Authentication Fundamentals

Authentication is the process in which a subject proves that they are who they claim to be. Whether it involves a key card and PIN or a username and password, this process is composed of two steps: identification and confirmation. Identification is the first step of claiming to be a certain person, and confirmation is the second step, which allows a subject to prove that claim. Both online and offline, authentication is ubiquitous. You’re required to prove your identity when doing all sorts of things whether it’s picking up concert tickets, checking into a hotel, or disputing a charge on your latest cell phone bill.

When I log in to my online bank, I go through the authentication process by entering a username and ...

Get Web Application Security, A Beginner's Guide now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.