIN), something you have (like a credit card or Cell Phone), or something you are (like a fingerprint, a retinal pattern, or other biometrics).
Multi-Factor Authentication in Higher Education ECAR, Core Data Services, FY 2006, Chapter 4
How to change your password go to Pace’s Password Reset Utility (PRU) located at http://pru.pace.edu select Click here at the top of the page for guidelines and help when choosing a complex password review these guidelines and then select Click here to return to the PRU homepage change your password by selecting Change your password and following the prompts
Recommendation We should have the technical ability to assign risk categories to various classes of users in February, 2008. Once we have this capability, we should publish and enforce guidelines that ask those with the highest access rights to change their passwords more often than those with less access rights. We should continue to investigate Biometrics and Multi-factor for specific user groups
Questions? More information is available from the Division of Information Technology: phone: 914 – 773 - 3648 via web: http:// doithelpdesk.pace.edu [email_address] , 914-923-2658

More Related Content

DOCX
Resume - Lyman Holton - 160210 (SA)
byLyman L. Holton, MBA, BS
 
PPT
Tamu V1 5
bymonacofamily
 
PPTX
USMA 1970 National Conference on Ethics in America
bymonacofamily
 
PPT
Pace Information Exchange Proposal 12 9 05 Final Version
bymonacofamily
 
PPT
Strategic Plans For The Technical And Human Sides Of Convergence
bymonacofamily
 
PPT
National Cabinet Presentation 2009
bymekogan
 
PDF
Hudson Samples
byguestd2728
 
PPT
Timely Emergency Notification Systems
bymonacofamily
 
Resume - Lyman Holton - 160210 (SA)
byLyman L. Holton, MBA, BS
 
Tamu V1 5
bymonacofamily
 
USMA 1970 National Conference on Ethics in America
bymonacofamily
 
Pace Information Exchange Proposal 12 9 05 Final Version
bymonacofamily
 
Strategic Plans For The Technical And Human Sides Of Convergence
bymonacofamily
 
National Cabinet Presentation 2009
bymekogan
 
Hudson Samples
byguestd2728
 
Timely Emergency Notification Systems
bymonacofamily
 

Similar to Recommendation For Improving Authentication For Our Online Systems At Pace V2.0

PPTX
computer security authorization Authentication.pptx
byRajendraKumarVerma10
 
PPTX
Desktop security
byseema
 
DOCX
CHAPTER 7 Authentication and Authorization On
byMaximaSheffield592
 
PDF
OlgerHoxha_Thesis_Final
byOlger Hoxha, CISSP CISM
 
PPTX
2 Laymans Course - LAMP V2.pptx
byssuser2f0fb0
 
PDF
Password Strength Policy Query
byGloria Stoilova
 
PPTX
Passwords
bySonia Rose Mary Karungi
 
PDF
M-Pass: Web Authentication Protocol
byIJERD Editor
 
PPTX
05-Authentication.pptx Software Security
byRahmathMohammed4
 
PPTX
Unit-4-User-Authentication.pptx
byPuskar Bhandari
 
DOCX
Chapter 6Authenticating PeopleChapter 6 OverviewThe th
bysamirapdcosden
 
PDF
A Novel Passwordless Authentication Scheme for Smart Phones Using Elliptic Cu...
byADEIJ Journal
 
PPT
Class 8, 9 and 10
byAl Imam University
 
PPTX
When will passwords die? Research challenges and opportunities in user authen...
byShujun Li
 
PDF
Two factor authentication
byHai Nguyen
 
PDF
Two factor authentication
byHai Nguyen
 
PDF
IRJET- Password Management Kit for Secure Authentication
byIRJET Journal
 
DOCX
Biometric Authentication Technology - Report
byNavin Kumar
 
PDF
8 passwordsecurity
byricharddxd
 
PPT
Electronic Authentication, More Than Just a Password
byNicholas Davis
 
computer security authorization Authentication.pptx
byRajendraKumarVerma10
 
Desktop security
byseema
 
CHAPTER 7 Authentication and Authorization On
byMaximaSheffield592
 
OlgerHoxha_Thesis_Final
byOlger Hoxha, CISSP CISM
 
2 Laymans Course - LAMP V2.pptx
byssuser2f0fb0
 
Password Strength Policy Query
byGloria Stoilova
 
Passwords
bySonia Rose Mary Karungi
 
M-Pass: Web Authentication Protocol
byIJERD Editor
 
05-Authentication.pptx Software Security
byRahmathMohammed4
 
Unit-4-User-Authentication.pptx
byPuskar Bhandari
 
Chapter 6Authenticating PeopleChapter 6 OverviewThe th
bysamirapdcosden
 
A Novel Passwordless Authentication Scheme for Smart Phones Using Elliptic Cu...
byADEIJ Journal
 
