Biometric authentication is a security process that relies on an individuals unique biologocal characteristics and is used to verify that a person is who they say they are. (1)
What was once a technology only seen in spy movies, biometric authentication is now a common sight in many workplaces and offices. Because biometrics are based on an individual's biology, it is challenging to fake your way through the authentication process.
Different Types of Biometric Authentication
Retina scans: produce an image of the blood vessel pattern in the surface lining of a person's inner eye.
Iris recognition: are used to identify an individual based on unique patterns within the outer region surrounding the pupil of the eye.
Finger Scanning: the digital version of the ink-and-paper fingerprinting process, this simply compares the users finger print to others within the machines data base until a match is found.
Finger vein ID: is based on the unique vascular pattern in an individual's finger.(1)
Facial recognition: systems work with numeric codes called faceprints, which identify points on the human face.(1)
Voice identification: systems rely on characteristics created by the shape of the speaker's mouth and throat.
Firewalls
What are Firewalls?
A firewall is a network security system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented into both hardware and software, and even both together. Network firewalls are frequently used to prevent unauthorized Internet users from accessing private internet connections. All messages entering or leaving the intranet, a private communications network, pass through the firewall, which examines each message and blocks those that do not meet the specified security requirements.
Different Types of Firewalls
Proxy firewall: An early form of firewall device, a proxy firewall serves as the gateway from one network to another for a specific application. Proxy servers can provide additional functionality such as content caching and security by preventing direct connections from outside the network. However, this also may impact throughput capabilities and the applications they can support.(2)
Stateful inspection firewall:Now thought of as a "traditional" firewall, a stateful inspection firewall allows or blocks traffic based on state of the file and protocol. It monitors all activity from the opening of a connection until it is closed. Filtering decisions are made based on administrator-defined rules.
Unified threat management firewall:A unified threat management firewall device typically combines the functions of a stateful inspection firewall with anti-spyware and antivirus. Unified threat management firewalls focus on simplicity and ease of use.
Password Securities
Plain Text Passwords
Password management issues occur when a password is stored in plaintext in an application's properties or configuration file. A programmer can attempt to fix the password management problem by changing the password with an encoding function, such as base 64 encoding, but this effort does not properly protect the password.(3)
Storing a plaintext password in a configuration file allows anyone who can read the file to access the password-protected resource. Developers sometimes believe that they cannot defend the application from someone who has access to the configuration, but this lazy and negative attitude makes a hackers job easier. Good password management guidelines require that a password never be stored in plaintext.
Rainbow Tables
A rainbow table is a listing of all possible plaintext original inputs of encrypted passwords specific to a hash algorithm.
Rainbow tables are often used by password cracking software for network security attacks. All computer systems that require password-based authentication store databases of passwords associated with user accounts, typically encrypted rather than plaintext as a security measure.(4)
Hashing
Instead of storing your password as plain text, a site runs it through a hash function, like MD5, a type of chriptographic hash algorithm, which transforms it into an entirely different set of digits; these can be numbers, letters, or any other characters. Your password could be HQ3abcLT0. That might turn into 7dVq$@ihT, and if a hacker broke into a database, that's all they can see. And it works only one way. You can't decode it back.
Salted Hashing
Salted hashes are based on the practice of a cryptographic nonce, a random set of data generated for each password to stop repeat attacks, typically very long and very complex.(5) These additional digits are added to the beginning or end of a password before it passes through the hash function, to try to deter attackers from trying to make or use rainbow tables.
It generally doesn't matter if the salts are stored on the same servers as hashes; cracking a set of passwords can be hugely time-consuming for hackers, made even tougher if your password itself is long, random, or complicated. That's why you should always use a strong password, no matter how much you trust a site's security.
Questions
What is the worst type of online password security and why?
In what form is a firewall installed? Hardware, software, or both?
What is one type of biometric authentication? How does it work?
What is biometric authentication? - Definition from WhatIs.com. (n.d.). Retrieved from https://searchsecurity.techtarget.com/definition/biometric-authentication
What is proxy firewall? - Definition from WhatIs.com. (n.d.). Retrieved from https://searchsecurity.techtarget.com/definition/proxy-firewall
MrDatabaseMrDatabase 16.4k3897149, & Dave MarkleDave Markle 76k16129158. (n.d.). What is base 64 encoding used for? Retrieved from https://stackoverflow.com/questions/201479/what-is-base-64-encoding-used-for
What is rainbow table? - Definition from WhatIs.com. (n.d.). Retrieved from https://whatis.techtarget.com/definition/rainbow-table
Bates, P. (2016, August 23). How Do Websites Keep Your Passwords Secure? Retrieved from https://www.makeuseof.com/tag/websites-keep-passwords-secure/
Picture #1: Dang, D. L., & Dang, D. L. (2017, December 06). Ethics of Security Authentications - CCA IxD Thesis Writings - Medium. Retrieved from https://medium.com/cca-interaction-design-thesis/ethics-of-security-authentications-1a9247850986
Picture #2: Firewall e Proxy. (n.d.). Retrieved from https://vitalti.site/servicos/firewall-e-proxy
Picture #3: Salesforce Mobile App Development. (n.d.). Retrieved from https://www.dreamstel.com/salesforce/salesforce-mobile-apps-development.html
picture #4: Rainbow_table. (n.d.). Retrieved from http://www.thesecurityblogger.com/understanding-rainbow-tables/rainbow_table/
