Team: SuperBad Cats MSIT 458 – Dr. Chen Authentication through Password Protection.

Slides:

Advertisements

Similar presentations

ControlSphere is a computer security and automation solution designed to protect user data and automate most of authentication tasks for the user at work.

Advertisements

Office 365 Identity June 2013 Microsoft Office365 4/2/2017

Subtitle Version or Date Presentation TitleIntroduction to using BCeSIS Module 2.

Agenda AD to Windows Azure AD Sync Options Federation Architecture

Core identity scenarios Federation and synchronization 2 3 Identity management overview 1 Additional features 4.

Team: SuperBad Cats MSIT 458 – Dr. Chen Authentication through Password Protection.

Configuring SharePoint 2013 and Office 365 Hybrid – Part 1

Password Security An overview. We need your help The IT department uses the latest technology and techniques to maintain the highest level of security.

(you must put the “s” in https to access)

 61% of people reuse the same password on multiple sites.  44% change their password only once a year or less.  Password theft increased by 300% in.

SECURITY What does this word mean to you? The sum of all measures taken to prevent loss of any kind.

Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication.

Sessions about to start – Get your rig on!. Notes from the field – Implement Hybrid Search and OneDrive for Business Chris Zhong - Microsoft Aaron Dinnage.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 4 Profiles, Password Policies, Privileges, and Roles.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

How to Login into SSA ?. Home Page Click on My Profile.

Single Sign-on Integration (SSI) MSIT 458 – Information Security Project Part 2 Prepared for Professor Yan Chen Prepared by Team Triad Radu Bulgaru Moniza.

High-Tech Product Innovation Challenge Problem #2 Password Manager Group 1 Jason Chen Karthik Karuppasamy.

Identity Management in Education. Welcome Scott Johnson, NetProf, Inc. Creator of OmnID Identity Management for Education

Managing User Accounts, Passwords and Logon Chapter 5 powered by dj.

1 DoD Cardholder Self Registration November 21, 2008.

Designing Active Directory for Security

Security Planning and Administrative Delegation Lesson 6.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 4 Profiles, Password Policies, Privileges, and Roles.

Microsoft ® Virtual Academy Module 3 Understanding Security Policies Christopher Chapman | Content PM, Microsoft Thomas Willingham | Content Developer,

Identity on Force.com & Benefits of SSO Nick Simha.

8.1 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 8: Planning.

Meditech is the EMR system utilized by St. Mary’s Health Care System and can be accessed remotely from your home/office. If needed, our physician liaison.

User Management: Passwords cs3353. Passwords Policy: “Choose a password you can’t remember and don’t write it down”

Identity Management 20/01/2005 Abhai Chaudhary. Facts Today, many organizations routinely create and manage user identities and access privileges in 25.

Riva Managed Identity Integration for Active Directory and Novell ® GroupWise ® Aldo Zanoni CEO, Managing Director Omni Technology Solutions

Security PS Evaluating Password Alternatives Bruce K. Marshall, CISSP, IAM Senior Security Consultant

Identity Decision Tree Framework Quick Reference Guides.

Web Timesheet Application

INFORMATION SECURITY FOR ACCESS PROVISIONING: THE BOEING COMPANY T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR April 26, 2009.

Office 365 Directory Synchronization Update: Deploying Password Sync.

Access resources in a federation partner organization.

Adxstudio Portals Training

Building Structures. Building Relationships. Passwords February 2010 Marshall Tuck.

Privilege Management Chapter 22.

MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter One Introduction to Exchange Server 2003.

Identity Management, Federating Identities, and Federations November 21, 2006 Kevin Morooney Jeff Kuhns Renee Shuey.

Password Security Module 8. Objectives Explain Authentication and Authorization Provide familiarity with how passwords are used Identify the importance.

Internet2 Base CAMP Topics in Middleware: Authentication.

11 SECURITY PLANNING AND ADMINISTRATIVE DELEGATION Chapter 6.

Passwords New Policies and You. New Password Policies Passwords Must Be Unique. (cannot be reused within 1 year) Minimum Password Length: 6 Maximum Password.

Agenda  Microsoft Directory Synchronization Tool  Active Directory Federation Server  ADFS Proxy  Hybrid Features – LAB.

F5 APM & Security Assertion Markup Language ‘sam-el’

Business Objects XIr2 Windows NT Authentication Single Sign-on 18 August 2006.

Understanding Security Policies Lesson 3. Objectives.

ADFS - Does it Still have a Place? Fitting into the EMS puzzle Frank C. Drewes III 2016 Redmond Summit | Identity.

Azure Active Directory Uday Hegde 2016 Redmond Summit | Identity Without Boundaries May 26, 2016 Group Program Manager, Azure AD

PremierPoint Solutions Announces Significant New Features in Extranet Collaboration Manager for SharePoint 2013 R2 1888PressRelease - PremierPoint Solutions.

Understanding Security Policies

Changing your Password

MANAGEMENT of INFORMATION SECURITY, Fifth Edition

Stop Those Prying Eyes Getting to Your Data

Authentication Interact Cloud.

Chapter One: Mastering the Basics of Security

Configuring Windows Firewall with Advanced Security

© 2015 Air Force Association

Microsoft - Managing Office 365 Identities and Requirements

Cloud Connect Seamlessly

Hybrid Search Planning Implementation.

M3: Guidance for choosing the right integration option

Understanding Security Policies

Online tendering system for United Nations Development Programme

Azure AD Simon May Technical Evangelist.

Microsoft Virtual Academy

Presentation transcript:

Team: SuperBad Cats MSIT 458 – Dr. Chen Authentication through Password Protection

Background to the Problem: Companies require password protection on many important systems within their company Various systems may have differing password requirements – Requiring users to create and recall different passwords for different systems Various systems may be used only sparingly by certain users – Users may forget their password after a period of non-use Companies often require a new password after a given period of time – Requiring users to create and recall different passwords for different systems

Password Reset User Support: Call support (authenticity and validation) – Time Spent on Resets – Quantity of Resets per Year – Cost per call – Why they call Web-based password reset (setup by users with challenge questions) – Confidentiality – Authenticity – Integrity – Availability

Problem: Too many passwords Can’t remember passwords Too complex Too easy Can't remember answers to challenge questions Don't know the password complexity rules In Summary: Maintaining multiple passwords for a single user to access necessary systems results in excessive work time lost and cost to the company

Password Complexity: Sample Company Enforce password history 24 passwords remembered Maximum password age 90 days Minimum password age 1 days Minimum password length 8 characters Password Dictionary Blacklist "%Company Name%” Password must meet complexity requirements Enabled (see below) Complexity Requirements: – Not contain the user's account name or parts of the user's full name that exceed two consecutive characters – Be at least eight characters in length – Contain characters from three of the following four categories: English uppercase characters (A through Z) English lowercase characters (a through z) Base 10 digits (0 through 9) Non-alphabetic characters (for example, !, $, #, %) – Complexity requirements are enforced when passwords are created or changed.

Potential Solutions: Identity Management Software – Examples: Forefront Identity Mgr, Novell Identity Mgmt Solution, Oracle Identity Mgr Leverage Global Active Directory (GAD) – Active Directory Federation Services (ADFS) Password Synchronization – Password Change Notification Service (PCNS) Single Sign On – Pass Threw Authentication (Handshake), Kerberos, NTLM, SAML 2.0, Cloud Identity Other Options – RSA Token, Biometric, Near Field Communication (NFC), RFID (Proxy), Retina, Social Media (Ex: Facebook)

Authentication through Password Protection Team: SuperBad Cats MSIT 458 – Dr. Chen