Question
Network and application managers need to know who is accessing their systems to determine appropriate access levels. Typically, they require that users create secret passwords.
Network and application managers need to know who is accessing their systems to determine appropriate access levels. Typically, they require that users create secret passwords. A secret password, known only to the user, allows an administrator to feel confident that a user is who the user says he or she is. System administrators even have the authority to determine the characteristics of passwords. For example, they may set a minimum length and require that a password include numbers, symbols, or mixed letter case. They may also require that a user change his or her password every few weeks or months. These approaches have numerous problems:
- Users often forget complicated or frequently changing passwords, resulting in frequent calls to a help desk. The help-desk employee then faces the burden of identifying the employee by some other means and resetting the password. This process takes time and is subject to social engineering.
- Users may write down their passwords. However, this leaves passwords subject to discovery and theft.
- Users often pick the same password for many different accounts, which means that someone who discovers one of these passwords then has the keys to all the accounts.
- Users may pick an easy-to-remember password, which is easy to anticipate and therefore easy to guess. Password cracking programs cycle through entire dictionaries of English language words and common word/number combinations such as smart1 or 2smart4U.
- Users may give away their passwords over the phone (social engineering) or via email (phishing, a type of social engineering) to individuals representing themselves as a system administrator. Perhaps you have already received e-mails purportedly from a financial institution claiming identity or account difficulties and asking you to reconfirm your account information on their authentic-looking Web site.
As you can see, using passwords to identify a person is fraught with problems. Here are some alterations to explore. Look up each authentication approach listed below on the Internet, using the MS Word application, describe the method in your own words (be sure to cite your sources), and briefly list the advantages and disadvantages.
- Biometrics (biological measuring)
- Smart cards
- Bio chips
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started