Home

authentication

Authentication is the process of verifying the identity claimed by a user, device, or other entity before granting access to resources. It is a core part of the AAA framework (authentication, authorization, accounting) and is distinct from authorization, which determines what an authenticated subject is allowed to do.

A common way to categorize authentication factors is by what the user provides: something you know (passwords

Authentication workflows may involve password submission, challenge-response tests, biometric scans, or cryptographic proofs. Modern trends include

Protocols and technologies commonly used for authentication include SAML, OpenID Connect, and OAuth in federated and

Security considerations include the risk of credential theft, phishing, and credential stuffing. Defenses emphasize MFA, phishing-resistant

or
PINs),
something
you
have
(security
tokens,
smart
cards,
mobile
devices
used
as
tokens),
something
you
are
(biometrics
such
as
fingerprints
or
facial
recognition).
Some
approaches
add
environmental
or
behavioral
factors,
such
as
location,
typing
patterns,
or
movement.
Many
systems
use
multiple
factors
in
combination,
known
as
multi-factor
authentication
(MFA),
to
improve
security.
passwordless
methods
that
rely
on
devices
or
biometrics,
and
federated
identity
systems
that
rely
on
a
trusted
identity
provider
to
authenticate
users
across
services.
delegated
scenarios;
Kerberos
in
enterprise
networks;
and
TLS
with
client
certificates
for
strong
transport-layer
authentication.
Public
key
infrastructure
(PKI)
underpins
many
of
these
mechanisms.
authenticators
(such
as
FIDO2/WebAuthn),
device
binding,
security
logging
and
anomaly
detection,
and
the
use
of
passwordless
options
where
appropriate.
Password
managers
and
good
onboarding
practices
support
usable
yet
secure
authentication,
while
privacy
and
accessibility
concerns
should
be
addressed
in
system
design.