Proving you are who you claim to be
Day 95 of 149
👉 Full deep-dive with code examples
The Bouncer Analogy
A club bouncer checks your ID:
- You claim to be Alice
- You show ID proving you're Alice
- Bouncer lets you in
Authentication verifies identity.
Authentication Factors
| Factor | Type | Example |
|---|---|---|
| Something you know | Knowledge | Password, PIN |
| Something you have | Possession | Phone, YubiKey |
| Something you are | Biometrics | Fingerprint, face |
Multi-Factor Authentication (MFA)
Combining factors = much stronger:
Step 1: Enter password (know)
Step 2: Enter code from phone (have)
Even if attacker knows password, they don't have your phone!
Common Methods
| Method | How It Works |
|---|---|
| Password | Check against stored hash |
| OAuth/OIDC | "Continue with Google" style sign-in |
| Magic Link | Email with login link |
| Biometrics | Fingerprint/face scan |
| Hardware Key | Physical USB device |
Authentication vs Authorization
| Authentication (AuthN) | Authorization (AuthZ) |
|---|---|
| WHO are you? | WHAT can you do? |
| Verifies identity | Grants permissions |
| Login | Admin vs user role |
First prove who you are, THEN we check what you're allowed to do!
In One Sentence
Authentication verifies you are who you claim to be using passwords, devices, or biometrics.
🔗 Enjoying these? Follow for daily ELI5 explanations!
Making complex tech concepts simple, one day at a time.
Top comments (0)