Advantages Of Biometric
It cant be easily guessed as in passwords
Don’t need to remember
The user does not require to carry device (mobile/ security token)
Concerns
Its expensive to install
The scanner is not always accurate
System may produce false negative- not allowing to login
Unlike passwords the biometric data cant be retracted – means- if someone knows your password, you can change them. If someone hacks your finger print, you cant change your finger.
User accounts and access level permission access level/ privilege are different for each user a few users may be able to read the data but cant edit the data
hacking
Gaining unauthorized access to a computer system
Ways to hack
Phishing- the fraudulent practice of sending emails purporting to be reputable companies in order to induce individuals to reveal personal information such as passwords and credit card numbers online. Guarding against Phishing:
No company will ask for passwords… so do not reveal password to anyone either through emails, text or phone calls
Never click any links in your email to open, say, a bank website- it is better to type the bank URL
Black list the senders, if you know them, as spam
Be vigilant- don’t disclose your personal information on social networking sites
Looking over the shoulder
Packet sniffer
Social engineering- process of tricking or manipulating a person to reveal the password, for e.g. smishing- same as phishing but done to text messages, vishing- done through telephone calls, Pharming/ DNS poisoning- another type of attack that directs the users to the fake website when they enter the url of a genuine websites. This is possible by illegally accessible the DNS server and putting the IP address of their fake website
Key logger- spyware every keystroke that you type they can see the- virtual keyboard, shuffle and hovering on
password changes
Password cracker
Dictionary attack- using the dictionary terms as password
Brute force
Don’t need to remember
The user does not require to carry device (mobile/ security token)
Concerns
Its expensive to install
The scanner is not always accurate
System may produce false negative- not allowing to login
Unlike passwords the biometric data cant be retracted – means- if someone knows your password, you can change them. If someone hacks your finger print, you cant change your finger.
User accounts and access level permission access level/ privilege are different for each user a few users may be able to read the data but cant edit the data
hacking
Gaining unauthorized access to a computer system
Ways to hack
Phishing- the fraudulent practice of sending emails purporting to be reputable companies in order to induce individuals to reveal personal information such as passwords and credit card numbers online. Guarding against Phishing:
No company will ask for passwords… so do not reveal password to anyone either through emails, text or phone calls
Never click any links in your email to open, say, a bank website- it is better to type the bank URL
Black list the senders, if you know them, as spam
Be vigilant- don’t disclose your personal information on social networking sites
Looking over the shoulder
Packet sniffer
Social engineering- process of tricking or manipulating a person to reveal the password, for e.g. smishing- same as phishing but done to text messages, vishing- done through telephone calls, Pharming/ DNS poisoning- another type of attack that directs the users to the fake website when they enter the url of a genuine websites. This is possible by illegally accessible the DNS server and putting the IP address of their fake website
Key logger- spyware every keystroke that you type they can see the- virtual keyboard, shuffle and hovering on
password changes
Password cracker
Dictionary attack- using the dictionary terms as password
Brute force