The use of passwords serves to authenticate the user against the identity verification process of any service that requires it. In this way, it is ensured that the user is really who he says he is and not an impostor. The password must be kept secret from those who are not allowed access.
The authentication system based on user and password is still the most extended to access the different online services. However, there are other ways to authenticate ourselves that involve another element. We go from “something I know“, i.e. a password, a key or a PIN, to “something I have“, such as a USB token or a coordinate card.
It is very important to define password policies to improve the security of applications. They define the rules that a user must follow when specifying their password or trying to log into the app.
● Length and use of special characters in the password
● Blocking after repeating credentials incorrectly
● Avoiding the reuse of passwords
● Password expiry
● Minimum period between password changes
● Make sure that the password does not include the user name
Today, it is common to use biometric authentication as a complement to classic passwords. Biometric authentication uses the unique characteristics of the user’s body for identification. This form of authentication is difficult to replicate and therefore has the highest level of integrity.
The most common types of biometric authentication include:
● Iris scanning
● Fingerprint Scanning
● Facial recognition
● Voice recognition