You are viewing a free preview of this lesson.
Subscribe to unlock all 10 lessons in this course and every other course on LearningBro.
This lesson covers authentication and verification as required by OCR J277 Section 2.4. Authentication confirms the identity of a user, while verification confirms that data has been entered or transmitted correctly. Both are essential aspects of producing robust programs.
Authentication is the process of confirming that a user is who they claim to be. It is used to control access to systems, data, and features. Without authentication, anyone could access sensitive information or perform restricted actions.
| Method | Description | Example |
|---|---|---|
| Username and password | User provides a unique identifier and secret password | Logging into a school network |
| Two-factor authentication (2FA) | User provides two forms of identification | Password + code sent to phone |
| Biometric | Uses unique physical characteristics | Fingerprint, face recognition, iris scan |
| Security questions | User answers pre-set personal questions | "What is your mother's maiden name?" |
OCR Pseudocode:
storedUsername = "admin"
storedPassword = "Secure#123"
maxAttempts = 3
attempts = 0
authenticated = false
while attempts < maxAttempts AND authenticated == false
username = input("Enter username: ")
password = input("Enter password: ")
if username == storedUsername AND password == storedPassword then
authenticated = true
print("Login successful!")
else
attempts = attempts + 1
remaining = maxAttempts - attempts
print("Incorrect. " + str(remaining) + " attempts remaining.")
endif
endwhile
if authenticated == false then
print("Account locked. Too many failed attempts.")
endif
Python:
stored_username = "admin"
stored_password = "Secure#123"
max_attempts = 3
attempts = 0
authenticated = False
while attempts < max_attempts and not authenticated:
username = input("Enter username: ")
password = input("Enter password: ")
if username == stored_username and password == stored_password:
authenticated = True
print("Login successful!")
else:
attempts += 1
remaining = max_attempts - attempts
print(f"Incorrect. {remaining} attempts remaining.")
if not authenticated:
print("Account locked. Too many failed attempts.")
OCR Exam Tip: When writing authentication code in the exam, always include: (1) a limited number of attempts, (2) appropriate error messages, and (3) a lockout mechanism after too many failures. These features demonstrate defensive design.
A robust authentication system requires strong passwords. Good password policies include:
| Requirement | Purpose |
|---|---|
| Minimum length (e.g. 8+ characters) | Longer passwords are harder to crack |
| Mix of upper and lower case | Increases the number of possible combinations |
| Include numbers | Further increases complexity |
| Include special characters (!@#$%) | Maximum complexity |
| Not a common word or pattern | Prevents dictionary attacks |
OCR Pseudocode:
function checkPasswordStrength(password)
score = 0
if password.length >= 8 then
score = score + 1
endif
hasUpper = false
hasLower = false
hasDigit = false
hasSpecial = false
Subscribe to continue reading
Get full access to this lesson and all 10 lessons in this course.