Time
31 hours 29 minutes
Difficulty
Beginner
CEU/CPE
30

Video Description

What is Authentication? This lesson covers different methods for user authentication. User authentication is simply proving who you are. There are many methods that can be used for authentication and it is not just for confidentiality; authentication can also be used for non-repudiation purposes. Repudiation is when there is an issue and someone tries to say they did not cause it so authentication holds people accountable. Factors of authentication include:

  • Something you have
  • Something you know
  • Something you are

There is also multifactor/two factor authentication: - Badge and Personal Identification Number (PIN)

  • Fingerprint and password

Video Transcription

00:04
Hi and welcome to Cyber Eri. My name's Anthony and I'm your local subject matter expert for Network Plus And today we're gonna be talking about different methods for user authentication.
00:13
So what is use your authentication? Well, user authentication is simply proving who you are. You're proving you're the person that you say you are.
00:23
Computers and user log ins into our network. Don't just go on
00:28
word of mouth. You can't just logged into a computer and then say I'd like to log in as administrator, please. And then the computer says, Do you promise you're the administrator? We say, Yeah, okay, you're in.
00:39
That's not the way that use. That's not the way that computers work. That's not the way that our network should work. And if that was the way that computers and networks work, then there'd be a lot less confidential data stored on computers and stored on networks. So we need a way that we can pass authentication. We need a way that we can prove that we are who we say we are
00:58
without exposing that data to other people so that they could try to falsely impersonate us.
01:03
So many methods of authentication can be used. We're gonna talk about a lot of different ways that we can authenticate ourselves as a lot as well as how a lot of the different protocols that we can use for authentication. We're gonna talk about cryptography a little bit and how some of our how mathematically some of our cryptography works
01:22
in our authentication in order to protect our passwords
01:25
and to protect and to ensure that we are who we say we are. And
01:30
authentication is not just four confidentiality. We're not just proving that we are who we say we are for the sake of protecting the confidentiality of data. But we're also you. We also want to make sure that authentication is strong for something called non repudiation.
01:49
Repudiation is essentially when we try and say that something, we didn't do something.
01:56
If someone
01:57
logs into a network and then goes out and downloads malicious tools and then tries to use them against our servers than authentication lets us see who was logged in and who did that and we can go to that person, we can prosecute them. And if they say Oh, that wasn't me. That was someone else.
02:15
then we can point to their several Loggins and say, OK, then who did you give your log in information, too?
02:22
Or who stole your log in information
02:23
repudiation? Is someone being able to say that? Is someone being able to go? That wasn't me. I didn't do that. I don't know what you're talking about. That wasn't I wasn't I wasn't there that day. I didn't log in. Non repudiation is us making it harder for people to say That wasn't me.
02:39
More and more governments are issuing smart cards where you have to have a smart card and pin number to log into a machine, a CZ well as additional user names and passwords, which may be in play. So if some sort of fraudulence or some sort of illegal activity occurs on someone's account
02:58
and then they try to say that wasn't me,
03:00
then we say, Well, then you should. Then someone would have had to have your card and your pin. So that means either someone stole your car or someone stole the certificates off of your card and you didn't report any of that stolen. So non repudiation helps us to better be able to prosecute people
03:15
and better be able to track down who performed certain actions on our network.
03:21
So that's authentication, authentication, proving that we are who we say we are.
03:25
Now, before we get into the technical side of the house, we're gonna need to talk about some of the general concepts of authentication. And the first thing that we're gonna talk about for authentication is our factors of authentication in the world today. In the world of I t today we currently have three main categories of office
03:46
authentication factors.
03:47
These are something we have
03:50
something you know,
03:52
and something you are something you have includes things such as a badge and I D card
04:00
A. R s, a token with numbers that are being generated on them.
04:03
Something you have is an authentication method that you need to have a particular piece of, ah, physical object in order to authenticate that. Something that you have
04:16
something you know
04:18
is knowledge. It's you could technically write it down or you could record it. But it's something that you don't necessarily need to have a physical object with you. It's something that you just know, and you can pass along that knowledge of someone else. These include things such as pin numbers, passwords, user names. These are things that we know.
04:39
And then lastly, we have something that you are something that you are includes biometric means.
04:46
Then your print iris scan, retinal scan, voice recognition, facial recognition. These are things that are something that you are as we
04:55
introduced new I t. Concepts. As we introduce new ways of authenticating people, these
05:02
