CAPTCHA test authentication
In this example, an authentication chain is set up to include a CAPTCHA test. CAPTCHA is an acronym for “Completely Automated Public Turing Test To Tell Computers and Humans Apart.” It is a type of challenge-response test used to determine whether or not the authenticating user is human. Publicly facing instances of Bravura Security Fabric are often configured to include a CAPTCHA test as part of the authentication process in order to prevent dictionary attacks on passwords, by displaying distorted text that humans can read but current computer programs cannot.
Bravura Security Fabric leverages Google’s reCAPTCHA system and offers a scenario-based component called Scenario.hid_authchain_recaptcha to help deploy this functionality. This component will install a custom authentication chain. As part of the configuration process, you are required to set the SECRET_KEY and SITE_KEY parameters (obtained from Google) in the hid_global_configuration table.
Configure the custom authentication chain:
Chain | Module | Control type | Settings |
|---|---|---|---|
DEFAULT_LOGIN | Authentication chain selector ( | requisite | Available chains : RECAPTCHA |
DEFAULT_LOGIN | Authentication chain selector ( | required | Available chains : Use PSFEXT_VALUES |
When a user logs in:
The user must use the default module, with either a password on a trusted system or by answering security questions.
The user must solve the CAPTCHA test module.
If the response is valid, authentication proceeds. If the response is invalid, authentication is immediately terminated.
Both modules must be successfully completed before the user can log in.
You can configure a similar HELPDESK_LOGIN chain for use when a helpdesk user accesses a user’s profile in the Help users (IDA) module.