Login/password authentication
Login/Password authentication is a traditional authentication method where users verify their identity by providing a unique username (login) and a confidential password. In Visual Guard, this method is typically used with Visual Guard local users or database users, with access controlled through roles, groups, and security policies.
Key Components
π Username (Login)
The username serves as a unique identifier for each user within Visual Guard. It is used to distinguish users during authentication and authorization processes and ensures that access and activity can be accurately associated with the correct individual account.
π Password
The password is a confidential credential used to verify a userβs identity during login. Visual Guard protects passwords using secure encryption and hashing mechanisms and ensures they are never stored or transmitted in plain text, helping safeguard user credentials against unauthorized access.
π Password Policies
Password policies define security rules such as minimum length, complexity requirements, expiration intervals, reuse restrictions, and account lockout thresholds. Enforcing these policies helps strengthen overall security and reduces the risk of weak or compromised passwords.
π‘οΈ Multi-Factor Authentication (MFA)
Multi-factor authentication adds an extra layer of security by requiring an additional verification step beyond the username and password. This may include one-time passwords (OTP), email verification, or other supported methods, significantly reducing the risk of account compromise.
π Authentication Logging
Visual Guard records all authentication events, including successful logins, failed attempts, and security-related actions. These logs provide valuable insights for auditing, troubleshooting access issues, and meeting compliance and regulatory requirements.
Benefits
β Simple and Familiar
Login and password authentication is a widely recognized and easily understood method for users. Its familiarity reduces training needs and support requests, making it straightforward for users to access the system without a learning curve.
βοΈ Easy to Implement and Manage
This authentication approach does not rely on external identity providers, allowing it to be implemented quickly in standalone or internal environments. Administrators can manage users, credentials, and access directly within the system, simplifying setup and ongoing maintenance.
π Policy-Driven Security
Security is strengthened through configurable password policies, including complexity requirements, expiration rules, reuse restrictions, and account lockout mechanisms. These policies help prevent weak passwords and reduce the risk of credential compromise.
π Compatible with MFA
Login and password authentication can be enhanced with multi-factor authentication (MFA) to provide an additional layer of protection. MFA helps secure accounts even if passwords are compromised, making this method suitable for higher-security environments.