User authentication

This is the process of proving the identity of a user, and determining whether or not they are allowed access to a system. This could take place in many different ways:

• Username and password – common authentication method. Policy should force users in to selecting strong passwords, as well as regularly re-setting them.
• Biometric authentication – use of fingerprint, iris scan or voice recognition to identify the user
• Two-step verification – this makes use of ‘something you know and something you have’ to provide double-authentication. For example, a password in conjunction with a code generation device, email address or similar
• Security tokens – for example, a physical USB key that must be connected to authenticate the user
• Certificate-based authentication – allows the authentication of incoming requests providing they are signed with a valid certificate, issued by a CA