You are viewing a free preview of this lesson.
Subscribe to unlock all 10 lessons in this course and every other course on LearningBro.
Authentication and access control are fundamental to keeping computer systems secure. Authentication verifies who you are; access control determines what you are allowed to do. This lesson covers the three factors of authentication, biometrics, two-factor authentication and access control principles.
Authentication is the process of verifying that a user or device is who they claim to be. Without authentication, anyone could access any system, and there would be no way to track who did what.
Authentication is based on one or more of three factors:
| Factor | Description | Examples |
|---|---|---|
| Something you know | Information only the user should know | Password, PIN, security question answer |
| Something you have | A physical object the user possesses | Smartphone (authenticator app), smart card, USB security key |
| Something you are | A biological characteristic unique to the user | Fingerprint, iris scan, facial recognition, voice pattern |
Passwords are the most common form of authentication — "something you know". However, passwords have well-known weaknesses:
| Guideline | Why It Helps |
|---|---|
| At least 8-12 characters (longer is better) | Exponentially increases brute force time |
| Mix of uppercase, lowercase, numbers and symbols | Increases the character set the attacker must try |
| Avoid dictionary words and personal information | Defeats dictionary attacks |
| Use a different password for every account | Limits damage if one password is compromised |
| Consider using a password manager | Generates and stores strong, unique passwords |
Biometrics use unique physical or behavioural characteristics to verify identity — "something you are".
| Type | How It Works |
|---|---|
| Fingerprint | Scans the unique ridge patterns on a finger |
| Facial recognition | Maps the geometry of the face (distance between eyes, nose shape, etc.) |
| Iris recognition | Scans the unique pattern in the coloured part of the eye |
| Retina scan | Scans the blood vessel pattern at the back of the eye |
| Voice recognition | Analyses the unique characteristics of the user's voice |
Exam Tip: If asked to evaluate biometric authentication, always mention the issue of irreversibility. Passwords can be changed if compromised, but you cannot change your fingerprint.
Two-factor authentication requires two different types of authentication factor. Using two factors from the same category (e.g. two passwords) does NOT count as 2FA.
| Factor 1 | Factor 2 | Valid 2FA? |
|---|---|---|
| Password (know) | SMS code (have — phone) | Yes |
| Password (know) | Fingerprint (are) | Yes |
| Password (know) | Security question (know) | No — both are "something you know" |
| Fingerprint (are) | Smart card (have) | Yes |
| Face scan (are) | Iris scan (are) | No — both are "something you are" |
Once a user is authenticated, access control determines what they are allowed to do within the system.
The principle of least privilege states that every user should have the minimum level of access needed to perform their job — and no more.
Example: A data entry clerk in a hospital should be able to view and update patient records but should NOT be able to delete records, change system settings or access financial data.
| Method | Description |
|---|---|
| User accounts | Each user has a unique account with defined permissions |
| User groups | Users are organised into groups (e.g. "Teachers", "Students", "Admin"), and permissions are assigned to the group |
| File permissions | Read, write, execute permissions on individual files and folders |
| Network segmentation | Dividing a network into segments so that users can only access the resources in their segment |
CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is used alongside authentication to prevent automated bots from:
CAPTCHAs work by presenting a challenge that is easy for humans but difficult for computers (e.g. identifying traffic lights in images, solving a simple puzzle).
Subscribe to continue reading
Get full access to this lesson and all 10 lessons in this course.