This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Password
Password

Version management

Difference between version and

At line 1 added 38 lines
!!! Overview
A [{$pagename}] (or [Passphrase], [Passcode], [Passkey], [PIN]) is a [Token] which is a [credential] that a claimant typically memorizes and uses for [Authentication] typically of a [Digital Identity].
A password is considered a [Knowledge Factor] ([Something You Know]) as an [Authentication Factors]
A [Password] is a [secret] value that may be utilized to provide [Authentication] in [Password Authentication].
[{$pagename}] are typically character strings, however some systems use a number of images that the subscriber memorizes and must identify when presented along with other similar images.
Despite the name, there is no need for passwords to be actual words. [{$pagename}] which are not actual words may be harder to guess, a desirable property.
The terms [Passcode] and [Passkey] are sometimes used when the secret information is purely numeric, such as the personal identification number [PIN] commonly used for ATM access. Some passwords are formed from multiple words and may be referred to as a [Passphrase].
We will refer to any of these which are all generally [{$pagename}]s of one form or another:
* [{$pagename}]
* [Passcode]
* [PIN]
* [Passphrase]
* [Passkey]
* [Password Token]
All are a secret value that may be utilized to provide [Authentication] in some [Authentication Methods].
A [Password] is a secret value that may be utilized to provide [proof of identity|Authentication] in some [Authentication Method]. In particular, a password is used in:
* [Simple Authentication]
* [CRAM-MD5 SASL Mechanism]
* [DIGEST-MD5]
* [PLAIN SASL Mechanism] [SASL] mechanisms.
The security that a password provides is based entirely on the fact that only the password's owner [knows|Knowledge Factor] the password value. If someone else learns a user's password through some means, then that third party can [impersonate|Impersonation] that user and may be able to perform any operation available to that user.
Most [LDAP Server Implementations] provides a number of [Password Policy] features that can be used to help ensure that passwords are not discovered by third-party individuals (e.g., helping to ensure that users aren't allowed to use weak passwords, providing protection against brute-force attacks, requiring authentication attempts and [password Changes] from being performed in a secure manner, etc.), but nevertheless [{$pagename}]s are often considered weaker forms of protection than other [Authentication Methods] like [certificates].
!! [Password Management]
One of the issues with using [{$pagename}]s is [Password Management].
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop