Authentication is synonymous with authentication: the process and result of authenticating. This verb, in turn, refers to verifying the authenticity or legality of something or the act of proving it as authentic.
As can be seen from these ideas, to understand what authentication is, it is essential to know what the concept of authenticity refers to. Authentic is what is certified or documented as safe or true. Said certification and / or documentation procedure, in short, is what is known as authentication.
The notion of authentication is often used in the field of computing when a computer (a computer) seeks to verify the digital identity of a sender who tries to establish communication and connect to the equipment. The sender can be a user (human), software (computer program) or another computer (machine).
Authentication, on the other hand, can be required by a system when someone tries to access it. Every time a person wants to check their email on a webmail platform, for example, they must enter their username and password. The system then proceeds to authenticate the user: it analyzes the data entered and compares it with the information available in its database. If the data matches (that is, it is correct), the authentication is complete and the system allows access. Otherwise, reject the request. Authentication, in this way, is a security mechanism.
To use an ATM (ATM) or perform an operation of electronic commerce is also necessary to go through an authentication process.
Authentication is just one of the three main steps in the processes that seek to ensure the security of data networks. Although these vary according to the system and the importance of the data to be protected, we can broadly define the following three:
* authentication: as explained above, it consists of the attempt to verify the identity of a user who wishes to establish a connection with a database;
* authorization: once properly identified, the network allows the user to access some of its resources;
* Audit: a record of all accesses made by the authorized user during their session is carried out.
The North American company Apple has an authentication system that it has called two-factor thanks to which the ID of its users has an extra layer of security. Simply put, the goal is to minimize the chances of someone accessing someone else’s account, even if they know their victim’s password.
Apple’s two-factor authentication allows users to define their trusted devices (such as a Mac, iPad, or iPhone) so that they can only establish a connection from them. If you want to log in from one that has not been stored in the database, then you must specify two pieces of information: the password and a six-digit code that allows you to verify your identity.
To further explain this authentication system, consider a user who has an iPad and wants to access his account for the first time from a Mac that he has recently acquired. You will first need to enter your password on the new device, after which you will need to copy a verification code that will automatically appear on your iPad. It goes without saying that the only way to violate this security measure – not to mention a complex computer attack on Apple’s databases – is to steal both devices, in addition to finding out the password of their owner.
