Security

Authentication

The process of verifying the identity of a user, device, or system before granting access to resources or services.

Also known as:AuthNIdentity Verification

What is Authentication?

Authentication is the process of verifying that someone or something is who or what they claim to be. It's a fundamental security control that precedes authorization and is essential for access control.

Authentication Factors

Knowledge Factors Something you know:

  • Passwords
  • PINs
  • Security questions

Possession Factors Something you have:

  • Hardware tokens
  • Mobile devices
  • Smart cards

Inherence Factors Something you are:

  • Fingerprints
  • Facial recognition
  • Voice patterns
  • Iris scans

Behavioral Factors Something you do:

  • Typing patterns
  • Gait analysis
  • Usage patterns

Authentication Methods

Password-Based

  • Traditional passwords
  • Passphrases
  • Password managers

Token-Based

  • TOTP/HOTP
  • Hardware tokens
  • Software tokens

Certificate-Based

  • PKI certificates
  • Smart cards
  • mTLS

Biometric

  • Fingerprint
  • Face ID
  • Voice recognition

Modern Approaches

  • Passwordless authentication
  • Passkeys (FIDO2/WebAuthn)
  • Risk-based authentication
  • Continuous authentication
Previous

Audit Log

Next

Authorization