jaegr.blogg.se - User authentication policy

#User authentication policy software#
#User authentication policy code#
#User authentication policy password#

#User authentication policy password#

The term user in this document refers to all State of Utah employees, contractors, temporary workers, volunteers, and others who have access to State of Utah information resources that require a user ID and password authentication. Accounts that require supervisor-level passwords may include root accounts, system admin accounts, and accounts with elevated privileges. Supervisor-Level PasswordĪ supervisor-level password is a password that provides a user with administrative access to applications and systems (e.g., system access to an operating system on a server by a system administrator or the ability to manage an application by an application administrator or power user). It may be used on its own or in combination with other wireless technologies, such as Bluetooth. NFC is a short-range wireless technology that enables simple and secure communication between electronic devices.

a key generated by a mobile application.Īdditional factors could be based on biometrics, such as confirming a user’s fingerprint or using facial recognition.

While the first factor is something the user knows (i.e., a password), the additional factor, referred to as multifactor authenticator throughout this document, is something the user has that provides a numerical string that the user supplies when logging in, such as the following:

MFA refers to when a user is required to prove their identity by not only confirming their password but also using an additional security factor. 2.0 Definitions Multifactor Authentication (MFA) In order to ensure that this policy is current and effective, DTS will review the policy annually and will make changes as needed.

Strong passwords play a critical role in preventing unauthorized access. Protecting State of Utah computers, systems, and data from unauthorized access is of preeminent importance. 1.2 BackgroundĬommon, default, or shared passwords are ineffective and aid hackers and others in their illicit attempts to access systems and confidential data within the State of Utah. It is the responsibility of the user to adhere to this policy. All user IDs created on any state computing system or device must have an associated password and multifactor authentication that meets the requirements of this policy. This policy applies to all State of Utah executive branch employees, contractors, temporary workers, volunteers, and others (collectively referred to as users throughout the rest of this policy) who have access to State of Utah information resources that require user authentication. The purpose of this policy is to establish requirements for user authentication, including passwords and multifactor authentication. Submitted By: Richard Madsen, DTS Hosting Director

#User authentication policy code#

Please do not mark on the token or alter it in any way.Authority: UCA §63A-16-103 UCA §63A-16-205 Utah Administrative Code If your token is lost, stolen, or damaged, please contact us immediately so that we can deactivate the token and prevent unauthorized access. Your passcode token should be protected by you as carefully as your credit cards or house keys.

When you receive your physical token, it will be initialized, but it will have no access privileges until you have contacted us to verify your identity.Īt the end of your account or project lifecycle, please return the token to the ALCF help desk:Īrgonne, IL 60439 Protect Your Passcode token

"Both tokens use AES-256 bit encryption to generate OTPs comprised of digits, digits and letters or digits, letters and special characters."

#User authentication policy software#

This is named after the company that developed the key fob and mobile software (the organization is now called SafeNet). Mobile and Physical TokensĪLCF provides every user of the production resources a physical or mobile token called a SafeNet Token. All production systems in ALCF require multifactor authentication for users with network and local (privileged and non-privileged accounts) using the SafeNet tokens. The three factors often considered as the cornerstone of authentication are: Something you know (for example, a password) Something you have (for example, an ID badge or a cryptographic key) and Something you are (for example, a voice print or other biometric measurement)." - NIST iTL Bulletin, Aug 2004īy the NIST guidelines for identification and authentication (NIST 800-53, Revision 3, Control IA-2), ALCF aims for a Moderate level of security controls. "Authentication systems are frequently described by the authentication factors that they incorporate. This document explains the policies users must follow regarding SafeNet tokens for accessing the ALCF systems. Users of the ALCF systems are required to use a SafeNet token (physical or mobile) one time password, multifactor authentication system. Distributed Training on ThetaGPU Using Data Parallelism