The most common way to identify someone is through their physical
appearance, but how do we identify someone sitting behind a computer
screen or at the ATM? Tools for authentication are used to ensure that
the person accessing the information is, indeed, who they present
themselves to be.
Authentication can be accomplished by identifying someone through one
or more of three factors: something they know, something they have, or
something they are. For example, the most common form of
authentication today is the user ID and password. In this case, the
authentication is done by confirming something that the user knows
(their ID and password). But this form of authentication is easy to
compromise and stronger forms of
authentication are sometimes needed. Identifying someone only by
something they have, such as a key or a card, can also be problematic.