Question

An employee suspects that his password has been compromised. He changed it two days ago, yet it seems someone has used it again. What might be going on?

Answer according to digital forensics

Answer 1

Point 1) This is because of Single Sign on

a) Single sign on is an authentication process that allows a user to access multiple applications with one set of login credential.

1)USER

A) individual people need to access different services. users should be able to manage personal information such as password and they should be uniquely identifiable.

2)Identity providers

An "Identity providers" tells us more about the user it is the source of truth not only who is this person is but also what roles they have in turn inform other systems about what this persons allowed to do.

Working of Basic Authorization

Person : i want in

System: Give me your creds.

Person : Here is my user id and password but in this case Authentication any one can hack your password in sso server in the absence of LDAP server. so, here is the chances some one can hack your password.

if your server is LDAP based you will get conformation for Authorization and will send OTP to your registerd mobile number or email address for further conformation.

Difference between Authentication and Authorization ?

Authentication - I dont know are you ? Authorization - I know who you are, but your not allowed