The authentication process attempts to verify the identity of a user or system. After identification has been established, the authenticated system or user can then have access according to the parameters established by the systems administrator.
There are three methods by which users or systems can prove that they are what they claim to be. You can prove your identity by
- Proving what you know
- Showing what you have
- Demonstrating who you are
These three methods describe the various means of authentication as shown in the table below.
The most common authentication method on the Internet and in the computer world is password authentication. To create a more sophisticated authentication system, you might choose more than one authentication method.
For instance, when securing a building both a card and a password might be required to enter the building.
Techniques that augment authentication systems are password generators
and one-time passwords (OTP).
These products are aimed at preventing system snooping
and password hijacking. Because the passwords are used only once, a hacker who decodes any given password has no advantage.