Shibboleth (computer security)
Encyclopedia
In the field of computer security
, the word shibboleth means to test something, and based on that response to take a particular course of action. The most commonly seen usage is logging on to a computer
with a password
or other type of credential
. If the password is entered correctly, the user can log on to the computer; if the password entered is incorrect, access is blocked.
There are various classes of computer security-related shibboleth.
The three classes are also jokingly referred to as "something you forget", "something you lose", and "something you cease to be".
In general, it is considered more secure to combine various classes of shibboleth, rather than using the approach of just requiring a class 1 shibboleth that is common today. So for example, a high security system might require an authorized user to login by entering a password, swiping an encoded card and passing a biometric test.
Computer security
Computer security is a branch of computer technology known as information security as applied to computers and networks. The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to...
, the word shibboleth means to test something, and based on that response to take a particular course of action. The most commonly seen usage is logging on to a computer
Computer
A computer is a programmable machine designed to sequentially and automatically carry out a sequence of arithmetic or logical operations. The particular sequence of operations can be changed readily, allowing the computer to solve more than one kind of problem...
with a password
Password
A password is a secret word or string of characters that is used for authentication, to prove identity or gain access to a resource . The password should be kept secret from those not allowed access....
or other type of credential
Credential
A credential is an attestation of qualification, competence, or authority issued to an individual by a third party with a relevant or de facto authority or assumed competence to do so....
. If the password is entered correctly, the user can log on to the computer; if the password entered is incorrect, access is blocked.
There are various classes of computer security-related shibboleth.
- Class 1: Something known; perhaps a password or another fact.
- Class 2: Something held; a card or a physical tag of some kind.
- Class 3: Something that is; a biometric feature such as a fingerprint or an iris scan.
The three classes are also jokingly referred to as "something you forget", "something you lose", and "something you cease to be".
In general, it is considered more secure to combine various classes of shibboleth, rather than using the approach of just requiring a class 1 shibboleth that is common today. So for example, a high security system might require an authorized user to login by entering a password, swiping an encoded card and passing a biometric test.