Hardware Reference
In-Depth Information
Access Control
Access control
describes the technologies used to control who or what has access to your
system(s). Access control can take many forms, from the key to the door on the room that
houses your computer system to the username and password with which you log in, and
the permissions you receive as a result of that login. Examples of access control measures
include passwords, fi ngerprint readers, and smart cards.
User IDs and Passwords
User IDs and passwords are the bedrock of most computer access-control systems. You
use an ID and password combination to log into everything from the OS to your bank's
website. User IDs and passwords identify you as you log onto the local area network at
your workplace, as you access wireless hotspots, and just about everywhere that you have
to be authorized in order to participate.
Access control at an OS level is usually local to that PC (that is, with the database of
authorized users and passwords stored locally). No matter where that PC goes, or what
networks it is or isn't connected to, the authorized users remain the same. The security risk
in such a system is that someone could hack the fi le where the passwords are stored and
gain access to everything on the PC.
As an alternative, some companies that have client/server networks choose to manage
user logon via an independent directory service stored on a separate server. For Windows
servers, this service is called
Active Directory
. When logins are managed on the network,
users can potentially sit down at any PC anywhere in the building and log in with their
own credentials. The Active Directory service then retrieves the user's preferences, data
folders, and other settings and makes them available.
Creating Effective Passwords
A
strong password
is one that is diffi cult for someone to guess. Strong passwords have
these characteristics:
Long The longer, the better. At least eight characters is optimal.
Varied The password contains at least one capital letter and at least one number and/
or symbol.
Unusual The password doesn't appear in a dictionary and isn't a proper noun.
Passwords that are easy to guess are considered
weak passwords
. Some of the worst
passwords of all are things like
qwerty
,
12345
, the user ID, and the word
password
. Only
slightly better are the names of people, pets, and places.
Even though a password should be diffi cult for others to guess, it's OK to make it easy
for you to remember. To do this, try combining numbers and letters that make sense to you
