Most people use username/password authentication for everyday use. Whether it be email, social media, banking information or computer login, username and passwords are the most generalized and widely known form of security. However, username/password authentication are extremely basic. According to CNN News, these are the Top 10 Passwords used in 2019:
The top 10 most common passwords of 2019:
While this is somewhat humorous, it is important to recognize that usernames and passwords are easily hacked and are the source of many data breaches.
But it doesn’t have to be this way -There are other forms of security that provide much more stringent authentication. For example, public key authentication. Even the longest passwords pale in comparison to public and private key authentications.
What is public key authentication?
Public keys and private keys are sets of two cryptographic keys, or long random numbers. Public keys are available to anyone, whereas private keys are confidential to its owner.
For public key authentication, an SSH key pair is generated by the computer. This includes a public and private key which are cryptographic. The public key is stored on the SSH Server for Windows and the public key is stored on the SSH client.
A few benefits of public key authentication:
-Superior to even the longest passwords.
-Backed by trusted cryptographic algorithms
-Automatic logon capabilities, you don’t have to try to remember your password!
How does Public / Private Key work?
For public/private key authentication, the SSH client software being authenticated has a public and a private key. The public key is stored on the server, and the private key remains on the client.
When the public key is mapped to a Windows user account, it provides automatic logon.
General Steps to Creating a Public / Private Key on your Windows SSH Server:
- Generate a Public/Private Key Pair
- Install the private Key on the SSH Client
- Install the Public Key on the SSH Server
- Map the Public Key to a Windows User Account to provide automatic logon