You have to log in under user in the bottom left corner and then you can add notes to slides. I didn't realize this was worth 5% of our grade.

Security class also teaches us "Something you do" is another form of authentication (e.g. gait of your walk)

Keystroke dynamics is yet another form of biometric identification. So not only do you have to type the characters in your password accurately - you have to type it with the same pacing and dwell time on the keys to gain access.

As biometrics are used more in authentication some interesting ideas about the future come to mind. What if devices tracked your brain activity and would only let you log in if you were in a certain state of mind?

Some helpful types for coming up with a strong password

this is equal parts amusing and depressing.

I wonder how this site compares to Random.org's "cryptographic strength."
Why do you want a random number generator? Maybe to form a password...?

• Write down the first 12 characters? 16 ^ 12 possible passwords (2.8 * 10^14)
• Security principles would say it takes about 1.4 * 10^14 guesses to crack this password
• With a hundred million guesses per second (10 ^ 8), you should be able to crack this pretty fast ...

funny note, just recently before this lecture I used a random password string generator to set our wifi router admin password.

I'd never heard of this method, but it seems so simple
and yet so elegant and secure. The odds of someone getting an
entire sentence correct, included with specials, numberd, etc, must
be astronomical

Kind of an example of this idea, in a more popular format.

I can definitely see how this will add to the security of a password. When you have two users with the same passwords they will hash the same. This techniques of salting the password will solve that problem which will make the same passwords hash differently. From what I understand in learning about Salt from security class, the two methods for salt value generation are generally either pseudorandom numbers or timestamp values.

Salt does not make the password impossible to crack it just lengthens the process of cracking it.
By adding salt on to the password the system can make all passwords the same length after the hash making it less easy to just match password length.

Just saw that Google cracked the SHA-1 security hashing functions. Guessing pretty soon we will be able to go to a 'decryption SHA-1 hashcode' website, similar to the MD5 decryption page.

https://www.howtogeek.com/185354/security-questions-are-insecure-how-to-protect-your-accounts/ Pretty funny how simple it is to get information on someone... more so when they are famous.

A recent example of how security technologies change is the SHA-1 hashing algorithm. Google's security research team recently produced the first SHA-1 collision, meaning that this algorithm has been proven to be unsafe to use.

I think one of the issues with biometrics is that most people don't have fingerprint recognition or iris scanners attached to their computers. Since people replace smart phones more often than computers, I could see biometric authentication becoming more popular for mobile devices in the future.

Another form for something you are (also learned in System Security) is the shape and design of your ear. It is as unique if not more than a finger print.

If you want to take a look at FaceL, the link is here.

A link to the 2016 IEEE International Conference on Biometrics can be found here.

If a 3rd form of authentication is what you need, look no further than your own RFID chip. It looks like there are a few companies working on the technology for human implants, but the morality of it seems to be in question. click here for more

I am surprised that these work based on the fact that humans can read these distorted images of words, but robots can't. Especially because some of the words come from books that computers can't understand. But this is actually how reCAPTCHA was formed which is really interesting.

There is much more going on behind the scenes now with reCAPTCHA. Specifically, Google will often just 'recognize' you for who you are without your having to do a thing (or at least much). This posting has a nice explanation.

It amazes me how far security systems have progressed in this decade. Even better than iris recognition, is surprisingly ear recognition. Perhaps one day we will conceive of even better recognition traits, like our body odor or something surprising like that.