Report on Authentication Control Failure in Pixelated Pony Corporation

Verified

Added on 2022/12/23

AI Summary

This report analyzes the issue of authentication control failure, focusing on the case of the Pixelated Pony Corporation. It explores the vulnerabilities of single-factor authentication (SFA) and the importance of multi-factor authentication (MFA) in securing IT infrastructure. The report details the corporation's missteps, including failures in key servers and data breaches, attributing these to weak authentication controls and inadequate change management. It examines the limitations of SFA and the ineffectiveness of Two-Factor Authentication (TFA) in preventing modern cyberattacks. The report concludes by emphasizing the necessity of implementing MFA and robust password policies, including account lockouts and CAPTCHA-based throttling, to mitigate the risks associated with authentication control failures. The report provides a thorough review of the problems, causes, and potential solutions for authentication failures in an IT setting.

Running head: AUTHENTICATION CONTROL FAILURE
AUTHENTICATION CONTROL FAILURE
Name of the Student
Name of the University
Author note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

AUTHENTICATION CONTROL FAILURE
Table of Contents
Introduction: 2
Discussion: 2
Single Factor authentication (SFA) Control: 2
Multi-Factor Authentication (MFA) controls: 2
Authentication control failed in Pixelated Pony Corporation: 3
Mitigation process: 4
References: 5

AUTHENTICATION CONTROL FAILURE
Introduction:
The IT professionals deal with several kinds of the malicious attacks that are done by
the attackers which push them to keep and operate with several forms of security for securing
their network, software as well as hardware.
The aim of the report is to evaluate and assess the change management and
configuration control that will be used for the purpose of securing the IT infrastructure within
the organization. The report also analyzes the limitations of the access controls and
authentication controls. This will provide the information reason about the authentication
control failures as well as the mitigation controls.
Discussion:
Single Factor authentication (SFA) Control:
The Single Factor Authentication is referred to the process of protecting and securing
the access for a particular system. These systems may consider the network of the
organization and also the website for the organization which deals with the identification of
the user that is requesting to get the access by means of only one category of password or
credentials.
The SFA is the type of the authentication which is based on passwords (Oriyano,
2014). The security of the password depends on the diligence of the user using the account in
the system.
Multi-Factor Authentication (MFA) controls:
The MFA is the kind of security system that deals with more than one process of
authentication from the categories of the credentials which can be independent in nature for
the task of verification of the identity of the user for purpose of login.

AUTHENTICATION CONTROL FAILURE
Authentication control failed in Pixelated Pony Corporation:
The Pixelated Pony Corporation is an online education provider that serves and
provides online education to millions of students around the world. For obtaining more
success in the business the organization implemented some new feature to their website
which were considered as the missteps by the company. The organization faced problem with
the key servers in several instances in the last two years. This affected nearly 10,000 students.
The main reasons are the failure of the authentication control systems and processes.
The key servers are directly related with the authentication control mainly the single factor
and the multifactor authentication control process. The needed level of the availability for the
key company servers were not done by the organization. The new surfing policy was
activated by the company without testing the impact and notifying the students and teachers
that have accounts in the website.
The risk has been faced by the single factor authentication because the SFA is a very
general process of securing the system as it uses only password form of security which can be
easily hacked when there is no effective maintenance present in the system administrator and
the users create their own passwords which are in most cases weak and inefficient to protect
their account from any kind of vulnerability (Abdurrahman, Kaiiali & Muhammad, 2013).
The same situation has happened with the Pixelated Pony Corporation where they have
developed inefficient surfing policy and OS updates onto the key servers which created
disturbance in the authentication parameters making the passwords weak and available to the
hackers.
There were other reports received from the organization which depicts the reason for
the failure of the Two Factor Authentication (Venezia, 2008). The TFA is inefficient in
providing safety and security to defend the phishing attacks and prevent the identity thefts. It

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

AUTHENTICATION CONTROL FAILURE
is inefficient in providing secured online credentials of the accounts. The new generation
problem created by the attackers cannot be avoided by the TFA control process. The same
case happened with the organization where the user used easy passwords that were easily
cracked down by the attackers. However the man in the middle attacks and the Trojan attacks
which get between the networks can easily crack down the password or the security
questions.
Mitigation process:
The most effective process for the mitigation of the single factor authentication
processes are the implementation of the Multifactor Authentication process. The condition of
implementing the multifactor authentication process needs to be well defined during the
implementation which helps in defeating the password guessing problem (Petsas et al., 2015).
The use of Strong passwords and their requirements in accordance to the Account lockouts
throttling authentication attempts that include the implementation of the captcha based
throttling which can mitigate the problem for the organization.

AUTHENTICATION CONTROL FAILURE
References:
Abdurrahman, U. A., Kaiiali, M., & Muhammad, J. (2013, November). A new mobile-based
multi-factor authentication scheme using pre-shared number, GPS location and time
stamp. In 2013 International Conference on Electronics, Computer and Computation
(ICECCO) (pp. 293-296). IEEE.
Oriyano, S.-P. (2014). Hacker techniques, tools, and incident handling. (2nd ed.) Burlington,
MA: Jones & Bartlett Learning.
Petsas, T., Tsirantonakis, G., Athanasopoulos, E., & Ioannidis, S. (2015, April). Two-factor
authentication: is the world ready?: quantifying 2FA adoption. In Proceedings of the
eighth european workshop on system security (p. 4). ACM.
Venezia, P. (2008). Why San Francisco's network admin went rogue. InfoWorld. Retrieved
from http://www.infoworld.com/d/adventures-in-it/why-san-franciscos-network-
admin-went-rogue-286