factor\u00b5 This is a simple example of a two step authentication Both of them is

Factorµ this is a simple example of a two step

This preview shows page 25 - 32 out of 52 pages.

factorµThis is asimpleexample of atwo stepauthentication¸“)((Both of themis somethingyou know”¹
Background image
&GYDQWDJHV ¶ )LVDGYDQWDJHV RI 2+&Multi factor authentication is important forwebsitesbecausePasswords are the most common form of login authentication across the spectrum oftechnology¹ But they’re also incredibly fallible ·They are easily obtained by other means¿social engineering ¿ hack and etc¸ ·Advantage¸The primary benefit of multi factor authentication is that it providesadditional security byadding protection in layersµ ¸(''Advantage¹Users must carry a mobile phone¿ charged¿ and kept in range of a cellular network¿whenever authentication might be necessary¹ ·Disadvantage¸The user must share their personal mobile number with the provider¿ reducing personalprivacy and potentially allowing spam¹ ·Disadvantage¸26
Background image
7HOHYDQW =0()It is a good idea not toimplement your ownauthorization andauthentication features¹27
Background image
4SHQ.)An OpenID is a way of identifying yourself no matter which website you visit¹OpenID is anopen standard and decentralized authentication protocol¹OpenID Connect µ¹³ is a simple identity layer on top of the OAuth ´¹³ protocol¹Current version of OpenID is OpenID Connect µ¹³¿ finalized and published in February´³µº¹ Older versions of OpenID is deprecated¹It allows Clients to verify the identity of the End±User based on the authenticationperformed by an Authorization Server¿ as well as to obtain basic profile information aboutthe End±User in an interoperable and REST±like manner¹As of ´³µ¶¿ OpenID is no longer used by a number of companies in favour of OAuth ´¹³protocol¹ ·Facebook used to use open ID but since moved to Facebook Connect¸28
Background image
4SHQ.) H[SODLQHG ´´29KimKim´µKimµ¾¾µKimThePotatoKimYouTubeKimInstantgramKimBloodNinjaKimRedditKimNotPotatoOpen/I**DKimGithubKimSlackHi, Kim!With OpenID you only have toremember one username and one passwordµKimTheOneKimTheGamer
Background image
4SHQ.)30OpenIDis a proof of identityis used for signing upand logging inis different comparedto traditional loginis a step towards acohesive identityis securebut it is not a trustsystembut does not keep trackof what you do onthose sitesbut it is notcomplicatedwith a good providerbut you can choose notto use it
Background image
4&XWK ±´²OAuth ´¹³ is the industry±standard protocol for authorization¹Most social login are implemented using the O(''Auth standardµ·Facebook Login¿ GoogleLogin¸OAuth ´¹³ supersedes the work done on the original OAuth protocol created in ´³³¼¹OAuth ´¹³ focuses on client developer simplicity while providing specific authorizationflows for web applications¿ desktop applications¿ mobile phones¿ and living room devices¹Authorizationcan be used as a form of pseudo´authenticationµOAuth ´¹³ protocol describes a² legged authenticationµƔO(''Auth provides a method for clients to access a protected resource of behalf of aresource ownerµ31
Background image
Image of page 32

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture