3. Classification of authentication methods according to security criteria
Here's an overview of existing methods, listed in ascending order of safety.
3.1 Static password category
This category is currently the most widely used. It does not provide strong user authentication.
A password is said to be "static" (as opposed to dynamic) when it does not change from one transaction to the next. This is the case for most of the passwords we use every day. We memorize it and fill in the "password" field with the same value every time we're asked for it.
Line eavesdropping is one of the most effective attacks on both local corporate networks and the Internet. What's more, it's very difficult to detect. Weak passwords are the other major problem: good passwords are very difficult for users...
The Ultimate Scientific and Technical Reference
This article is included in
Traceability
This offer includes:
Knowledge Base
Updated and enriched with articles validated by our scientific committees
Services
A set of exclusive tools to complement the resources
Practical Path
Operational and didactic, to guarantee the acquisition of transversal skills
Doc & Quiz
Interactive articles with quizzes, for constructive reading
Classification of authentication methods according to security criteria
The challenge of authentication on the Internet
Bibliography
Conferences
Security and information systems conference https://www.lesassisesdelasecurite.com/
SSTIC – Symposium on information and communications technology security https://www.sstic.org/2017/news/
Standards and norms
- Cartes d'identification. Cartes à circuit(s) intégré(s) à contacts. Partie 1 : caractéristiques physiques - ISO/CEI 7816-1 - 1998
- Identification cards. Integrated circuit cards. Part 2: contact cards – Contact dimensions and locations - ISO/CEI 7816-2 - 2007
Directories
Organizations
ANSSI – Agence nationale de la sécurité des systèmes d'information (French national agency for information systems security)
The Ultimate Scientific and Technical Reference
