As stated in the previous article about the difference between authentication and authorisation, it is important to understand the different aspects of security in order to control access to resources in as secure and as user-friendly a way as possible. However, the step of authentication itself — the act of ascertaining …
At some point whilst interacting with many websites or web-based applications and services, users are asked to state and prove who they are. Whether this is to make sure only that user edits their own profile or it is for secure financial transactions, identity, trust and authorisation underpin almost any secure communication. Here, I will break down the basic, distinct components of user identification and show why the distinction between them is important for designing or even using a secure system.