{"id":904,"date":"2015-11-26T17:15:17","date_gmt":"2015-11-26T14:15:17","guid":{"rendered":"https:\/\/www.protectimus.com\/blog\/?p=904"},"modified":"2020-04-24T06:39:49","modified_gmt":"2020-04-24T03:39:49","slug":"identification-authentication-authorization","status":"publish","type":"post","link":"https:\/\/www.protectimus.com\/blog\/identification-authentication-authorization\/","title":{"rendered":"Identification, authentication, and authorization – what’s the difference"},"content":{"rendered":"

Identification, authentication, and authorization. We all face these three concepts every day, but not everyone knows the difference. Since these terms are essential in data protection, they deserve to be explained better.<\/p>\n

To begin, let\u2019s take an example from everyday life. It will help you to understand the difference between authentication and identification in general.<\/p>\n

A new employee comes to work for the first time. At the entrance, he introduces himself to a security guard and says that he is a new manager. Thus, he identifies<\/strong> himself – tells who he is.<\/p>\n

The security guard does not believe the words he says. He demands to provide evidence that this person is a new manager and has the right to enter the office. To solve the problem, the employee has to show his pass with the photo. And the security guard should compare it with his list of registered employees. The employee confirms his authenticity \u2013 this is authentication<\/strong>.<\/p>\n

Finally, a forbidden door opens, and the guard lets the employee in. Once the employee receives the permission to enter the office the authorization<\/strong> happens.<\/p>\n

\"Identification,<\/p>\n

In the virtual world, everything is almost the same as in the real. Only the names of the “characters” are changing. The security guard is a server that controls the access to the website. And the manager who came to work – a user who wants to log in.<\/p>\n

It should be added that the security guards will repeat the procedure every day. Even when all the security guards know the manager by his look and name. They just do their job, like the server does.<\/p>\n

All three concepts – identification, authentication, and authorization – are the stages of one process that controls users\u2019 access to their accounts.<\/p>\n

To perform any action on a website, the user must “introduce himself” to the system. User\u2019s identification means presenting grounds for the entry to the site or service. As a rule, your username or email address provided during registration serve as identificators. If the server finds in its database the data coinciding with that entered by the user, the user’s identification is successful.<\/p>\n

Login is a perfect thing. But where is the guarantee that it was entered by the person registered on the site? To finally verify the user’s identity, the system typically authenticates the user.<\/p>\n

Now, more and more often the two-factor authentication<\/a> is used. A usual static password serves as the first factor. The second factor may be different depending on the types of authentication methods used in this or that case:<\/p>\n