Question

Your network employs basic authentication that centers on usernames and passwords. However, you have two ongoing problems. The first is that usernames and passwords are frequently lost by negligent users. In addition, adversaries have, on occasion, fooled employees into giving up their authentication information via social engineering attacks. Discuss at least two things could you do to strengthen the use of basic username and password authentication, as discussed in the course textbook.

Your answer should be approximately 200-250 words in length.

It have to be your own words and no outside sources.

Answer 1

In this era of the digital age, everything is developing on the positive side and negative side too. Every technology comes with the innovation of crack. When it comes to security, low-level companies don't want to spend money and resources in spite of that this is the big issue which classifies the standards of companies. The methods which can be followed to secure the passwords are in general are very common nowadays like using special characters, small alphabets, and capital letters and digit all of them together in a password. But besides this, I am going to tell you what new technology can make a revolution in the field of security.

We are living in a world of Artificial intelligence, machine learning is a tool which can help in improving the security of your system. for example, if we are following the traditional methods of authentication except for fingerprint or face recognition, we can use a linear regression model to predict the strength of the password as compared to other users. The model we train needed to keep updated on a daily basis as we are increasing the number of passwords and we can use other models to predict the passwords for the user according to its taste which will help him to make a new password. For example GAN, we put some noises collected through the users and using the previous responses we can generate a new strong password for a new user. Now this newly generated password can be tested using regression for validating the strength of the password. Another thing which can be done using similar technology is that we can use the recommender system approaches like content-based and collaborative approaches to finding the taste of the user and accordingly suggest the new password.  

Besides the field of machine learning, in the context of traditional programming approaches, When we receive the password from a user it will be hashed according to our hashing service. To improve our service we can improve our hashing method so that no two passwords have a similar hash function. Since the hackers try to find out our hash functions using reverse engineering, they can be successful in doing that. but when we don't have similar hashed value we can protect more users from the attacks. So that while receiving the hashed value of a new password, we can suggest the user to change the password as the system has the same hashed value or same passwords for other users like we suggest for usernames to new users, This can be helpful in improving the authentication using username and password.