Class 8, 9 and 10
byAl Imam University
 
When will passwords die? Research challenges and opportunities in user authen...
byShujun Li
 
Two factor authentication
byHai Nguyen
 
Two factor authentication
byHai Nguyen
 
IRJET- Password Management Kit for Secure Authentication
byIRJET Journal
 
Biometric Authentication Technology - Report
byNavin Kumar
 
8 passwordsecurity
byricharddxd
 
Electronic Authentication, More Than Just a Password
byNicholas Davis
 

More from monacofamily

PPTX
KISS: Proven Strategies to Stay Connected with Online Students!
bymonacofamily
 
PPT
2012-NCEA-Presentation
bymonacofamily
 
PPTX
Ethical hacking
bymonacofamily
 
PPTX
Final Draft of IT 402 Presentation
bymonacofamily
 
PPTX
I I K D For Public Info Version II
bymonacofamily
 
PPT
Trends In Higher Ed
bymonacofamily
 
KISS: Proven Strategies to Stay Connected with Online Students!
bymonacofamily
 
2012-NCEA-Presentation
bymonacofamily
 
Ethical hacking
bymonacofamily
 
Final Draft of IT 402 Presentation
bymonacofamily
 
I I K D For Public Info Version II
bymonacofamily
 
Trends In Higher Ed
bymonacofamily
 

Recently uploaded

PDF
GenerationAI_Paris_2025_Architecting_Intelligence.pdf
byapidays
 
PDF
Spec-Driven Development with Kiro: Elevating Software Quality, Traceability, ...
byHaim Michael
 
PPTX
GenerationAI Paris 2025 | AI in Tech: Beyond Expectations, Into Execution
byapidays
 
PPTX
Introducing VisualSim 2610 The Next Leap in System Level Modeling
byDeepak Shankar
 
PPTX
apidays Paris 2025 | Building Agentic Workflows
byapidays
 
PDF
How AI Can Help Platform Engineers Build Better Platforms
byAll Things Open
 
PDF
Preserve workload integrity during cross-architecture migration
byPrincipled Technologies
 
PDF
TrustArc Webinar - From Trends to Action: Fitting AI Governance into Privacy Ops
byTrustArc
 
PDF
HOW TO OVERCOME THE THREATS OF ARTIFICIAL INTELLIGENCE AGAINST HUMANITY.pdf
byFaga1939
 
PDF
UiPath Modern Automation Playbook -Session 2
bysuhanisingh58689
 
PDF
GDG Cloud Southlake #49: Pradeep R Kumar: Implications of Agentic AI for Iden...
byJames Anderson
 
PDF
Session 1/5: Enhancing Automation with Screenplay & Business Rules
bysuhanisingh58689
 
PDF
final.pdf
byomarbishtawi04
 
PPTX
PPTX game guess the logo with a twistppt
byAdrianAnig
 
PDF
apidays Paris 2025 | API Layer7 Security: Real-World Use Cases (BBVA & Nexi)
byapidays
 
PDF
UiPath Automation Developer Associate Training Series 2026 - Session 3
byDianaGray10
 
PDF
Logical Optimal Actions – Towards Knowledge-based Reinforcement Learning with...
byMichiaki Tatsubori
 
PDF
How does MES(Manufacturing Execution System) work?
byakipii ogaoga
 
PDF
Constraint Collapse and Fidelity Decay in Scaled Language Models
bySemantic Fidelity Lab | A. Jacobs
 
PDF
UiPath Automation Developer Associate Training Series 2025 - Session 4
byDianaGray10
 
GenerationAI_Paris_2025_Architecting_Intelligence.pdf
byapidays
 
Spec-Driven Development with Kiro: Elevating Software Quality, Traceability, ...
byHaim Michael
 
GenerationAI Paris 2025 | AI in Tech: Beyond Expectations, Into Execution
byapidays
 
Introducing VisualSim 2610 The Next Leap in System Level Modeling
byDeepak Shankar
 
apidays Paris 2025 | Building Agentic Workflows
byapidays
 
How AI Can Help Platform Engineers Build Better Platforms
byAll Things Open
 
Preserve workload integrity during cross-architecture migration
byPrincipled Technologies
 
TrustArc Webinar - From Trends to Action: Fitting AI Governance into Privacy Ops
byTrustArc
 
