| Computer security authentication means verifying the | | | | Two- factor authentication requires two independent |
| identity of a user logging onto a network. Passwords, | | | | ways to establish identity and privileges. The method |
| digital certificates, smart cards and biometrics can be | | | | of using more than one factor of authentication is also |
| used to prove the identity of the user to the network. | | | | called strong authentication. This contrasts with |
| Computer security authentication includes verifying | | | | traditional password authentication, requiring only one |
| message integrity, e-mail authentication and MAC | | | | factor in order to gain access to a system. Password |
| (Message Authentication Code), checking the integrity | | | | is a secret word or code used to serve as a security |
| of a transmitted message. There are human | | | | measure against unauthorized access to data. It is |
| authentication, challenge-response authentication, | | | | normally managed by the operating system or DBMS. |
| password, digital signature, IP spoofing and biometrics. | | | | However, a computer can only verify the legality of |
| Human authentication is the verification that a person | | | | the password, not the legality of the user. |
| initiated the transaction, not the computer. | | | | The two major applications of digital signatures are for |
| Challenge-response authentication is an authentication | | | | setting up a secure connection to a website and |
| method used to prove the identity of a user logging | | | | verifying the integrity of files transmitted. IP spoofing |
| onto the network. When a user logs on, the network | | | | refers to inserting the IP address of an authorized user |
| access server (NAS), wireless access point or | | | | into the transmission of an unauthorized user in order |
| authentication server creates a challenge, typically a | | | | to gain illegal access to a computer system. |
| random number sent to the client machine. The client | | | | Biometrics is a more secure form of authentication |
| software uses its password to encrypt the challenge | | | | than typing passwords or even using smart cards that |
| through an encryption algorithm or a one-way hash | | | | can be stolen. However, some ways have relatively |
| function and sends the result back to the network. This | | | | high failure rates. For example, fingerprints can be |
| is the response. | | | | captured from a water glass and fool scanners. |