The most authentication method
for identification legitimate users of a computer system or a service is user
name and password pair In this effort, the user name is the unique identify of
a particular user among all the user and it is used as an index to reserve all
the facilities belong to that particular user within the scope of the system.
In contrast, the password is something secret between the system and the user
and the system always make sure to hide it from the visibility all the time.
Therefore, when someone is typing
the password, the characters will be substitute with difference characters to
avoid it from gained by a third party. However, to firmly understand the
concept, one would find answers to the following questions.
·
Why authentication is so important?
·
What is the strength of password security?
In a multi-user computing
platform, the authentication is the process by which the system validates the
user’s login information. The login information is compared against as
authorized users list, and if the system detects a mach, this system identifies
the user as a legitimate user and the access is granted to the extent specified
in the permission list for that user. The authentication require may be require
may be supported to process a user’s
personal files, personal information, email information, email account, bank
account, enabling or disabling a service like database server, access to remote
systems, or a transaction like money transfer.
One could imagine the situation
if an intruder gains the user name and password of a legitimate user. The
intruder can offer great suspires not only to the legitimate user, but to other
users as well, The intruder may access other machines on the network and
capture information about the other users, penetrate the control of the system
and even breach of the security of those systems. Having gained the access to
someone’s online bank account may bell items to the actual owners account or
transfer money to someone else’s account.
There are many concerns for
password protected access control mechanism. From the user’s perspective, many
users do not gain the actual power of this method, because it is something one
has to keep in mind, and thus the users tend to use short password of
predictable password. The second threat for password hacking. In this effort
hackers use many tools, such as dictionary programs and sniffers, to assist
them.
In the dictionary attack, the
pregame passes every work in a dictionary to the authentication system. If a
correct match is found, the system grants the access to the dictionary program
and the matching word would be the password. Another similar approach is the
brute force attack, where each and every combination of an alphabet is tried.
However, if the password is unpredictable and sufficiently large, the
dictionary and brute force attacks can mostly be defeated.