Unauthenticated

Unauthenticated refers to a state in which a user, process, or entity has not proven its identity to a system. In computing, authentication is the process of verifying credentials such as passwords, tokens, or certificates. When credentials are not supplied or fail verification, the entity is considered unauthenticated.

In network and application security, unauthenticated access describes resources that do not require login or credentials.

Risks associated with unauthenticated access include information disclosure, abuse, and impersonation if access controls are misconfigured

In practice, unauthenticated status is a transitional concept that contrasts with authenticated and authorized states. A