Multi-factor-authentication model

While researching the topic of multi-step-authentication I found a useful model describing the way two/three step authentication works:

(Mohammed and Yassin, 2019)

The model describes how two/three step authentication works. It demonstrates all three steps of gathering something you know - usually password - with something you are - usually fingerprint or eye scan - and something you have - usually your mobile phone via SMS or pre-installed software.

Such model provides more security for the authentication process and is becoming more popular every day (Febrache, 2016). Multi-step authentication eliminates a number of security holes by insuring that even if frauds get access to a password or physical token, they still will not be able to log in into the system.

References:

Mohammed, A.J., Yassin, A.A. (2019) Efficient and Flexible Multi-Factor Authentication Protocol Based on Fuzzy Extractor of Administrator’s Fingerprint and Smart Mobile Device, ResearchGate. Available from: https://www.researchgate.net/figure/Multi-factor-authentication_fig2_335709093 [Accessed November 23, 2021].

Febrache, D. (2016) ‘Passwords are broken – the future shape of biometrics’, Biometric Technology Today, 2016(3), pp. 5–7. Available from: https://www.sciencedirect.com/science/article/pii/S0969476516300492 (Accessed: 27 October 2021).

Comments

Software review: Hashcat

In the following blogpost the way I used software called hashcat in my project is described. The example of using this software for dictionary attack is demonstrated. In my work I used information provided by Tavarez (2020) . According to Porup (2020) hashcat is one of the most popular password crackers all around the world. Moreover, hashcat is included in the list of basic tools in Kali linux – linux distribution widely used by cybersecurity specialists. I installed Kali linux virtual machine in order to use this program and to show the example of a dictionary attack (Author's screenshot) However, before looking at the examples of using hashcat on practise, it is useful to understand in which areas hashcat is using. In plain words, hashcat is a password guesser which includes a number of features and pre-installed functionalities for cracking passwords by penetrating brute-force and dictionary attacks. The way it works is not too sophisticated, it hashes considerable numbe...

Gantt Chart

The Link to my project management gannt chart on google docs

Major project theme

Every person has heard about how important it is to have a well-built strong password. An essential number of people would agree that password hygiene is as important as the personal hygiene is, since violation of first may lead to much more serious consequences. However, the statistics show that 59% of users use their names and dates of birth as their passwords, 43% shared their passwords with other people and only 45% would change a password after a breach (O’Driscoll, 2020). The aim of this post is to show how to create strong passwords. It is necessary to know how passwords are cracked in order to properly understand what password can be referred as strong one. There are to ways to execute an attack: online and offline. Online attack is done by trying different passwords one by one through a normal log in process. Usually, such attacks are unsuccessful since they are easy to detect and block if necessary (Burnett and Kleiman, 2006). I think everybody encountered situatio...

My Academic Journey

Search This Blog