User authentication process is used just to identify who the owner is or who the identified person is.
In personal computer, generally, user authentication can be perform using password.
When a computer user wants to log into a computer system, then the installed operating system (OS) on that computer system generally wants to determine or check who the user is. This process is called as user authentication.
Sometime it is too important to authenticate the user because the computer system may have some important documents of the owner.
Most methods of authenticating the computer users when they attempt or try to log into the system are based on one of the following three principles:
That computer users who want to cause some trouble on any specific computer system, have to first log into that computer systems, means getting past whichever the authentication method or procedure is used. Those computer users are called as hackers.
Basically, hacker is a term of honour that is reserved for or given to a great computer programmer as normal computer user or programmer can't get access into anyone's system without permission.
User can be authenticated through one of the following way:
Now let's describe briefly about all the above authentication process one by one.
User authentication using password is the most widely used form of authenticating the user.
In this method of authenticating the user with password, it is to require that the user who is going to authenticate has to type their login name or id and login password.
Authenticating the user using their password is an easy method and also easy to implement.
Keeping a central list of pairs is the simplest implementation of user authentication using password method.
Here, in this method, the login name typed in is looked up in the list and typed password is then compared to stored password.
Now, if both login and password match, then the login is allowed or the user is successfully authenticated and approved to log into that system. And in case if now match occurred, then the login error is detected.
Here are the list of four basic and common way to secure the password:
One Time Password (OTP) is the most extreme form of changing the password all the time.
One time password is a very safe way to implement.
When OTPs are used, the user get a book containing a list of many passwords. Each login uses the next password in the list.
Therefore, if an intruder ever discover the password, then it willn't do any good for him as the next time, a different password must be used.
User authentication using a physical object is a second way to authenticate the user here.
Here, physical object may refer to Bank's Automated Teller Machine (ATM) card or any other plastic card that is used to authenticate.
To authenticate the user, plastic card is inserted by the user into a reader associated with the terminal or computer system.
Generally, the user must not only insert the card that is used as physical object to authenticate him/her, but also type in a password just to prevent someone from using a lost or stolen card.
User authentication using biometric is the third authentication method here.
This method measures the physical characteristics of the user that are very hard to forge. These are called as biometrics.
User authentication using biometric's example is a fingerprint, voiceprint, or retina scan reader in the terminal could verify the identity of the user.
Basically, the typical biometric system has the following two parts:
Now, let's describe briefly about the above two parts of the biometric system.
In biometric system, during enrolment, characteristics of the user are measured and the results digitized.
Then, significant features are extracted and stored in the record associated with the user.
The record can be kept or stored in a central or main database or stored on a smart card that the user carrier around and inserts into a remote reader, for example, at an ATM machine.
In identification, the user shows up and provides a login name or id. Now, again, the system makes the measurement.
Now, if the new values match the ones sampled at enrolment time, then the login is accepted, otherwise the login attempt is rejected.
User authentication using countermeasure method is used to make the unauthorized access much harder.
For example, a company could have their policy that the employee working in the Computer Science (CS) department are only allowed to log in from 10 A.M. to 4 P.M., Monday to Saturday, and then only from a machine in the CS department connected to company's Local Area Network (LAN).
Now, any attempt to log in by a CS department employee at any wrong time or from any wrong place would be treated or handled as an attempted break in and log in failure.