Authentication

Joran Hofman
April 3, 2021

What is Authentication?

Authentication is the process where the server recognizes a user’s identity. It is the mechanism by which an incoming request is associated with a set of existing credentials. The credentials provided by request are compared to ones in the database of the user’s information within an authentication server.

Why is it Important To Use an Authentication?

Protecting data and private information is important and paramount in almost every case; authentication is very important to prevent the leakage of information and data and to keep unauthorized users from accessing personal accounts; that’s why there exist lots of tools to make it hard to access data protected by credentials.

Apps take these facts as something important to keep in mind, and every day, there are new ways to protect data being developed, be it Google’s authentication, the two-factor system, or the captcha.

What Types of Authentication Exist?

Three general types of authentication, are known and they are:

  1. Basic Authentication, being the simplest authentication method to authenticate access to resources in HTTP. The user inputs the credentials and submits them, and then the username and password are made into a string, and after that, the credentials are sent along with each HTTP request made.
  2. Cookie Based Authentication is also known as the session-based authentication method. In which the user is assigned unique identification data, and this identity is stored on the server’s database. Clients then send this session id in the requests made, and then it’s utilized to identify the user to access the account related to the identification data.
  3. Server-generated authentication (which is also called bearer authentication) is an HTTP authentication that involves security tokens called bearer tokens made by the server. That’s to say, instead of sending over a username and password for authentication, a server-generated token is utilized to authenticate in a website.

What is Two-Factor Authentication?

Two-factor authentication (2FA), sometimes called dual-factor authentication, is a security process where users provide two different authentication methods to access their accounts. This process is done to better protect both the user's credentials and the resources the user can access with their account. 

The two-factor authentication provides a higher level of security than normal authentication methods that depend on single-factor authentication (SFA). The user provides only one factor -- typically, a password or passcode, like utilizing just only a nickname and password.

Two-factor authentication methods rely on a user providing a password, as well as a second factor, usually either a security token, email verification, or a biometric factor, such as a fingerprint or facial scan.

Two-factor authentication it’s one of the most recommended authentication methods because it adds a layer of security to the authentication process by making it harder for attackers to gain access to a person's devices or online information because knowing the victim's password is just not enough to pass the authentication method. 

Two-factor authentication has a long history of being used to control access to sensitive systems and data, and online services are increasingly using 2FA to protect their users' credentials and their data from being used by hackers who have stolen a password database or used scams to obtain their access information.

Explore more glossaries