Presentation is loading. Please wait.

Presentation is loading. Please wait.

Authentication and Account Management

Published byKellie Strickland Modified over 6 years ago

Similar presentations

Presentation on theme: "Authentication and Account Management"— Presentation transcript:

1 Authentication and Account Management
MTI College

2 Objectives Describe the different types of authentication credentials
Explain what single sign-on can do List account management procedures

3 Authentications Credentials
What you have? What you know? What you are? Where you are? What you do?

4 Passwords Complex does not always mean better  Risk
Each password should be unique Passw0rd is not more secure than Password. Lets take a look at some common passwords (Are you on this list) Statistical analysis

5 Password Attacks Social Engineering Capturing Resetting Bruteforce
Dictionary Attack Hybrid Attack Rainbow Tables Password Collections

6 Password Defenses Do not use dictionary words Do not repeat characters
Password complexity Longer passwords are always more secure See table 12-2 Credential Managemetn Keepass (Demo)

7 Password Hashing Demo – John the Ripper Microsoft Windows: Salts
LAN Manager hash New Technology LAN Manager hash Salts

8 What You Have? Tokens: Small device which grants the user a number. These tokens are referred to as one-time password (OTP) Time Based HMAC-Based – Event Based (Pin) Cards Integrated Chip Requires card reader Common Access Card (CAC) Cell Phones Can replace Cards and Tokens

9 What You Are? Biometrics
Utilize unique physical characteristics for authentication. Fingerprint Scanners Static – Take a whole picture for analysis Dynamic – Swipe your finger for analysis Cognitive Biometrics

10 What You Do? Keystroke Dynamics Voice Recognition
Recognize unique typing rhythm Dwell time – time it takes for a key to be pressed and then release Voice Recognition Authenticate users based on unique characteristics of voice.

11 Where You Are? Geo-Location

12 Single Sign-On Federated Identity Management (FIM) (Federation)
Utilizing one authentication credential to access multiple accounts or applications. Reduce number of usernames/passwords Single point of entry Microsoft Account – office 365 OpenID – Opensource is a URL based identity system.

13 Account Management Password History Max Password Age Min Password Age
Minimum Password Length Passwords must meet complexity requirements Store passwords using reversible encryption (ALL OF THESE SHOULD BE SET IN GROUP POLICY)

Download ppt "Authentication and Account Management"

Similar presentations

Lecture 6 User Authentication (cont)

Lecture 6 User Authentication (cont)
Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 3 “User Authentication”.

Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 3 “User Authentication”.
COEN 350: Network Security Authentication. Between human and machine Between machine and machine.

COEN 350: Network Security Authentication. Between human and machine Between machine and machine.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (7) AUTHENTICATION.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (7) AUTHENTICATION.
Security+ Guide to Network Security Fundamentals, Fourth Edition

Security+ Guide to Network Security Fundamentals, Fourth Edition
Security+ Guide to Network Security Fundamentals, Third Edition

Security+ Guide to Network Security Fundamentals, Third Edition
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 8 Authentication.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 8 Authentication.
CS470, A.SelcukAuthentication Systems1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukAuthentication Systems1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
NS-H0503-02/11041 System Security. NS-H0503-02/11042 Authentication Verifying the identity of another entity Two interesting cases (for this class): –Computer.

NS-H /11041 System Security. NS-H /11042 Authentication Verifying the identity of another entity Two interesting cases (for this class): –Computer.
CSCI 530 Lab Authentication. Authentication is verifying the identity of a particular person Example: Logging into a system Example: PGP – Digital Signature.

CSCI 530 Lab Authentication. Authentication is verifying the identity of a particular person Example: Logging into a system Example: PGP – Digital Signature.
.  Define authentication  Authentication credentials  Authentication models  Authentication servers  Extended authentication protocols  Virtual.

.  Define authentication  Authentication credentials  Authentication models  Authentication servers  Extended authentication protocols  Virtual.
Security-Authentication

Security-Authentication
Dr. John P. Abraham Professor UTPA.  Particularly attacks university computers  Primarily originating from Korea, China, India, Japan, Iran and Taiwan.

Dr. John P. Abraham Professor UTPA.  Particularly attacks university computers  Primarily originating from Korea, China, India, Japan, Iran and Taiwan.
Nothing is Safe 1. Overview  Why Passwords?  Current Events  Password Security & Cracking  Tools  Demonstrations Linux GPU Windows  Conclusions.

Nothing is Safe 1. Overview  Why Passwords?  Current Events  Password Security & Cracking  Tools  Demonstrations Linux GPU Windows  Conclusions.
OV 11 - 1 Copyright © 2011 Element K Content LLC. All rights reserved. System Security  Computer Security Basics  System Security Tools  Authentication.

OV Copyright © 2011 Element K Content LLC. All rights reserved. System Security  Computer Security Basics  System Security Tools  Authentication.
Tonight 1) Where we are 2) Article Presentation(s) 3) Quiz 4) Lecture 5) In-class lab(s)

Tonight 1) Where we are 2) Article Presentation(s) 3) Quiz 4) Lecture 5) In-class lab(s)
Access and Identity Management System (AIMS) Federal Student Aid PESC Fall 2009 Data Summit October 20, 2009 Balu Balasubramanyam.

Access and Identity Management System (AIMS) Federal Student Aid PESC Fall 2009 Data Summit October 20, 2009 Balu Balasubramanyam.
CIS 450 – Network Security Chapter 8 – Password Security.

CIS 450 – Network Security Chapter 8 – Password Security.
Chapter-2 Identification & Authentication. Introduction  To secure a network the first step is to avoid unauthorized access to the network.  This can.

Chapter-2 Identification & Authentication. Introduction  To secure a network the first step is to avoid unauthorized access to the network.  This can.
1 Lecture 8: Authentication of People what you know (password schemes) what you have (keys, smart cards, etc.) what you are (voice recognition, fingerprints,

1 Lecture 8: Authentication of People what you know (password schemes) what you have (keys, smart cards, etc.) what you are (voice recognition, fingerprints,

Similar presentations

Ads by Google