Authentication In Layman's Terms

Recently, I met one of my readers and he asked me to explain authentication and why is it required in very simple terms. So, here is the post.

What is Authentication?

To understand the fundamentals of authentication, let's begin by taking an easy example. Let's assume, you are working on some file and now you want to share that file to a person named XYZ over OneDrive. So, the purpose of authentication, in this case, is to make sure that only XYZ can access that document.

How to achieve it?

It can be achieved by setting up the authentication system and this system will tell who can access this file based on some predefined rules. In our case, the rule is simple - none except XYZ should be able to access the file.

How does verification happen?

All verification activity solely depends on our authentication system. When I'm saying authentication system, it means a piece of software written by someone. Now, how will this piece of software validate the incoming user whether it is XYZ, ABC or someone else?

The most popular way to accomplish this is by using the login form wherein user will enter his or her identity in the form of login details.

Let's go in a formal way.

Authentication is a process of identifying an entity using challenge response pattern.

Are Authentication and Identification the same?

Not really. Authentication deals with only offering the challenge to the user, which is a login form in our case, whereas Identification deals with matching user claims, which can be name, DoB, etc.

Hope you got a fleeting idea of what an authentication system is. Happy learning.