Professional Documents
Culture Documents
A. LESSON PREVIEW/REVIEW
Good Day Future Security Officers. Today our focus is authentication. You might be asking yourself,
what is its difference with authorization. To answer that question, we’ll give you an example.
Let us say, the Dean announced that there will be no class today. To make sure that the information
reaches everyone, it must be submitted through a memo. Of course to make sure that the memo
looks legit, we need to see the Dean’s name written on it, now we can be sure that the Dean is
authorized to share that information to everyone. But ask yourself, how do we make sure that really
came from the Dean? If you are thinking that Dean signed it, then you are right! And what we have
here is an example of Authentication.
B.MAIN LESSON
Content Notes
Authentication
Authentication is proving that the one trying to access a document/system/etc. is the correct person
accessing it. This can be done through providing the one who is accessing the password to his/her
account, or given the password in accessing the document/system/etc.
To help you even more to define authentication. Your smartphone is only authorized to be used by
you or people you trust, and to do that you make sure that they are authenticated by either giving
them your password.
Authentication Process
Authentication is actually a process. And it differs from situation to situation, and technologies used.
Some use passcodes or passwords, others use facial recognition and fingerprint recognition. As long
as it is safe and secure, it is considered to be a good authentication process.
1. Authentication process starts with giving the authorized users the authentication code or rights
to access what they want.
- This can be done in creating accounts, or for some giving the code.
2. The next step is to allow the user access to what is authorized to him.
- This can be done by using the access rights given to him.
3. The next step actually is a bit separated from the 2nd step, because this part is reporting if the
entry is invalid or not.
- Reporting goes to the user who is authorized to access the system. You may know this
by emails or notifications. Example of which is that someone tried to login with your FB
account, it may be you yourself who made a mistake in login.
- Another reporting is within the admin itself, detecting that an invalid authentication
happened. The reason for this is so that if it detects multiple attempts in authentication,
it could be a Denial of Service attack and that means as security officers, we must stop
that attempt.
Importance of Authentication
As we Mentioned in the introduction the main importance of authentication is that to prove the one
trying to access something is truly the authorized user. Or someone who announces/declares
something is truly the correct person to announce/declare it.
First is a better password - Have you noticed that passwords in your Aims or Phinmaed Email
requires you to have a capital letter, a symbol, a number, and a few more letters? This is actually a
good way of securing your password from hackers, it will take years for computers to crack or guess
your password if it has these categories, it even helps if your password cannot be found in the
dictionary.
Second is a two factor authentication - That is right. What is better than 1 authentication, of
course, 2 authentication. You can actually see this on Facebook. This is actually done by sending a
text to your registered phone number before login in Facebook from a different device. This ensures
that it is truly you who is trying to access your Facebook account.
What happens if your Authentication Fails, and your only choice is recovery?
This part is actually the concern of anyone who uses security. If something is lost to you and you
cannot recover it then it is really a loss. It is ideal that you must have your recovery processes, it can
be a well trusted family member or a significant other, or a secret email address that you know the
basic password is on your physical notebook. Besides there are also the security questions.
If the organization is using software, email, or anything that needs a password, dictate on how they
can improve their password against hackers.
C. LESSON WRAP-UP
FAQ
What happens if you fail or lose your phone for the 2 factor authentication?
This is actually one of the concerns of more security. If something fails it does not allow you at all to
recover, so it is a loss. In other words, only use 2 factor authentication if you believe that whatever is
inside there is extremely important and the ways to access it are very safe and secure in your life.
b) Think about your learning by filling up “My Learning Tracker”. Write the learning targets,
scores, and learning experience for the session and deliberately plan for the next session.
Date Learning Target/Topic Scores Action Plan
What’s the What module # did you do? What were Do you find the topic difficult? What
date What were the learning targets? your scores do you think should you do to make
today? What activities did you do? in the it easier in the personal level, to
activities? make it more applicable to you?