Hi, Adam Row.
So I want to welcome you to a section of our course now,
where we are digging into classical cybersecurity.
And we're going to start with what I think maybe the most important primitive in
cyber it's called authentication.
And let's talk a little bit about this because I think he asked ten cybersecurity
experts, what is the one most important thing you can do,
if you're allowed to have one thing what would you pick?
They'd all say authentication.
The idea that, if Alice and Bob are communicating, this ability for
Alice to identify herself to Bob in such a manner,
that Bob can be pretty confident that it's really Alice.
That's for many people the most important thing that goes on, so
let's start with the idea of identification.
How do we identify ourselves just in regular life?
How do I Identify that I'm Ed?
If I meet you somewhere and I woke up to you and I say, hey, how you doing?
I'm Ed, I hope you enjoy the course and you see me.
You see my face, you see my voice, you see who I am.
Contextually, maybe there's a reason why we would see each other.
You probably pretty confident when I say I'm Ed, that's fine, and
question is my name a secret.
Is your identifier a secret?
Is your email address a secret?
Is your phone number a secret?
These are weird questions, right?
Your phone number, let's say I said, is your mobile number a secret?
You would say, of course not.
It's on my business card, or I tell my friends, or whatever.
But if you're in some creepy bar somewhere and some weirdo comes up to you and
says, hey, can I have your mobile number?
You're probably not going to be sharing it, and
you're glad that at least in some sense it's secret.
So there's this weird kind of concept of what's secret, what's not.
Your user ID.
If I know your user ID for
a particular system you use, we all know that most systems have lockout.
Which means, if I know your user ID,
I can type it in, I can type a bogus password, it'll say no.
I type your user ID, I type a bogus password, it'll say no.
I do it enough times, I lock you out.
Just by knowing your User ID.
So is it secret?
Should it be secret?