Beruflich Dokumente
Kultur Dokumente
Inadvertent or
Intentional Online Computer Compromise
Sharing by Individual
Passwords Automatically
Saved for Website
Inadvertent or
Intentional Offline
Sharing by Individual
5
websites on computer
Likelihood to Occur
Effort to
Remediate
(Easy to Hard)
The two dimensional mapping of the main causes for the compromise of username and
password is easier to understand and discuss than a fishbone diagram. The two dimensional
mapping allows students to understand the severity of losing their information, while also
showing how easy it is to fix the problem that may have arisen. For instance saving a password
to a website, although is easier to save a password to a particular website, it also make the
password unnecessary because all the information is inputted into the required boxes. This makes
it easier for people trying to learn what information is being stored on the website to access
details regarding the user. Another example is using the same password for multiple websites.
Despite the strength of the password, using the same identification code multiple times provides
the hacker with motivation to infiltrate one password to know all of the others.
To minimize the probability that a persons NetID and password will be compromised
includes limiting the opportunity for others to find out the information that is needed to access
the account. Protecting the account involves entering the password manually every time a person
wants to access the website. Along with having multiple variations in characters within the
password itself to make it harder for the hacker to guess the password, as well as not using the
same password for different websites as it makes it easier to access. These problems if not
corrected each provide a different security risk, saving a password to the computer is a higher
risk than that of having the same password for multiple websites. The swim lane diagram
provides multiple checks to ensure the user is who they say they are by using multiple devices to
log in to the website.
b) Question 5B Report
diagram. This process is used to ensure that the student is in fact accessing the website. The first
precaution is to send the NetID+ code, a computer generated passcode to the students phone. If
the student is indeed accessing the website, they can enter the password into the specified area
and can carry on the process. By chance the student did not want to enter the website but
receives the generated password, it may be a sign that someone is attempting to enter the NetID
and password. In this instance it is best to phone the IT department to discuss changing the
username and password to ensure that nobody is able to access the account.