HOW TO OVERCOME THE THREATS OF ARTIFICIAL INTELLIGENCE AGAINST HUMANITY.pdf
byFaga1939
 
UiPath Modern Automation Playbook -Session 2
bysuhanisingh58689
 
GDG Cloud Southlake #49: Pradeep R Kumar: Implications of Agentic AI for Iden...
byJames Anderson
 
Session 1/5: Enhancing Automation with Screenplay & Business Rules
bysuhanisingh58689
 
final.pdf
byomarbishtawi04
 
PPTX game guess the logo with a twistppt
byAdrianAnig
 
apidays Paris 2025 | API Layer7 Security: Real-World Use Cases (BBVA & Nexi)
byapidays
 
UiPath Automation Developer Associate Training Series 2026 - Session 3
byDianaGray10
 
Logical Optimal Actions – Towards Knowledge-based Reinforcement Learning with...
byMichiaki Tatsubori
 
How does MES(Manufacturing Execution System) work?
byakipii ogaoga
 
Constraint Collapse and Fidelity Decay in Scaled Language Models
bySemantic Fidelity Lab | A. Jacobs
 
UiPath Automation Developer Associate Training Series 2025 - Session 4
byDianaGray10
 

Recommendation For Improving Authentication For Our Online Systems At Pace V2.0

  • 1.
    Recommendations for improvingauthentication for our online systems at Pace
  • 2.
    Authentication practices inHigher Education - from bad to good No authentication Weak Passwords Complex Passwords Complex Passwords with frequent mandatory changes, depending on risk Biometrics Multi-Factor bad good
  • 3.
    Current Pace ComplexPassword Rules must not contain more than 3 consecutive characters of your first name, last name, or username must be 8 or more characters long. must contain at least one character from three of these four categories: UPPERcase characters (A, B, C, ...) lowercase character (a, b, c, ...) numbers (1, 2, 3, ...) special characters (! * + - / : ? _ # $) (i.e. must have at least one uppercase letter, one lowercase letter, and one number) must not be one that you have recently used (you cannot use one of your last 3 passwords) cannot be changed more than once every 24 hours
  • 4.
    Some useful hintsfor selecting a password Use the first letters of each word from a song, phrase, or quote and replace some letters with numbers. For example, "Mary had a little lamb who's fleece was white as snow!" would become Mha11wfwwa5! (substituting 1 for l and 5 for s). Include punctuation for a more secure password (only use the allowed special characters, which are ! % * + - / : ? _). Try to make the password as long as possible. The longer the password, the harder it is to crack or guess it. Do not write the password down and place on your desk!
  • 5.
    What some otheruniversities are doing about authentication… Enforced password resets occur routinely at: New York University—all users every 365 days Hofstra University—all users every 180 days New Jersey Institute of Technology—all users every 120 days Cornell University—all users every 180 days Seton Hall University—every 90 days for administrative systems University of Maryland—all users every 180 days Penn State—all users every 365 days Columbia University—faculty/staff every 90 days for ERP SUNY Purchase—faculty/staff every 90 days Note: Rutgers – uses Multi-Factor for some ERP Applications
  • 6.
    Biometric Authentication inHigher Education ECAR, Core Data Services, FY 2006, Chapter 4 In Computer Security, Biometrics refers to authentication techniques that rely on measurable physical characteristics that can be automatically checked. Examples include retinal scans, computer analysis of fingerprints or speech, or other physiological means of user identification for security purposes.
  • 7.
    Multi-Factor (two Factor)Authentication Refers to any authentication protocol that requires more than one form of authentication to access a system. This contrasts with tradition password authentication, which requires only one factor (knowledge of the password) in order to gain access to a system. Three standard kinds of authentication factors are recognized: something you know (like a password or PIN), something you have (like a credit card or Cell Phone), or something you are (like a fingerprint, a retinal pattern, or other biometrics).
  • 8.
    Multi-Factor Authentication in Higher Education ECAR, Core Data Services, FY 2006, Chapter 4
  • 9.
    How to changeyour password go to Pace’s Password Reset Utility (PRU) located at http://pru.pace.edu select Click here at the top of the page for guidelines and help when choosing a complex password review these guidelines and then select Click here to return to the PRU homepage change your password by selecting Change your password and following the prompts
  • 10.
    Recommendation We shouldhave the technical ability to assign risk categories to various classes of users in February, 2008. Once we have this capability, we should publish and enforce guidelines that ask those with the highest access rights to change their passwords more often than those with less access rights. We should continue to investigate Biometrics and Multi-factor for specific user groups
  • 11.
    Questions? More informationis available from the Division of Information Technology: phone: 914 – 773 - 3648 via web: http:// doithelpdesk.pace.edu [email_address] , 914-923-2658