Review Of Authentication Methods



Download 446,94 Kb.
Pdf ko'rish
bet2/7
Sana29.05.2022
Hajmi446,94 Kb.
#618479
TuriReview
1   2   3   4   5   6   7
Bog'liq
15.A-Review-Of-Authentication-Methods

2
 
T
YPES OF 
A
UTHENTICATIONS
 
 
2.1 Password Authentication 
This type of authentication requires the supplicant recall what 
he knows. There are two parts in this method. First, the 
supplicant enters the username and second, the password. 
The password is the secret combination of words and 
numbers which the supplicant knows.
 
2.1.1 Strength of Password Authentication 
One of the strength is that longer password is very difficult to 
break. At the point when utilizing passwords, it's imperative to 
utilize solid passwords. A solid secret key has a blend of 
capitalized, lower case, numbers, and unique characters. Now 
security administrators recommend 12 characters passwords. 
A 12 characters password with 94 cardinality and 78.7 bits 
entropy will take 55 days to crack using super computers. And 
using PC it will take 3018 years to crack. Online site such as 
PasswordStrengthCalculator.org 
can be used to test the 
strength of a password [4]. 
 
2.1.2 Password Authentication Vulnerabilities 
Password sniffing is the biggest problem since when the user 
enters the password (Fig.1). An attacker can sniff the 
password at different stages of communication. Even if the 
password is strong, it can easily be known to the attacker [3]. 
A key problem with user name and password, the human 
factor [2]: 

passwords are easy to guess or search if easy to 
remember 

passwords are easily stolen if written down 

users may share passwords 

passwords can be forgotten if difficult to remember

Fig. 1.
 Vulnerabilities in password authentication [2] 
 
With weaker password, the attackers will be able to hack the 
system easily using the brute force method. Most access 
control accepts the password of eight character length. There 
__________________________ 

Nilesh Arvind Lal is a postgraduate student in 
Information Technology in University of Fiji. E-mail: 
nileshlal@rocketmail.com


Salendra Prasad is a postgraduate student in 
Information Technology in University of Fiji. E-mail: 
salen_prasad@yahoo.com


Mohammed Farik is a Lecture in Information 
Technology in the School of Science and Technology 
at the University of Fiji Email: 
mohammedf@unifiji.ac.fj



INTERNATIONAL JOURNAL OF SCIENTIFIC & TECHNOLOGY RESEARCH VOLUME 5, ISSUE 11, NOVEMBER 2016
ISSN 2277-8616 
247 
IJSTR©2016 
www.ijstr.org
are three factors that determine the strength of the password – 
length, cardinality and entropy. A cardinality of 94 means the 
password has been created from a pool of 94 characters 
including uppercase, lower case, numbers and special 
characters. Entropy is the calculated strength of the password 
in bits. For example, a password of eight character length, with 
a cardinality of 94 is equivalent to entropy of 52.4 bits. A 
normal PC will able to crack the 94 cardinality password in 20 
minutes using brute force. Using super computers, it will take 
0.07 seconds to crack. Hence a entropy of 52.4 bits or 8 
character length is a weak password. Social engineering is 
another drawback since it lures users to another site where 
the attackers collect personal information including the 
passwords and username [3]. 

Download 446,94 Kb.

Do'stlaringiz bilan baham:
1   2   3   4   5   6   7




Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling

kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha


yuklab olish