Lecture 7: User Authentication

This lecture covers the three approaches to user authentication: something you know (PIN, password, etc), something you have (physical security token) and something you are (biometrics). We focus on passwords, since they are currently the most common approach. We consider the theoretical level of security achievable with passwords and contrast this with the reality. We discuss various attacks against passwords and look at how stolen password hashes can be cracked.