Identification and Authentication are two critical pillars to upholding cybersecurity standards today. In one form or another, they are part of almost every single facet of cybersecurity, entry processes, and authorization levels. Identification is used to identify an individual, usually already recognized by a system. Forms of identification could be a sign-in username, a photo ID, or simply their name. This leads to the next part, authentication.
Authentication is the real key to the system. While identification asks who they are, authentication forces them to prove they are who they say they are. Whether that be via a password, a string of numbers, a government given identification, or the like, something must prove they are who they claim to be. This very simple, yet highly effective form of vetting is present in nearly every website, data center, and login process today. Even the very site you used to access this paper most likely used identification and authentication in some way.
Risks
Despite the widespread, and easy use of such a system, it’s not without its not without its flaws. If a hacker has access to the identification, and the system has authentication limits in place, they can brute force their way through it by trying thousands, or even millions of password combinations until they find the correct one. Another way of getting past authentication is by either acquiring the password via phishing, a keylogger installed via malware, or even by hijacking a victim’s session. One of, or a combination of these can lead to a breach of security, putting not only the user, but the entire system at risk of damage. Because of the wide array of threats opposing this login method, an additional login method has been introduced, usually paired alongside identification and authorization: two-factor authentication.
Two-Factor Authentication
Two-factor authentication is just as the name suggests; it uses two ways of authentication the identity of a user, as opposed to the usual one. The most common form of this is the usual password request, followed up by prompting the user to enter a password sent to their device, or their email. It utilizes the normal authentication, and then requests the user for more proof, normally using a device that they would have on hand, or an account that is closely associated with them. This may seem laughably simple, but it has been a highly effective extra layer of security added to authorization methods in recent years. It can completely negate some older forms of authentication intrusion, simply by adding an addition prompt. That is not to say its completely immune to breaching, but it is significantly more difficult.
Image provided by: https://www.freepik.com/free-photos-vectors/two-factor-authentication
The constant threats facing cybersecurity today has led to constant advancements in securing databases, and user accounts. The threats grow more numerous, and more sophisticated every day, and we must prepare for that in any way we can. Sometimes we need to install, and set up sophisticated firewalls or meticulously track user activity on a network, but sometimes it’s as simple as asking for a name and password.