Put simply, authentication is the process of verifying a user's claim about who they are. Your user is making a claim about their identity, and you want to make sure that the identity is authentic. This is typically done by having the user provide some information that only they could be reasonably expected to have. In access-controlled software, that information is typically a set of credentials, such as a username and password combination, but it could be any number of things, such as knowledge of previous addresses or familial ties.

Authentication credentials could be anything that the user in question should reasonably be expected to know, and which no one else could reasonably be expected to know. Once these credentials ...

Get Hands-On Network Programming with C# and .NET Core now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.