Slide 1Background to the Problem:Password Reset User Support:Problem:Password Complexity: Sample CompanyPotential Solutions:Slide 7Team: SuperBad CatsMSIT 458 – Dr. ChenAuthentication through Password ProtectionBackground to the Problem:•Companies require password protection on many important systems within their company•Various systems may have differing password requirements–Requiring users to create and recall different passwords for different systems•Various systems may be used only sparingly by certain users–Users may forget their password after a period of non-use•Companies often require a new password after a given period of time–Requiring users to create and recall different passwords for different systemsPassword Reset User Support:•Call support (authenticity and validation)–Time Spent on Resets–Quantity of Resets per Year–Cost per call–Why they call•Web-based password reset (setup by users with challenge questions)–Confidentiality–Authenticity–Integrity–AvailabilityProblem:•Too many passwords•Can’t remember passwords•Too complex•Too easy•Can't remember answers to challenge questions•Don't know the password complexity rulesIn Summary:Maintaining multiple passwords for a single user to access necessary systems results in excessive work time lost and cost to the companyPassword Complexity: Sample Company•Enforce password history 24 passwords remembered•Maximum password age 90 days•Minimum password age 1 days•Minimum password length 8 characters•Password Dictionary Blacklist "%Company Name%”•Password must meet complexity requirements Enabled (see below)Complexity Requirements:–Not contain the user's account name or parts of the user's full name that exceed two consecutive characters–Be at least eight characters in length–Contain characters from three of the following four categories:•English uppercase characters (A through Z)•English lowercase characters (a through z)•Base 10 digits (0 through 9)•Non-alphabetic characters (for example, !, $, #, %)–Complexity requirements are enforced when passwords are created or changed.Potential Solutions:•Identity Management Software –Examples: Forefront Identity Mgr, Novell Identity Mgmt Solution, Oracle Identity Mgr•Leverage Global Active Directory (GAD)–Active Directory Federation Services (ADFS)•Password Synchronization–Password Change Notification Service (PCNS)•Single Sign On–Pass Threw Authentication (Handshake), Kerberos, NTLM, SAML 2.0, Cloud Identity•Other Options–RSA Token, Biometric, Near Field Communication (NFC), RFID (Proxy), Retina, Social Media (Ex: Facebook)Authentication through Password Protection Team: SuperBad CatsMSIT 458 – Dr.
View Full Document