mostly stayed the same way. Haven't really expounded much off on off of these three authentication factors. There may be slightly different authentication factors such as somewhere you are like your geographical location based on your i p address,
05:18
but those could be spoofed. Those could be this could be falsified. So those aren't those may not be
05:24
very good authentication methods. Those may just be like additional checks that we may put in place additional things that we log. But as far as our authentication methods go were really down, we're really at the point right now where we have these main three. These are big three authentication factors.
05:42
Something you have something you know, something you are.
05:46
So when you hear someone talk about multi factor or two factor authentication. They're not talking about two passwords or two badges or a fingerprint. Scan a thumbprint scan in a pinkie print scan.
06:00
They're talking about using two of these categories of authentication. If you're using multi factor authentication, you're using more than one factor using two factor authentication. You're using at least two of these factors for authentication. This could be something such as a badge and a pin.
06:15
A badge is something you have in a pin is something you know. Even if someone were to find out what your pin is because you wrote it down, then they have what you know, but they still need your badge. They still need something you have. So unless you take a shopping and you write your pin on your badge, which is very, very
06:34
discouraged,
06:35
then it just by losing your bad, they still need to know your pen
06:42
fingerprint and password. So a fingerprint scan and then a password entry is also something you need to know, and then something that you are, your fingerprint is something you are. So
06:55
the more factors of authentication that we put into play, the more factors that we need to know the harder that we make it for people to impersonate us, the heart, the heart, the more we the very secure authentication methods. Because just because
07:11
someone knows our password, they may not have a fingerprint scan
07:15
they may have. They makes it harder for someone trying to impersonate us. The more factors we add onto this, maybe we have a badge, a pin and a fingerprint scan.
07:25
So this would be three factors of authentication, something we have something we know in something we are.
07:32
If someone says you need you may account of websites where they send you a text message code. That would be something You know, your password when you log in and then something. You have your phone because they're going to send that pin to your phone. You don't know that pin until it sent to your phone. The thing that you have,
07:50
So that's something. You have your phone
07:53
and something you know, your password.
07:55
If someone says, Oh, well, we need to have a two factor authentication. We're gonna implement organ implement fingerprint scans and voice recognition. That's not two factor authentication. Both of those are something that you are both of those air biometric. If you say, Oh, well, I'm gonna implement
08:13
a past a primary password,
08:16
and then we're gonna have security questions. That's only one factor. Authentication. Your password is something you know, your security questions or something, you know. So
08:26
two factor authentication is using
08:30
two of these factors. You have to have
08:33
some one of you have to have two of the three something You have something you know or something you are. So if someone says we have multi factor authentication, we use use security questions and the password That's not multi factor authentication unless you throw in Ah, fingerprint scan or a text message to your phone or security.
08:52
Ah, security pin to your email address.
08:54
Well, then, technically, actually, you still have two factor authentication, because if your email address is just a password, that's again just another password. So you would need to send a security pin to a phone in order to say, Okay, so we have security questions, password in the phone pin,
09:13
and all of those three things have to be
09:16
in play. That's your two factors of authentication. You know your password. You know your security questions and you have your phone where they're going to send that secret pin. So that's two factor authentication. So
09:28
more and more email service is are a lot more more e mail service is, and Long and service's are allowing for this two factor authentication
09:37
where they say, Do you want to set up two factor authentication? Do you want to give us your phone number and have us text to a pin every time you log into a new computer? And this greatly increases your chances for your chances for not having your account compromised? Because now, if some if you inadvertently enter your password, say on another website
09:56
or someone steals your password when you're in a coffee shop,
09:58
then they're gonna try to log into your email. But they're gonna need your They're gonna need your phone number, your actual phone so they can get that security pen. So
10:07
consider using multi factor, or at least two factor authentication. If you're using systems that are,
10:13
the more I see top secret your systems are, the more confidential your systems are, the more you wanna protect your systems, the more factors of authentication out of our three factors you're gonna use in order to protect them.

Up Next

CompTIA Network+

This CompTIA Network+ certification training provides you with the knowledge to begin a career in network administration. This online course teaches the skills needed to create, configure, manage, and troubleshoot wireless and wired networks.

Instructed By

Instructor Profile Image
Anthony Harris
Systems Analyst and Administrator at SAIC
Instructor