Securing User Accounts: Authorization, Registration, and Passwords

This course is included in our On-demand training solution.


Without the ability to gain entry to a network, hackers are powerless, so establishing effective authorization protocols is vital. In this course, you’ll learn about key authentication concepts and best practices such as identification, user authentication components, the user logon process, and how to effectively manage user account credentials. This course also covers registration security, including how to use Completely Automated Public Turing test to tell Computers and Humans Apart or CAPTCHA, and enabling two-step verification. Finally, this course introduces password security best practices, including establishing password strength, complexity, and age criteria.

Target Audience

Individuals such as network administrators, programmers, risk managers, and other key individuals interested in establishing and maintaining secure user account policies and practices



Expected Duration

120 min.

Course Objectives

Course Introduction

Authentication and Identification

  • describe characteristics of the authentication and identification process and the relationship between them
  • User Authentication Components

  • distinguish between the three user authentication components and how they interrelate
  • Authentication Types

  • distinguish between the different types of authentication
  • Authorization

  • describe characteristics of authorization
  • User Logon Process

  • identify the phases of the user logon process
  • Authentication Credentials Overview

  • identify characteristics and purpose of credentials
  • Password Credentials

  • identify characteristics of password credentials
  • Asymmetric Key Credentials

  • identify characteristics of asymmetric key credentials for authentication
  • Biometric Credentials

  • identify characteristics of biometric credentials
  • Ticket-based Hybrid Authentication

  • identify characteristics of ticket-based hybrid authentication credentials
  • Registration Basics

  • describe characteristics and purpose of secure user account registration policies and practices
  • Username Best Practices

  • describe best practices for securing usernames and user identifiers
  • Account Verification

  • identify best practices for account registration verification
  • Using CAPTCHA

  • identify best practices and purpose of using Completely Automated Public Turing test to tell Computers and Humans Apart or CAPTCHA for user account registration and set-up
  • Enabling Two-Step Verification

  • describe purpose and best practices for implementing two-step verification in user account registration policies
  • Preventing Username Enumeration

  • describe best practices for preventing username enumeration as part of user account registration security
  • Password Strength Criteria

  • describe best practices for setting minimum password strength criteria policies
  • Password Complexity Requirements

  • identify password length, width, and depth requirements that can enhance password security
  • Password Field Security

  • identify best practices for password field security
  • Password Strength Feedback

  • describe techniques for providing feedback to users on password strength
  • Enforcing Password History Policies

  • describe benefits and best practices for enforcing password history policies
  • Password Age Policies

  • describe benefits and best practices for setting minimum and maximum password age requirements
  • Protecting Against Password Hacking

  • identify best practices for preventing password hack attempts
  • Exercise: Securing User Account Registration