Logging (computer security)

Article on other languages:

del.icio.us del.icio.us
Digg Digg
Furl Furl
Reddit Reddit
Rojo Rojo
Add to OnlyWire
For logging in on Wikipedia, see Wikipedia:Logging in.
"Login" redirects here. For other uses, see Login (disambiguation).

In computer security, login (logging or signing in) is the process by which individual access to a computer system is controlled by identification of the user using credentials provided by the user. A user can log in to a system to obtain access, and then log out when the access is no longer needed. Note that the term log in (a verb) is two words, while login (a noun or adjective referring to the procedure, credentials, or form used) is one word; the same applies to log out and logout.

Contents

Logging in

The website Wikipedia's login form. A user name and password are required.
The website Wikipedia's login form. A user name and password are required.

To log in (also: to log on, sign in, or sign on) is to identify oneself to the system in order to obtain access. The concept derives from the action of clocking in on arrival at a factory, where a worker would stamp a timesheet or card upon their arrival. Its usage in computing derives from IBM parlance.

The primary use of a computer login procedure is to authenticate the identity of any computer user (or computer software on this or a different computer) attempting to access the computer's services. The login procedure can also provide an audit trail of the use of the system.

To log in to a system usually requires:

  • a user name, a unique sequence of characters the user chooses to represent himself or herself with. A user name can be the user's real name, but is more often a short nickname or screen name. The term User ID is also used on some systems (e.g. EBay). Many websites now use emails in place of the username, which are not publicly available, making password guessing much more difficult (the hackers need to guess the email as well)[citation needed]
  • a password, another sequence of characters which provides the user with a key to the system and is kept secret from others.


Logon banner in Windows Server 2008.
Logon banner in Windows Server 2008.

The login prompt of operating systems is sometimes preceded by a logon banner which is a short message written by the system administrator. The logon banner usually pops up as a dialog box and it requires acknowledgement (typically the user clicking the OK button) before it will disappear. The logon banner is typically used in universities, schools and businesses to inform users about their rights when using the system[1] Legal information may also be included. Employers who monitor their employees using employee monitoring software usually state in the logon banner that user activity is being monitored. Users cannot claim ignorance as the logon banner requires acknowledgment before the user can even log on to the computer.

Logging out

To log out (also: to log off, sign out, or sign off) is to close off one's access to a computer system after previously having logged in.

Logging out may be done explicitly by the user performing some action, such as entering the appropriate command, or clicking a website link labeled as such. It can also be done implicitly, such as by powering the machine off, closing a web browser window, leaving a website, or not refreshing a webpage within a defined period.

In the case of web sites that use cookies to track sessions, when the user logs out, session-only cookies from that site will usually be deleted from the user's computer. In addition, the server invalidates any associations with the session, making any session-handle in the user's cookie store useless. This features comes in handy if the user is using a public computer. As a security precaution, one should not rely on implicit means of logging out of a system, especially not on a public computer, instead one should explicitly log out and wait for the confirmation that this request has taken place.

Logging out of a computer when leaving it is a common security practice, preventing unauthorized users from tampering with it. There are also people who choose to have a password-protected screensaver to activate after some time of inactivity, requiring the user to renter their login credentials to unlock the screensaver to gain access to the system.

References

  1. ^ "IT Security Office -- KU Approved Login Banner". www.security.ku.edu. Retrieved on 2008-04-15.

See also

Look up login in
Wiktionary, the free dictionary.
Retrieved from "http://en.wikipedia.org/wiki/Login"

This article is from Wikipedia. All text is available under the terms of the GNU Free Documentation License.

Giant Panda

Mercedes Car
James Bond Guide
This site monitored by SitePinger.net