Skip to main content

Authentication

Authentication is the process of establishing a userโ€™s identity. In other words, it is who they are.

Authentication is sometimes abbreviated to AuthN.

While it is related, it is not the same thing as authorization.

Multi-Factor Authenticationโ€‹

Authentication is based on one or more of the following factors:

  • Something you know (a password, PIN, security image, etc)
  • Something you have (a TOTP token generator like Authy, a Yubikey, etc)
  • Something you are (fingerprint or retina scans, etc)

Username and password logins are single-factor authentication. Multi-Factor Authentication (MFA) adds a second factor of a different type. Two separate checks of the same factor do not count as MFA โ€” for example, a password and security image are still both things you know and are therefore still single-factor.