Understanding Authentication

Authentication

Authentication is the process of recognizing a user’s identity. It is the mechanism of associating an incoming request with a set of identifying credentials. The credentials provided are compared to those on a file in a database of the authorized user’s information on a local operating system or within an authentication server. It is the process of determining whether someone (or something) is, in fact, who (or what) it is declared to be.

Authentication ensures that the eyes viewing the documents have been approved by you.

Authentication is important because it enables organizations to keep their networks secure by permitting only authenticated users (or processes) to access its protected resources, which may include computer systems, networks, databases, websites, and other network-based applications or services.

Methods of Authentication

The authentication process always runs at the start of the application, before the permission and throttling checks occur, and before any other code is allowed to proceed. Three categories in which someone may be authenticated are:

  • Something the user knows (i.e. passwords): Itis the most common factor used and can be a password or a simple personal identification number (PIN). When using passwords, it’s important to use strong passwords. In most situations, password is the only piece of information that other people do not know and the only way for you to keep your information secure. This approach to authentication has several drawbacks, particularly for resources deployed across different systems. Attackers can exploit weak passwords and use brute force attacks against the hashed passwords to extract the passwords. Password-based authentication weaknesses can be addressed to some extent with smarter user names and password rules like minimum length and stipulations for complexity, such as including capitals and symbols
  • Something the user is (scanned body part, i.e. fingerprint): Biometric methods provide the something the user is a factor of authentication. Some of the biometric methods that can be used are fingerprints, hand geometry, iris scans, handwriting, and voice analysis. Fingerprints and handprints are the most widely used biometric method in use today. The technology to deploy this type of authentication is expensive and does not translate easily to all the ways we access resources.
  • Something the user has(e. token keys): The something the user has factor refers to items such as smart cards or hand-held tokens. A smart card is a credit-card-sized card that has an embedded certificate used to identify the holder. The user can insert the card into a smart card reader to authenticate the individual. Smart cards are commonly used with a PIN providing multi-factor authentication. In other words, the user must have something (the smart card) and know something (the PIN)

Nowadays, Single Sign On (SSO) authentication is widely used by a large number of companies. SSO authentication is a process that lets you stay logged on even when you move to a different domain. This system is ideal for organizations that have various products and services located on different websites. Google is a great example of how this system works. When a user logs into their Gmail account, they’ll have access to all of Google’s services—YouTube, Google Analytics, Google Drive, etc. without needing to sign in again. Users will be able to drastically cut down the number of accounts they have to manage when SSO authentication is used. With fewer passwords to remember, users can focus on creating stronger credentials.

Does your organization require strong Authentication mechanisms?  Contact LIFARS today!