-

 Week 9 Blog: Single-Sign-on Authentications

 

I have the opportunity of learning about a new authentication method for the very first time, so, I have decided to use this blog post to discuss as much as possible to explain some details about the authentication method. The authentication method in which I am speaking of is none other than Single Sign-On authentication. First, before going any further, “authentication is a process usually managed by a server that proves the identity of a client (which could be a user, service, or application) and determines whether that client is allowed to access a secured system.” To validate the very identity of any client, there must be some kind of “directory service” implemented in place to manage all the database account information associated with the client “usernames, passwords, and other authentication credentials.”

Authentication

In addition to speaking about authentication, there must be an effective password policy implemented to prevent users from compromising their credentials due to inefficient use of passwords. The one way in which password policies can become effective in preventing and increasing “security of user authentication is through a well-designed” and establish “password policy.”

Password Policies

The purpose for passwords policies is to require a password to meet certain requirements like the following:

1.      Complexity – the complexity of password is to require users to utilize combination of different type of characters like upper and lowercase letters, numbers, and non-alphanumeric characters.  

2.      Length – any cybersecurity experts will validate the importance of implementing password policy to meet certain requirements.

3.      Expiration – part of implementing password requirement is to have user change their password after certain period. This requirement increases password resistance against hacking. Implementing a policy that prevents users from reusing pervious passwords is imperative because users have the habit of reusing their pervious password.

4.      Lockout – the purpose for this requirement, configuring this into password policies is to have the system automatically lockdown a user account after the require sign-in attempt as reach. Multiple attempts made of entering password is one of various ways cybercriminals can break-into accounts.

Single Sign-On

That said, security is always a huge aspect to fully accomplish especially when it comes to “convenience and safety.” Increasing security operation for the purpose of locking “down a resource,” the likely hood of decreasing conveniences rise. If you implement security measures that are just way too inconvenient for users, it may not become too welcome to the average users, and they will attempt to find an avenue around the security protocol. On the other hand, resources become unsecure if you decide to make security convenient for users. The answer to implementing good security will be to find and effectively utilize “tools that increase both convenience (so people will use them correctly) and safety (so they keep your resources secure) and avoid sacrificing safety to increase convenience.” Single Sign-On is security method to this solution, however, single sign-on does not completely solve the problem to this “conundrum,” Single Sign-On technology prevents the user from having to create more than one account. Google used single sign-on technology to reduce the burden of having to memorize too many passwords for many different accounts. When a user is in the process of creating an account for Facebook, LinkedIn, and many other platforms, the user will be provided with an option to sign-in with Google, that is if the user already have a Google account, for example.

 

 

 

Reference:

West, Jill. (2023). CompTIA Cloud+ Guide to Cloud Computing (p. 267 - 270). Kindle Edition. Retrieved: November 6, 2023.

Comments

Post a Comment

Popular posts from this blog

-
 Threats to Cloud Security.   Cloud computing is on the rise and becoming popular in the public and business enterprises sector. Many CSPs (Cloud Service Providers) like, Microsoft Azure, AWS (Amazon Web Service), and GCP (Google Cloud Platform) are offering their clients and users the opportunity to migrate the operations to the cloud by subscribing services () that fits their operation needs. There are many activities involved with migrating to the cloud that are important for the public and business enterprises to understand before making such leap (migrate). Speaking of migrating, the term security is one of the most critical aspects that concerns cybersecurity team members, and all proper measures must be taken seriously. The uprising of cyber threats to cloud computing increases by the day just as cloud computing becomes more and more popular. The following are lists of threats to cloud security: 1.       Data Breach - regardless o...
Week One: Safety and Professionalism

CompTIA Network+: Network Management & Infrastructure

-
 Week One: Entry Blog. Hello to all, my name is Edward Cooper, and I was born and raised in Monrovia, Liberia, Africa. I came to the United States, November of 1996, and I reside in the beautiful state of New Jersey. I love working with different types of technologies and I just got through building a brand-new Personal Computer last month as I was pursuing my certification in Comp & Network Security Fund (CompTIA Security+), and Comp & Hardware and Software Mgmt. (CompTIA A+). I am currently taking a class in both Computer Server Environments (CompTIA Server+), and Network Mgmt. & Infrastructure (CompTIA Network+). Other than Windows Server that I have had some experiences (installed and configured) working with, I have not had experience with other vendors’ server platforms.   Speaking of server, I have some experience when it come to computer networking and I was able to build a home network (LAN) with four computers, Windows server, routers hubs, and a sw...
Week One: Safety and Professionalism
-
 Week Six: Internet Protocol version Six (IPv6). This week six topic focused on the fundamental concepts of Internet Protocol version six (IPv6), describing IPv6 practices, and the implementation of Pv6 in a Transmission Control Protocol/ Interprotocol (TCP/IP) network design. The Internet Protocol version four (IPv4) was developed for the purpose of assigning Internet Protocol addresses. IPv4 was developed to handled IP addresses for the foreseeable future, unfortunately, it turned out that wasn’t the case as the traffic (more computers became available in homes and smaller businesses) on the air wave begin too much to handle.  The IPv6 was developed as the replacement for IPv4. IPv6 comes with tremendous benefits that IPv4 didn’t had, and one of those benefits that IPv6 come with has to do with its pool of unlimitedly IP address. IPv4 is stay in used at this current moment as IPv6 translation begin slowly into replacing IPv4. There is no comparison whatsoever between IPv4 an...
Week One: Safety and Professionalism