2.1.3 Unauthorized access and data corruption

The use of passwords serves to authenticate the user against the identity verification process of any service that requires it. In this way, it is ensured that the user is really who he says he is and not an impostor. The password must be kept secret from those who are not allowed access.

Lesson goals and objectives

In this lesson you will learn:

  • Identify the factors that compromise cyber security
  • Understand the legislation that relates to online security and data management
  • Evaluate the most effective ways to plan for and respond to breaches in online security and data management

The authentication system based on user and password is still the most extended to access the different online services. However, there are other ways to authenticate ourselves that involve another element. We go from “something I know“, i.e. a password, a key or a PIN, to “something I have“, such as a USB token or a coordinate card.

It is very important to define password policies to improve the security of applications. They define the rules that a user must follow when specifying their password or trying to log into the app.

● Length and use of special characters in the password
● Blocking after repeating credentials incorrectly
● Avoiding the reuse of passwords
● Password expiry
● Minimum period between password changes
● Make sure that the password does not include the user name

Today, it is common to use biometric authentication as a complement to classic passwords. Biometric authentication uses the unique characteristics of the user’s body for identification. This form of authentication is difficult to replicate and therefore has the highest level of integrity.

The most common types of biometric authentication include:
● Iris scanning
● Fingerprint Scanning
● Facial recognition
● Voice recognition

Drag the words