Type and authentication technology
Despite the fact that many do not know what authentication, each user of a global network daily is found with the procedure of its passage. Some start their day with this operation, others – including the computer, others checking email and visiting web pages of the fourth – in network connection process.
What it is
Authentication – based security of any system on the software level. Access to information is protected by ID and password. The first may be a login name, user name, e-mail or generated code.
Thus, a user who is registered on the server or in any other system, receives a unique id. It is only he (the digital value, which may be an ordinary serial number). Identification is a representation of the user data, and authentication – the adoption of this information by the server. These two procedures and the conditions for their implementation are related to each other.
Instead of the term authentication is often used more than the simple expressions that can be called synonymous:
To understand what it means, the authorization process is sufficient to provide regular input into the social network account with your email address(id) and password.
Video: Biometric authentication
Generally, authentication methods separated by to be used in process tools and their quantity.
The types of authentication on such grounds are divided into several groups:
- the information component (when you know what to anyone else is unknown, for example, password);
- the subject or agent (in the case of using the card key-mark, a badge, a special USB-stick);
- biometrics (retina, fingerprint, blood group);
- user information (access to certain information depending on the location of the language information from the browser cache).
The most famous and common way is password protection. With the passage of the authorization process and entering the password, the system performs a comparison with a specific ID, which is stored in the database.
There are two kinds of passwords:
The permanent password is issued by the server during registration (in the case of connection to access General information) or specified by the user (in the case of privacy).
Dynamic password is issued by the server. And depending on the settings ceases to exist after some time or after logoff.
Protection dynamic password more secure. But the attackers manage to circumvent it using a major vulnerability – the human factor, because for user authentication there is a need to send him a new password.
The most widely used method of securing banking systems and areas of restricted access is done with the help of plastic cards with an electronic chip that contains unique information.
Also, this option is often used for controlled physical access to individual machines or server important client personal computers (usb flash drive with the program key and unique user ID).
This security method is ideal for protection against remote hacking. But it does have its drawbacks. Because every object can be lost or stolen by attackers.
The most expensive but the most reliable method of authentication is biometrics. For authorization, the system uses the scan method, where the resulting image is compared with the saved copy in the database.
Modern methods allow each time to compare different areas or points, and to determine the user’s face and facial expressions.
This system is the most reliable in terms of security. However, it has drawbacks. She functioned normally, should be either the backup codes «supervisor» or the designated responsible for protecting the face. This is done in case the user something will happen, but this fact greatly disturbs the ideality of the system.
User data can be completely different and unique, for example:
- year of birth;
- mother’s maiden name;
- nicknamed the beloved pet;
- mobile number;
- the place of residence.
This information can be used in multiple occasions and different purposes:
- to recover lost authentication information (username, password);
- to sort the information displayed to the user (for example, advertising companies in Moscow will not be visible to inhabitants of Kyrgyzstan);
- for the passage of a strengthened form of protection, called two-way authentication. This type is used in highly secured systems and looks like a user dialogue server. Once you have passed the advanced level and entered the correct password, you may be asked to choose one of the dates of birth.
Technology and authentication algorithm
Having examined the types of authentication you can understand that none of them are perfect and each has its own margin of error. Therefore, most two-tier authentication.
This means that in order to gain full access to information, you must first pass a basic test: for example, enter the username and password in the system. Following this, you need to confirm the identity of more stringent identification (subject, questions, biometrics, signature).
The technology of authentication by the mail server
The easiest way to consider the work step by step and understand what two – factor authentication- observing the process of receiving e-mail:
- for the user’s access to the emails used by the smtp server. The first factor of authentication is currently username and password);
- the second factor is an ip address. If you first visit with a new ip, you may be asked to verify the identity using the mobile phone number (sms message) is the second level of protection;
- on the mail servers, there is also pass-through authentication. In this case, you do not need to enter the password every time while you use the same computer and IP address. The authorization data is not just stored in the browser, they are loaded into a cookie, and every request to server it is giving you on the fly.
Authentication algorithm-for example the authorization in the local network
To identify computers in a working local area network and access to resources exist in a domain network. The authorization process may be carried out simultaneously on several levels and using different factors. In the same local network, you can see almost all types of authentication.
For access to the network can use the computer name or the ip address bound to the domain. At the same time, you need to enter a user name and password (this is two factor identification).
The following types of authentication is the user’s attitude, the range of addresses or a specific computer group with different access rights.
What is interesting is the use of domain network, it is able to administer and restrict access completely to any information, both local and global networks through multi-factor authentication.
If errors occurred, what to do?
Most errors occurs due to incorrectly entered data: login, password, server name or ip address.
When you use an asset you can see a message indicating that authorization or authentication server is temporarily unavailable. If this is one of the services on the Internet, then it should just wait or try to contact technical support.
If there was a failure of one server or network devices (router) at home, at work or in the same local network, depending on the situation:
- to test the device independently;
- contact your ISP;
- call system administrator.
If any error occurs during authorization, the server usually indicates what the problem is with Protocol logging. It States the reason for the failure or the number that you can identify it.
Everyone uses authentication unconsciously many times a day authorization in the operating system on the server in a social network or receiving mail.
User authentication in the system – the problem is simple and casual. A little understand the process and algorithm steps yourself, you can more precisely point out the problem when contacting the support team or network administrator, putting the level at which the error occurs.