We all recognize each other without problems in everyday life. Acquaintances are recognized in person, and strangers - by passport or other document where there is a photo confirming the identity. But how to identify the person who is at the computer on the other side of the network? This task is much more complicated, and a specific method is used here - authentication. This is a way to verify your identity on the Internet.
For authentication, users usually use a certain software module that is located directly on the computer to which a person wants to receive remote or direct access. Conditionally, the work of such a module is divided into two stages:
- preliminary. Here a “reference sample" is formed. For example, a password may be requested. Also, the verification code can be assigned by the system;
- the final stage. This is an authentication pass. Here, the requested identification information is compared with a reference. Based on the results of such verification, the user is considered identified or unidentified.
Authentication is a procedure that is carried out using information of three main types:
- the user shows the computer something unique that he knows in advance. The most common form is password authentication. This is a simple but not the most reliable way;
- the user has an item with unique characteristics or content. Such an object can be a SIM card, a card with a magnetic strip, a USB token, an iButton electronic tablet. Each such item contains information that determines its uniqueness. The simplest case is that the user ID and password are read from the media and served to the authentication module. In a difficult case, a cryptographic key is located on the medium;
- in another case, information for user verification is an integral part of it. By this principle, biometric authentication is built. Here, for example, a fingerprint can be used as information.
The last - biometric - authentication should be discussed separately. Once encountered only in science fiction, these technologies are now at the stage of rapid development. Here, authenticators use the original characteristics of a person that are inherent only to him. Fingerprints, an iris map, and facial features are especially often used.
The characteristics of a person’s voice, handwritten signature samples, hand geometry, “keyboard handwriting” (time intervals between keystrokes that make up the word code, and the intensity of keystrokes) are also used as unique features. But such technologies are less common. Authentication systems are also often developed specifically for operating systems, for example, NTLM authentication created by Microsoft for Windows NT.
Authentication Disadvantages
The largest number of shortcomings in password authentication. A secret word can be stolen from the owner or hacked. Often users choose easy-to-guess simple passwords: the derivative of the identifier (often it is the identifier itself), the word of a language, etc.
Not without flaws and subject authentication. This is the abduction or seizure of an item from the owner. In addition, special equipment will be needed to work with objects. Also often for unauthorized access copies or emulators of the subject are made.