Control PasswordVerifier

A (physical) host with a user interface that also supports shell access, making it possible for users to log in. Attackers who can gain physical access could also exploit vulnerabilities and gain control over the device.

Represents a process (usually implemented by software running on a Host) that can read, update or create data, or exchange data with other processes.

Access to a service Service requires a one time key, generated using a one time key device which itself requires a password entered by the user Human, who then types the one time key into their client application Client.

Access to service Service is controlled, by authenticating authorised users using a one time key created using a client-side authentication device provided to them.

Access to a service Service requires the user Human to supply a password, and then enter a key which is sent to them via a separate channel into their client application Client.

Access to service Service is controlled, by authenticating authorised users using a password and a separate key sent to them via a separate (out of band) means.

Access to a service Service requires a password, which is stored by the client process Client on its host CHost.

The service Service controls access by requiring users to authenticate with a password.

Access to a service Service requires a password, which was supplied originally by the user Human and stored by the client Client in a secure password store.

Access to a service Service requires a password, which was supplied originally by the user Human and stored by the client Client in a secure password store.

Users in the role Human choose a password which is registered with the system allowing access to Service.

Users in the role Human choose a password which is registered with the system allowing access to Service.

Access to service Service is controlled, by authenticating authorised users using a strong password, which is supplied each time by the user Human. This is a trigger condition for the potential risk that the user may forget the strong password.

Access to device Host is controlled, by authenticating authorised users using a password.

Users in the role Human choose a password which is registered with the system allowing access to interactive host Host that authenticates using the password.