Traditional (highly insecure) Authentication Method

The simplest, and unfortunately still quite common, authentication method available is the traditional local authentication method.

In this model, username and password information for each authenticatable user is stored locally on the server system. Users send their usernames and passwords in plain text to the server system, which in turn compares their authentication information with its local database. If the provided username and password are found to match, the user is considered authenticated.

This is basically the model used for login authentication on traditional multi-user systems, and it has been replicated numerous times within various application packages.

Figure II, below, provides a graphical overview of the traditional authentication method.


DIAGRAM OF HOST/PASSWD TABLE-BASED AUTHENTICATION MODEL

Figure II


This model has a number of weaknesses:

A number of years ago, staff working with the Athena Project at MIT developed a system named Kerberos to address these problems.

Next Page