The system knew the identity of users requesting the asset and
could make decisions about authorizing access, denying it completely,
or restricting it to a well-de?¬?ned set of operations. That
was an important improvement over the blind credentials
method, especially considering that authentication had to be
performed only once at the beginning of the session, while authorization
took place silently every time a resource was
requested. One password to rule them all.
Passwords act as
access gateways for
user accounts
32 The Problem
The password was con?¬?rmed as the preferred authentication
method, and again it proved a handy and agile system.
However, it started to show some shortcomings. When your
credentials grant access to shared resources, disclosing your
password is no longer just personal business; it affects all the
users of the network, and above all it affects the owner of the
network itself.
A secret is good until it is forgotten, and unfortunately passwords
are prone to a number of bad practices that can very well jeopardize
their usefulness as an authentication method. People
need to rememberpasswords, and this simple fact appears to
have a range of self-defeating consequences.
Pages:
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79