Web YOUR DOMAIN NAME

CISSP Study Guide

This Blog is dedicated to help Serious IT Security Practitioners to pass the renowned CISSP exam. It is a must read for those going for the exam and needs total recall

Wednesday, March 08, 2006

IDENTIFICATION AND AUTHENTICATION

PHASES

Identification - What you know(passwords), What you have(tokens etc.) and What you are(biometrics)

Type I Authentication
  • Passwords
    • Character sequence

  • PINs
    • Numbers

  • Passphrases
    • Virtual passwords
  • Strong Passwords
    • Make it a policy
    • Password Length
    • Expiration date
    • Good passwords
    • Watch for mistakes
    • Keep passwords secret
  • Issues for Type I Authentication
    • Weak Password are deployed (wife's name, pet's name , birthdate etc.)
    • Reuse of passwords(passwords although strong are reused everywhere)
    • Writing down of passwords

0 Comments:

Post a Comment

<< Home