Hardware Reference
In-Depth Information
Even if a system doesn't require you to change your password on a certain timetable, you
may want to take the initiative to change it yourself, especially on sites where you manage
your fi nancial affairs.
To help you remember your password in a frequently changing environment, you may
want to develop a structured system of changes. For example, suppose your password
is
video%Furrier
. When you change it, you might add the two-digit number of the
month in which you changed it. For example, if you change it in February, you can
make it
video$02Furrier
. Then, when you change it again in May, you can change it to
video$05Furrier
.
One-Time Passwords
Some systems issue temporary passwords to users. These passwords are either time-limited
(for example, you must use it within 24 hours) or instance-limited (for example, you can
use it to log in only once, at which point you're forced to create a new password).
Some systems have a time-based token on which the user can press a button and get
a randomly generated password. This token uses an algorithm (a mathematical method)
recognized by the server and uses the current time as a part of the key to the password,
knowing that the server will be running to the same time.
A one-time password prevents theft from a key-logging system or from someone
watching you type the password and remembering it. By the time someone has stolen
it, it's already out of date. One-time passwords can also be used to help verify a user's
identity when resetting a forgotten password. For example, if you're locked out of logging
into your cell-phone provider's website, the provider may send a temporary password to
your phone, ensuring that you possess that phone before resetting the password for the
website.
Smart Cards
A
smart card
is a plastic card, similar in dimensions to a credit card, that
contains a microchip that a card-reader can scan, such as on a security system. Smart
cards often double as employee badges, enabling employees to access employee-only areas
of a building or to use elevators that go to restricted areas, or as credit cards. Smart cards
are also used in some countries, such as France, to store and transfer health insurance
information.
Smart cards can also be used to allow or prevent computer access. For example, a PC
may have a card reader on it through which the employee has to swipe the card, or that
reads the card's chip automatically when the card comes into its vicinity.
Smart cards are sometimes used as a substitute for user IDs and passwords. In other
applications, they're combined with PIN numbers or used as an add-on to a standard
login system, to give an additional layer of security verifi cation. For someone to gain
unauthorized access, they have to not only know a user's ID and password (or PIN), but
also steal their smart card. That makes it much more diffi cult to be a thief!
