Overview/Description
Without the ability to gain entry to a network, hackers are powerless, so establishing effective authorization protocols is vital. In this course, you'll learn about key authentication concepts and best practices such as identification, user authentication components, the user logon process, and how to effectively manage user account credentials. This course also covers registration security, including how to use Completely Automated Public Turing test to tell Computers and Humans Apart or CAPTCHA, and enabling two-step verification. Finally, this course introduces password security best practices, including establishing password strength, complexity, and age criteria.
Target Audience
Individuals such as network administrators, programmers, risk managers, and other key individuals interested in establishing and maintaining secure user account policies and practices
Securing User Accounts: Authorization, Registration, and Passwords
start the course
describe characteristics of the authentication and identification process and the relationship between them
distinguish between the three user authentication components and how they interrelate
distinguish between the different types of authentication
describe characteristics of authorization
identify the phases of the user logon process
identify characteristics and purpose of credentials
identify characteristics of password credentials
identify characteristics of asymmetric key credentials for authentication
identify characteristics of biometric credentials
identify characteristics of ticket-based hybrid authentication credentials
describe characteristics and purpose of secure user account registration policies and practices
describe best practices for securing usernames and user identifiers
identify best practices for account registration verification
identify best practices and purpose of using Completely Automated Public Turing test to tell Computers and Humans Apart or CAPTCHA for user account registration and set-up
describe purpose and best practices for implementing two-step verification in user account registration policies
describe best practices for preventing username enumeration as part of user account registration security
describe best practices for setting minimum password strength criteria policies
identify password length, width, and depth requirements that can enhance password security
identify best practices for password field security
describe techniques for providing feedback to users on password strength
describe benefits and best practices for enforcing password history policies
describe benefits and best practices for setting minimum and maximum password age requirements
identify best practices for preventing password hack attempts
identify appropriate user account registration and password best practices