Authentication Network and application managers need to know who is accessing their systems to determine appropriate access
Question:
• Users often forget complicated or frequently changing passwords, resulting in frequent calls to a help desk. The help-desk employee then faces the burden of identifying the employee by some other means and resetting the password. This process takes time and is subject to social engineering.
• Users may write down their passwords. However, this leaves passwords subject to discovery and theft.
• Users often pick the same password for many different accounts, which means that someone who discovers one of these passwords then has the “keys” to all the accounts.
• Users may pick an easy-to-remember password, which is easy to anticipate and therefore easy to guess. Password-cracking programs cycle through entire dictionaries of English language words and common word/number combinations such as “smart1” or “2smart4U.”
• Users may give away their passwords over the phone (social engineering) or via e-mail (phishing, a type of social engineering) to individuals representing themselves as a system administrator. Perhaps you have already received e-mails purportedly from a financial institution claiming identity or account difficulties and asking you to “reconfirm” your account information on their authentic-looking Web site. As you can see, using passwords to identify a person is fraught with problems. Here are some alternatives to explore. Look up each authentication approach listed below on the Internet, describe the method in your own words (be sure to cite your sources), and briefly list the advantages and disadvantages.
a. Biometrics (biological measuring)
b. Smart cards
c. Biochips
Fantastic news! We've Found the answer you've been seeking!
Step by Step Answer:
Related Book For
Management information systems
ISBN: 978-0073376813
10th edition
Authors: James A. O Brien, George M. Marakas
Question Posted: