0% found this document useful (0 votes)
39 views12 pages

Computer Network Security: Topic: User Authentication

This document discusses user authentication in computer networks. It defines user authentication as accurately determining a user's identity. There are three main means of user authentication discussed: password authentication, token authentication, and biometric authentication. Password authentication is the most widely used method, but passwords are vulnerable to guessing and hacking. The document recommends using stronger passwords and other authentication methods like tokens and biometrics to improve security.

Uploaded by

Meher Fatima
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
39 views12 pages

Computer Network Security: Topic: User Authentication

This document discusses user authentication in computer networks. It defines user authentication as accurately determining a user's identity. There are three main means of user authentication discussed: password authentication, token authentication, and biometric authentication. Password authentication is the most widely used method, but passwords are vulnerable to guessing and hacking. The document recommends using stronger passwords and other authentication methods like tokens and biometrics to improve security.

Uploaded by

Meher Fatima
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 12

Computer Network Security

Topic:
User Authentication

Name: Farhat Mumtaz


Roll no: CPE-2017-37

1
CONTENT
• User Authentication
• Means of user Authentication
• Password Authentication
• Password vulnerabilities
• Using better passwords
• Token authentication
• Biometric authentication

2
User Authentication
• User Authentication means that system accurately determines
user’s identity
• Examples
• files readable only by their owner
• only certain users should be able to add or delete system
accounts.
• User authentication process consist of two steps:
• 1. Identification
• 2. verification

3
Means of User Authentication
• Following are the general means of user authentication
1. Password Authentication
2. Token Authentication
3. Biometric Authentication

4
Password Authentication
• Widely used authentication method
- User provides name/login and password.
-System compares password with that saved for specified login.
• Authenticate ID of user logging and
- That the user is authoriz4ed to access system
- Determines the user’s privileges
-Is used in Dictionary Access Control.

5
Password Vulnerabilities
Following are the attack strategies:
1. Offline dictionary attack:
A hacker gain access to the system password file.
Compares the password hashes against hashes of commonly used
password.
2. Specified account attack:
Attack target a specified account and submits password guesses until
the correct password is discovered.
3. Popular password attack/A single user:
The attacker attempts to gain knowledge about the account holder and
system password policies and uses that knowledge to guess the
password.
4. Workstation hijacking: 6
The attacker waits until a logged-in workstation is unattended.
5. Exploiting user mistake:
User is more likely to write it down password, because it is
difficult to remember.
6. Exploiting multiple password use:
Similar password for a many application.
7. Electronic monitoring:
If a password is communicated across a network to log on to a
remote system., it is vulnerable to eavesdropping.

7
Using better passwords
• Clearly have problems with passwords.
• Goal to eliminate guessable passwords.
• At the same time, easy for user to remember.
• Four basic techniques:
1.user education:
2.computer-generated passwords
3. reactive passwords checking
4.proactive password checking
1.User education:
provide users with guideline for selecting strong password.
Users can be told the importance of using hard-to-guess 8
password.
2. Computer generated password:
Poor acceptance by users.
Random in nature, users will not remember.
3. Reactive password checking:
System periodically runs its own password cracker to find
guessable password.
4. Proactive password checking:
User selects own password which the system then checks to see
if it is allowable and if not rejects it.

9
Token Authentication
• Objects that a user posseses for the purpose of user
authentication are called token.
1. Embossed: Raised character only, on front, e.g, Old credit
card.
2. Magnetic strip: Magnetic bar on back, characters on front,
e.g, Bank card.
3. Memory: Has electronic memory inside, e.g, Prepaid phone
card.
4. Smartcard: Has electronic memory and processor inside,
e.g, Biometric ID Card.

10
Biometric Authentication:

• Biometric authentication system authenticates an individual


based on unique.
• Physical characteristics: like Fingerprints, hand geometry,
facial characteristics and retinal and iris pattern.
• Dynamic characteristics: like voiceprints and signature.

11
Thank you
Any Question?

12

You might also like