Authentication Factors Flashcards

1
Q

What steps do you take to

access a system?

A

Identification
Authentication
Authorisation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the three categories of Authentication Factors

A

Knowledge factors:
Possession factors:
Inherence factors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Inherence factors:

A

An inherence factor is something you are, an inherent biometric characteristic such as a fingerprint, voice or iris pattern.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Knowledge factors:

A

A knowledge factor is something you know, such as a user name and password.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Possession factors:

A

A possession factor is something you have, such as a smart card or a security token.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is a ‘secure’ password?

A
  • Mix upper and lower case
  • Use numbers
  • Don’t use common words
  • Use special characters
  • At least X characters long
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Entropy of a random password
• k = number of bits
• l= length of password
• b = number of characters in the alphabet

A
  • 2^k

* H = log2(b^l)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Ways of Attacking Passwords

A
  • Brute force

* Dictionary

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

How would you store passwords?

A
  • Encrypt
  • Hash
  • Add a salt
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is a “Look up table attack”

A

• pairs are stored
• You can then search for a hash, and establish
the corresponding password

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are the issues with Behavioural Biometrics

A
  • Not very distinctive

* Text-dependent or text-independent

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are the measures of Accuracy for biometrics

A

• True accept rate
• True reject rate
• False accept rate – measure of the likelihood
of false acceptance
• False reject rate – measure of the likelihood of
false rejection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly