Authentication is the verification of information that represents a party making an access request.

An authentication process consists of two steps

  1. Identification step: Presenting a known unique identifier to the authenticating system, (or sufficient information about the requesting party to resolve to a known identity.)
  2. Verification step: Presenting or generating information that corroborates the relationship between the identifier the party it identifies.

Because there are many alternatives types of information that can be used by the verification step authentication is referred to as being “factored”. Different authentication methods are classified by how they are factored.

The most common factors are:

  • Something the agent knows. Typically a username password combination.
  • Something the agent has. For example, a key card or file with a special code.
  • Something the agent is. That is, a biometric identifier such as a finger or voice print.

Authentication methods are frequently designated as single-factor, two-factor, or multi-factor authentication according to how many of these factors are used.


Some literature refers to authenticating digital signatures or certificates. This is incorrect. Digital signatures are signed and verified. Digital certificates are issued and validated.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s