Documente Academic
Documente Profesional
Documente Cultură
Verification: utilizing authentication information that binds the entity and identifier to
validate the user accessing the account.
The general user should have to establish the following password protocol before setting up
their account for usage:
Characteristics
1. Content: Password must not contain real name,
username, or dictionary word.
2. Length: Min. 12 characters.
1. Complex Password
Policy
Ideally, the optimal way to develop a lengthy and untraceable password, yet maintain its
legitimacy by following the Complex Password Policy rules, is to replicate a catchphrase. An
example of a secure password as suggest above would be:
1. To be or not to be
The method to create a password that is both memorable, yet as unhackable as possible, is to
implement the suggestions as such:
2. t0_b5_0r_n0t_2_b3!@$ = 21 characters.
To optimize the password selection process and ensure users have the most applicable security
attached to their accounts, a complex password policy is the ideal strategy. This method is
executed in the following way:
a. User selects his/her password
b. The system confirms whether the password is permitted, or rejects it
c. The system recommends a password that is both memorable and secure enough
that an intruder would be unable to guess it
This strategy ensures that both user acceptability and strength is maximized.
To ensure the users follow the correct protocol to select a password, rule enforcement would
be the best strategy, as it ensures the password is at least 12 characters long, as well as that it
includes a combination of upper/ lowercase letters, numeric digits, and more. This is ideal
because it provides security from the highest priority to the general user, as well as does not
require the user to change their password on a consistent basis (which would result in more
issues).
You enter
your User
ID and
password
as usual.
The entity
sends a
verificatio
n code to
your
mobile
device via
SMS.
You enter
the code
to verify
your
identity
and
complete
sign in.
In the rare case that the user forgets the password, they must
specify the following general knowledge based questions that
the user selected during setup and would remember by
memory:
3. Prearranged questions
In regards to the usability and effectiveness of this designated password protocol, it provides
the optimal combination of security, accuracy and authorization to ensure that the users
account is well protected.
1. Optimal Password Protection: The recommended characteristics to structure the
users passwords, ensure that the length, mix of letters/numeric/symbols, and
randomized strings, will guarantee that neither a human, nor bot, intruder will be able
to illegally access any unauthorized data. Also, with the rule enforcement strategy, it
enables the user to select a password that they can remember and is also secure.
2. PIN Validation: By developing a secondary wall of security that will require
additional authorization via the users own mobile device, it will ensure that any
claimant attempting to access the account and enters the wrong password, will have to
validate their identity through their referenced device.
3. Prearranged Questions: If Step 2 does not enable the user to enter the account (in the
circumstance that their phone is out of operation), the user can proceed to answer the
prearranged questions they originally established when setting up their account. This
will ensure that the intended user will be obtaining authority to change their password
for future usage.
The established security measures ensure that there is a very high confidence in the asserted
identitys validity. By following the recommended password tips, the user will surely be able
to establish a password that is memorable, recoverable and secure.