Authentication and access control terms

Shadow password files are a way of improving system security by securing user passwords.

Salting is adding a random piece of data to a password or a passphrase before running it through a hashing algorithm.

Role-Based Access Control is a framework for managing and enforcing security.

Risk-based access control is a type of access control that uses dynamic risk assessment to calculate the risk of certain transactions.

Rainbow table attack is a method of cracking passwords using a rainbow table – a database containing plaintext passwords and hashes that correspond to them.

Passwordless, also called password-free authentication, is a secure and convenient method of authentication that eliminates the need for traditional passwords.

A password vault is a program that can store and keep all your login information, including usernames, passwords, and other information such as security questions, safe in an encrypted format.

Password spraying is a brute force attack that tries one popular password against many accounts instead of using different passwords on one account.

Password salting is the practice of adding large-value randomized data (called “salt” in cryptography) to passwords stored in databases.

Password protection is an access control mechanism that prevents unauthorized access to computer systems and data by validating user identity through authentication.

Password policy refers to the set of rules defined by an organization that determines how employees should create and manage their company passwords.

Password authentication protocol (PAP) refers to a simple, two-step authentication process that consists of the user sending their username and password to the server in plain text and the server that sends a response.

A passphrase is a sequence of words or other text that authenticate a user or encrypt data.

A passkey is an authentication method aimed to replace passwords.

A passcode, also known as a password or personal identification number (PIN), is a secret code used to authenticate or gain access to a network, system, or service.

Out-of-band authentication is a type of two-factor authentication in which a user is authenticated through a channel different from the primary channel for communication.

One-time password is a user authentication mechanism applying a unique numeric or alphanumeric password that can be used only once.

NAC (network access control) is a method of securing a private network by restricting access of unauthorized users and devices.

In cyber security, network access control lists or “NACLs” are specific policies or rules that manage network traffic at a network level, just like traffic lights on the streets would do.

Media access control (MAC) is the network protocol that identifies devices in wired and wireless networks.

A master password is a single password that gives the user access to a complete set of different services, systems, or applications.

Mandatory access control is an access control model where access to resources (such as files or network services) is managed by a central authority (such as an administrator or security officer).

Lattice-based access control (LBAC) is a security model that uses a hierarchical lattice structure to define and enforce access rights.

A LAN Manager Hash is a legacy security protocol.

Guessing entropy measures the difficulty in correctly predicting a secret such as a password.

“Escrow Passwords” is like a digital vault, where cryptographic keys and passwords are kept securely.

Discretionary Access Control is a type of access control system in which the owner of a file or directory can grant or revoke access permissions to other users or groups.

A dictionary attack is a cyberattack during which an attacker uses an automated tool and a list of words to try and guess a password.

A default password is a password that’s been preconfigured by a manufacturer or system administrator for a device or system.

Credentials are a set of login or authentication data that verify a user’s identity and grant them access to a particular system or service.

A cognitive password is a security mechanism that uses questions based on personal knowledge or experience.

Challenge-response authentication is a security mechanism where to gain access to a resource, the user has to complete a challenge first, such as answering a question or giving specific information.

Broken access control is a scenario in which an attacker breaks access control and can access, modify, delete or perform actions that the application would not initially allow.

A BIOS password is a password that’s set and used in the BIOS (Basic Input Output System) setup.

An alphanumeric password is a type of password that includes both letters (alphabetic characters) and numbers (numeric characters).

An access control system is a security system that regulates who can use resources in a particular environment and prevents unauthorized persons from accessing secured physical areas or networks.