This presentation is part of the Authentication Overview Self-Study Course.

Transcript

For password authentication, the oldest form of authentication, the password is the secret information used to verify your identity vis-à-vis the system you’re trying to access.  Passwords and personal identification numbers (PINs) are used to control access to everything from protected computer systems, mobile phones, cable TV decoders, to automated teller machines. Passwords are inherently insecure.  In order to make it harder for hackers to break into a computer system, users are advised to increase the password strength by using hard-to-guess combinations of numbers and mixed-case keyboard characters.

Passwords can be hacked in several ways:

• Brute force is the most time-consuming method.  It involves a program that tries every combination of letters, numbers, and keyboard characters to guess your password.
• Dictionary attacks try commonly used words and names, but also number and letter combinations, such as 11111 and abc123.  Simple passwords such as "duke" or "ilovemydog" can easily be guessed.
• Social engineering involves soliciting a password directly from a user, usually without the person even realizing it.