Authentication refers to the process of identifying an individual, usually based on a username, password, and some type of additional verification. Authentication confirms that an individual is who they claim to be, which prevents unauthorized access to a program, system, network, or device, but does not affect the access rights of the individual. In security systems, authentication is a distinct form of authorization, the process of admitting individuals to system objects based on their identity.

Authentication layers

Authentication typically consists of one of the following variables or some combination:

  • Knowledge: something you know, which is generally an email address, ID number, or username and password, although it can also include custom security questions and CAPTCHA verification
  • Possession: something you have, which could be an email verification link, one-time password (OTP), identification badge, keycard, or browser cookie
  • Inherence: something you are, including biometrics such as retinal scans, fingerprints, voice recognition, or facial recognition

Any combination of these variables creates a multi-factor authentication process, which sometimes requires user participation but can also be done discreetly, as in the case of cookie authentication. Authentication occurs most times a user attempts to access a program, network, device, etc., except in the case of guest access and automatic login.

Basic authentication compares a variable from the user with what s stored in the system being accessed. In the case of username and password, for example, the credentials a user enters at login will be cross referenced with a database of stored usernames and corresponding passwords. If both credentials match, the user will be granted access. If one or both credentials are invalid, an error message will be returned (although different scenarios may return different messages). In particularly sensitive or high-risk login situations, too many unsuccessful authentication attempts may cause account lockout, where a user must take extra steps to authenticate their identity.

Vangie Beal
Vangie Beal is a freelance business and technology writer covering Internet technologies and online business since the late '90s.

Top Articles

List of Windows Operating System Versions & History [In Order]

The Windows operating system (Windows OS) refers to a family of operating systems developed by Microsoft Corporation. We look at the history of Windows...

How to Create a Website Shortcut on Your Desktop

Website Shortcut on Your Desktop reviewed by Web Webster   This Webopedia guide will show you how to create a website shortcut on your desktop using...

What are the Five Generations of Computers? (1st to 5th)

Reviewed by Web Webster Learn about each of the 5 generations of computers and major technology developments that have led to the computing devices that...

Hotmail [Outlook] Email Accounts

Launched in 1996, Hotmail was one of the first public webmail services that could be accessed from any web browser. At its peak in...


Imperva is a cybersecurity company focused on protecting web applications, APIs,...

Barracuda Networks

Barracuda Networks is a multinational cybersecurity company specializing in email and...

Merkle Proof

Merkle proofs describe the verification process for identifying the components of...