Recently I met one of my readers and he asked me what is authentication and why is it required in very simple terms. So, here is the post.
What is Authentication?
To understand the fundamentals of authentication, let's begin by taking an easy example. You are working on some file and now you want to share that file to a person named XYZ over OneDrive. So, the purpose of authentication in this case is to make sure that only XYZ can access that document.
How to achieve it?
It can be achieved by setting up the authentication system and this system will tell who all can access this file based on some predefined rules. In our case, the rule is simple - none except XYZ should be able to access the file.
How verification happens?
Entire verification activity solely depends on our authentication system. When I'm saying authentication system, it means it is nothing but a piece of software written by someone. Now how will this piece of software validate the incoming user whether it is XYZ, ABC or someone else?
The most popular way to accomplish this is by using the login form wherein user will enter its identity in the form of login details.
Let's go in a bit formal way.
Authentication is a process of identifying an entity using challenge response pattern.
Are Authentication and Identification same?
Not really. Authentication deals with only offering the challenge to the user, which is a login form in our case, whereas Identification deals with matching user claims, which can be name, DoB, etc.
Hope you got a fleeting idea on what is an authentication system. Happy learning!