What Is User Authentication?
Authentication is the process of verifying the identity of a user or information. User
authentication is the process of verifying the identity of a user when that user logs in to a
computer system.
Why Is User Authentication Important?
User authentication is a method that keeps unauthorized users from accessing sensitive
information. For example, User A only has access to relevant information and cannot see the
sensitive information of User B.
Hackers gained access to Yahoo user accounts to steal contacts, calendars and private emails
between 2012 and 2016. The Equifax data breach in 2017 exposed credit card data of more than
147 million consumers. Without a secure authentication process, any organization could be at
risk.
Authentication vs. authorization
Authorization includes the process through which an administrator grants rights to authenticated
users, as well as the process of checking user account permissions to verify that the user has been
granted access to those resources. The privileges and preferences granted for an authorized
account depend on the user's permissions, which are either stored locally or on an authentication
server. The settings defined for all these environment variables are established by an
administrator.
There are different types of authentication systems which are: –
1. Single-Factor authentication: – This was the first method of security that was developed.
On this authentication system, the user has to enter the username and the password to confirm
whether that user is logging in or not. Now if the username or password is wrong, then the user
will not be allowed to log in or access the system. Passwords are the most common methods of
authentication. Passwords can be in the form of a string of letters, numbers, or special characters.
To protect yourself you need to create strong passwords that include a combination of all
possible options. However, passwords are prone to phishing attacks and bad hygiene that
weakens effectiveness. An average person has about 25 different online accounts, but
only 54% of users use different passwords across their accounts. The truth is that there are a lot
of passwords to remember. As a result, many people choose convenience over security. Most
people use simple passwords instead of creating reliable passwords because they are easier to
remember. The bottom line is that passwords have a lot of weaknesses and are not sufficient in
protecting online information. Hackers can easily guess user credentials by running through all
possible combinations until they find a match.
Advantage of the Single-Factor Authentication System: –
 It is a very simple to use and straightforward system.
 it is not at all costly.
 The user does not need any huge technical skills.
The disadvantage of the Single-Factor Authentication
 It is not at all password secure. It will depend on the strength of the password entered by
    the user.
 The protection level in Single-Factor Authentication is much low.
2. Two-factor Authentication: – In this authentication system, the user has to give a
username, password, and other information. There are various types of authentication systems
that are used by the user for securing the system. Some of them are: – wireless tokens and
virtual tokens. OTP and more. It is good but time wasting
3. Multi-Factor authentication system,: – In this type of authentication, more than one factor
of authentication is needed. This gives better security to the user. Any type of key-logger or
phishing attack will not be possible in a Multi-Factor Authentication system. This assures the
user, that the information will not get stolen from them.
4. Certificate-based authentication
        Certificate-based authentication technologies identify users, machines or devices by using
         digital certificates. A digital certificate is an electronic document based on the idea of a
         driver’s license or a passport.
      The certificate contains the digital identity of a user including a public key, and the
         digital signature of a certification authority. Digital certificates prove the ownership of a
         public key and issued only by a certification authority.
      Users provide their digital certificates when they sign in to a server. The server verifies
         the credibility of the digital signature and the certificate authority. The server then uses
         cryptography to confirm that the user has a correct private key associated with the
         certificate.
 Operating Systems generally identify/authenticates users using the following 3 ways:
 Passwords, Physical identification, and Biometrics. These are explained as following below.
 Physical Identification: This technique includes machine-readable badges(symbols), cards, or
 smart cards. In some companies, badges are required for employees to gain access to the
 organization’s gate. In many systems, identification is combined with the use of a password i.e
 the user must insert the card and then supply his /her password. This kind of authentication is
 commonly used with ATMs. Smart cards can enhance this scheme by keeping the user
 password within the card itself. This allows authentication without the storage of passwords in
 the computer system. The loss of such a card can be dangerous.
 Biometrics: This method of authentication is based on the unique biological characteristics of
 each user such as fingerprints, voice or face recognition, signatures, and eyes. Biometrics
 authentication is a security process that relies on the unique biological characteristics of an
 individual. Here are key advantages of using biometric authentication technologies:
      Biological characteristics can be easily compared to authorized features saved in a
         database.
      Biometric authentication can control physical access when installed on gates and doors.
      You can add biometrics into your multi-factor authentication process.
 Biometric authentication technologies are used by consumers, governments and private
 corporations including airports, military bases, and national borders. The technology is
 increasingly adopted due to the ability to achieve a high level of security without creating
 friction for the user. Common biometric authentication methods include:
 Facial recognition—matches the different face characteristics of an individual trying to gain
 access to an approved face stored in a database. Face recognition can be inconsistent when
 comparing faces at different angles or comparing people who look similar, like close relatives.
 Facial liveness like ID R&D’s passive facial liveness prevents spoofing.
Fingerprint scanners—match the unique patterns on an individual’s fingerprints. Some new
versions of fingerprint scanners can even assess the vascular patterns in people’s fingers.
Fingerprint scanners are currently the most popular biometric technology for everyday
consumers, despite their frequent inaccuracies. This popularity can be attributed to iPhones.
Speaker Recognition —also known as voice biometrics, examines a speaker’s speech patterns
for the formation of specific shapes and sound qualities. A voice-protected device usually relies
on standardized words to identify users, just like a password.
Eye scanners—include technologies like iris recognition and retina scanners. Iris scanners
project a bright light towards the eye and search for unique patterns in the colored ring around the
pupil of the eye. The patterns are then compared to approved information stored in a database.
Eye-based authentication may suffer inaccuracies if a person wears glasses or contact lenses.
 Retinal pattern – It is concerned with the detailed structure of the eye.
 Signature – Every individual has a unique style of handwriting, and this feature is reflected in
 the signatures of a person.
 Voice – This method records the frequency pattern of the voice of an individual speaker.