Deploying Better Authentication


You're the CSO at a medium-sized company. You've realized that the authentication mechanisms for your employees—passwords that must be "strong" and changed frequently— are inadequate. That is, you've realized the issues with bad passwords, password storage, etc., before anyone has exploited the weak authentication and created mischief. Your job is to write a memo to top management explaining the problem, the risks, and your proposed solution.


However...


The rest of top management—the CEO, the CFO, and the Board of Directors—is composed of very busy, semi-technical people. Therefore, your note may be at most two pages long (1" margins, no font smaller than 12-point). The note must explain:



Some points to remember:


Again: two pages max, written for a semi-technical audience. You may, if you wish, submit up to one additional page justifying some decisions, e.g., for recovery against a lost credential.


This homework must be submitted via Courseworks as a PDF file.