The personal information of millions of consumers worldwide is stolen every year with major social and economic ramifications. As more critical information is stored electronically, companies and institutions continue to focus on protecting their data.
Authentication remains a cybersecurity hot topic and its importance is cemented in modern architecture. With close to universal adoption nearly every network system has implemented an authentication protocol. Popular protocols include Basic Authentication, SAML, OAuth, and Kerberos. As time passes cybercriminals are finding new and creative methods to intercept valuable data and modern protocols have proved to be more secure than legacy methods.
What is Basic Authentication?
Basic Authentication is a simple method of providing credentials to access a network service and is still being used. It involves sending an HTTP request header with a username and password to the server. The server then checks the credentials and grants or denies access to the service. Basic Authentication is simple to implement but credentials can be easily intercepted by attackers. It does not provide any way to revoke access or control the application's scope. Even when HTTPS is used, the password is cached, and an authentication header is sent with each request. Vulnerabilities remain vast and expanding.
What is OAuth?
OAuth was designed in response to the direct authorization pattern made popular by Basic Authentication. OAuth is trying to move away from historical login flows and while a username and password may still be required (for now), credentials are used to authenticate with a registered identity provider. A token is generated for access to the application with information specifying what the requestor has access to. Additionally, tokens can also expire, provide the ability to govern access, and be revoked.
While Basic Authentication can be thought of as unlocking your house with your front door key, OAuth can be compared to collecting a key card for a hotel room. Unlocking the front door of your house grants you access to everything in the house, all the bedrooms, bathrooms, and facilities for as long as you like. In contrast, a hotel key card is picked up at the front desk. You are verified by the hotel and granted access to specific resources, facilities, and rooms depending on your card. The hotel key card could also expire or be revoked at any point during your stay.
Why it is important to adopt modern authentication
Besides the advantages of modern authentication, transitioning to a modern protocol is becoming a necessity. Legacy systems are simply not secure enough. The question is not "should you restrict Basic Authentication", but rather "when will you restrict Basic Authentication". The answer to the latter should be "before Big Tech disables Basic Authentication entirely". Companies like Microsoft have already begun the deprecation of Basic Authentication and the rest are not far behind. In a world where cybercrime, data privacy, and social responsibility are trending, being proactive is the right course of action.
If you would like to learn how to improve the security of data in your organisation our team of experts will advise you on the most effective way to undertake the transition from a legacy authentication system to modern protocols. Learn more about Keyrus or contact us directly at steven.hunt@keyrus.co.za.
Keyrus prides itself on assisting customers to build a sustainable architecture, supported by real-time data analysis and insights, aligned to their company’s data strategy. The experts at Keyrus have a passion for finding the most effective technology solution to your business challenges, they make data matter.