Password and Authentication
Home > 
Password and Authentication
< back
Result: Item(s)
Examples on Determining the Assurance Level
Some examples on how to assess the impacts of potential consequences of unauthorised authentication for determining the overall assurance level of respective service / transaction scenarios.
What is e-Authentication Assurance Level
The Assurance Level is a term to describe the degree of confidence in the enrolment and authentication processes.
e-Authentication Methods
There are three basic authentication factors (i.e. “what the user knows”, “what the user has”, and “what the user is or does”) commonly referred to in an authentication system.
e-Authentication for Business
To prevent unauthorised users from gaining access to protected resources, secure authentication systems are required to ensure that users are who they claim to be.
e-Authentication Models
There are two basic models for establishing an e-authentication system.
Public Key Infrastructure
Public Key Infrastructure (PKI) is a widely accepted IT security framework based on 'Public Key Cryptography'. The Hong Kong Government has laid a solid foundation for deployment of PKI through the enactment of the Electronic Transactions Ordinance and the establishment of a public Certification Authority (CA) through the Hongkong Post.
VPN Security
Virutal Private Network (VPN) security is an increasing demand nowadays to connect to internal networks from distant locations. Employees often need to connect to internal private networks over the Internet (which is by nature insecure) from home, hotels, airports or from other external networks.
Proper Use of the Internet
The Internet is now more than just an information source or research tool. It provides a great deal of opportunities for us to work, transact, communicate, learn and play.
Handling User Accounts and Passwords
These are frontline security issues that have a direct effect on the way you handle your personal data, such as user accounts and passwords.
Single Sign-On
Users can enjoy the benefit of choosing one password to access multiple applications, instead of memorising many different passwords. However, compromise of one authentication event could result in the compromise of all resources that the user has access rights to.
Identity Management
Identity management in an enterprise is a combination of processes and technologies to manage and secure access to the information and resources of an organisation.
Securing Access Using e-Authentication
Electronic authentication (e-Authentication) is the process of establishing confidence in user identities presented electronically to an information system. This may involve verifying with “what the user knows”, “what the user has”, and/or “what the user is or does”. The greater the number of factors being verified, the higher the confidence can be established.
Playing Online Games Safely
Many computer and console video games can be played online against other players over the Internet. Players are allowed to communicate sometimes using text messages typed into the computer and sometimes using a microphone.
Security of Remote Working
Below are some tips for all parties including organisations and individuals to maintain a safe and secure remote working or learning environment.
Guide on Secure Video Conferencing
The followings are some security measures / good practices to reduce the risks and avoid privacy breaches when hosting VC meetings or using VC solutions.
Brute Force Attack
Brute force attack is the crack of credentials using all possible combinations by trial-and-error method until the password is guessed correctly.
Identity Theft
Identity theft is a criminal act of getting hold of personal data of others without their knowledge or permission with an intent to defraud. The personal data is used by identity thieves to impersonate the data subjects for fraudulent purposes.