Computer Security - Authentication

Identification

the act of asserting who a person is

Authentication

the act of proving an asserted identity

Something you know

passwords, PINs, secret handshake, mother’s maiden name - should be something no one else can independently learn

Something you are

physical characteristics of the user - biometrics - fingerprint, voice patterns, face

Something you have

ID badge, key, drivers license, uniform

Entropy

a measure of the uncertainty or randomness of a system

use (passwords)

supplying the password for each access can be an inconvenience and time consuming

disclosure (passwords)

Cannot force someone to un-remember it once its been seen

Revocation (Passwords)

cannot take back access after sharing a password

Loss (passwords)

might lose access to the things it protects

hashing

checking if a password is correct without storing it in its original form

rainbow table

precomputed databases of hash values used to crack stolen password hashes by finding a match for a hash in the table instead of generating and hashing every possible password

salted hashes

each user has their own specific key that gets added to the beginning of their password

biometrics

biological properties based on physical characteristics of the human body

false positive

system accepts person B as person A

false negative

system rejects person A as person A

tokens

reduces a digital security problem to a physical security problem, easy for non-tech users to understand, but can be skimmed or lost

multi-factor authentication

combine evidence from two or more categories in order to authenticate - usually something you know + have