What are the differences between password-based authentication and role-based authentication? What are their advantages and disadvantages?
Answer preview
Password-based authentication involves users keying in passwords for each server in order to gain access and the administrator must record the name and password for each user on different servers. The use of passwords has a number of pros such as it is a cheap authentication method to use. It is easy to implement because it doesn’t require one to carry an extra hardware device nor install extra software. A strong password consists of random alphanumeric which may also be encrypted, this makes it difficult for any attackers. It is common and easily understood by users (De Nicola, Ferrari, Pugliese & Venneri, 2000). Despite it being a simple access control method, users may forget the passwords. Hence it requires high memorability. Passwords are very vulnerable in that unauthorized users may access them through password sniffing, dictionary attacks, replay attacks among other ways. In cases where users have multiple passwords for different servers, it brings about the complexity of the system. This authentication reduces cost and time efficiency.
(386words)