Enhancing Security: One-Time Passwords, Biometrics, Smart Cards, Slides of Computer Security

Various authentication methods including one-time passwords, challenge response, biometrics, and smart cards. It covers the use of hand-held authenticators, secret keys, encryption, and devices with personal identification numbers (pin). The document also addresses problems with biometric authentication and provides solutions for forgotten windows xp home passwords.

Typology: Slides

2012/2013

Uploaded on 04/22/2013

satheesh
satheesh 🇮🇳

4.5

(11)

85 documents

1 / 19

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Identification and Authentication
Microsoft support
Docsity.com
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13

Partial preview of the text

Download Enhancing Security: One-Time Passwords, Biometrics, Smart Cards and more Slides Computer Security in PDF only on Docsity!

Identification and Authentication

Microsoft support

One-time Password

Use the password exactly once!

Time Synchronized

Secret key

Time

One Time Password

Encryption

Challenge Response

Work station Host

Network

  • Non-repeating challenges from the host is used
  • The device requires a keypad

User ID Challenge Response

Devices with Personal Identification

Number (PIN)

  • Devices are subject to theft, some devices

require PIN (something the user knows)

  • PIN is used by the device to authenticate the

user

  • Problems with challenge/response schemes
    • Key database is extremely sensitive
    • This can be avoided if public key algorithms are

used

Smart Cards

  • Portable devices with a CPU, I/O ports, and

some nonvolatile memory

  • Can carry out computation required by public

key algorithms and transmit directly to the

host

  • Some use biometrics data about the user

instead of the PIN

Problems with Biometrics

  • Expensive
    • Retina scan (min. cost) about $ 2,
    • Voice (min. cost) about $ 1,
    • Signature (min. cost) about $ 1,
  • False readings
    • Retina scan 1/10,000,000+
    • Signature 1/
    • Fingerprint 1/
  • Can’t be modified when compromised

Home Computer Security

Problem: You don’t remember your

password

Solutions:

1. Verify that you have typed the letters of your

password in the correct case

2. Access a password hint on the Welcome

screen

3. Use a password reset disk

4. Log on as administrator to assign a new

password to your account

Password Case Sensitivity

• Check CAPS LOCK key

Question: Why do you want to use combination

of symbols for your password?

Create a Password Reset Disk

  • Click Start , and then click Control Panel
  • Double-click User Accounts
  • Click your user account, and then click Prevent a

forgotten password. The Forgotten Password

Wizard starts

  • Follow the instructions
  • NOTE: A password reset disk is valid until you create

a new one; even if you change your password

Using the Password Reset Disk

  • Create a password reset disk for your user account at

the earliest opportunity

  • How to use the password reset disk
    • Microsoft Windows remembers if you have created a password reset disk. Just click use your password reset disk
    • Follow the instructions of the Password Reset Wizard

Question: Why should you safeguard your password

reset disk?

Reset the Password

  • Click Start , click Control Panel , and then double-click User Accounts
  • Click your user account, and then click Change the password
  • Enter a new password, enter it again to confirm the password, and then set a password hint. Click Change Password
  • Set a password for the administrator account if you had none

Question: Why is it recommended that you assign a password to the Administrator account?