D-Link DFL-2500 User Guide - Page 151
Password Criterion
View all D-Link DFL-2500 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 151 highlights
132 Chapter 17. User Authentication c) Something the user knows The secret information that only the involved user knows and keeps, such as the most commonly used Password or a Shared secret phrase. The difficulty of using method a) is that it requires some special devices to scan and read the feature presented, which are relatively expensive. Another risk that may cause this to fail is that the features are almost impossible to have substitutes; in case the user loses the feature by accident, nothing can be used for replacement. Therefore, the more commonly used methods for network services are (b) and (c). There are also potential risks by using either of these methods, for example, the keys may be intercepted, the card can be stolen, people tend to use weak passwords that are easy to guess, and they may be bad on keeping any secret, and so on. Thus, these two approaches are often combined to have add one factors and security levels. For example, a passcard is often granted to a person with a password. User authentication is frequently used in services, such as HTTP, FTP, and VPN. D-Link firewalls use Username/Password as primary authentication method, strengthened by encryption algorithms. The basic concepts of encryption is covered by 20.2 Introduction to Cryptography. More advanced and secure means of authentication, such as the Public-private Key System, X.509 Certificate, IPsec& IKE, IKE XAuth, and ID List are introduced in: 20.2.2 Authentication & Integrity, and 22 VPN Protocols & Tunnels. 17.1.2 Password Criterion In the Username/Password coupling, the username(account name) as an identifier tells who you are, and the password severs as an authenticator to prove that this is true. To penetrate certain system and obtain the user or administrator's privileges, the password is often subject to attacks. Attacks There are mainly three different ways to attack a password: • Guess: Try possible cases. Passwords that are chosen from a dictionary, or user's personal information, such as name, telephone number, and birth date are vulnerable to this attack. • Find: D-Link Firewalls User's Guide