Lecture 2 Flashcards
What are the two steps of authentication?
Identification (announcing who you are) and authentication (proving who you are).
What is multifactor authentication (MFA)?
Using two or more authentication factors (e.g., password + token).
What is the role of a username/login ID?
It determines user authorization and privileges.
How do passwords help with authentication?
They confirm that the user is who they claim to be.
What is a brute-force attack?
Trying all possible password combinations until the correct one is found.
How does a dictionary attack work?
It tries common words and phrases to guess passwords.
What is a rainbow table attack?
Using a precomputed table of hash values to crack passwords quickly.
How does salting improve password security?
It adds random data to passwords before hashing, preventing identical hashes for identical passwords.
What are common password vulnerabilities?
Weak passwords, reuse, phishing, and keyloggers.
What is the role of password aging?
It forces users to change passwords regularly.
How does a trusted path help against spoofing attacks?
It ensures users communicate with the actual system, not a fake login page.
What is token authentication?
A method where users provide a physical token (e.g., smart card) for authentication.
What is biometric authentication?
Identifying a user based on unique physical characteristics.
Give three examples of biometric authentication methods.
Fingerprints, iris scanning, voice recognition.
What are false match rate (FMR) and false non-match rate (FNMR)?
FMR: Rate of incorrectly accepting an unauthorized user; FNMR: Rate of incorrectly rejecting an authorized user.
What is remote user authentication?
Authenticating users over a network (e.g., logging in via the Internet).
Name one security threat to remote authentication.
Replay attacks (reusing captured login credentials).
