Authentication types

In the previous chapter we’ve learned what authentication is. In this chapter, we provide basic knowledge about how authentication can be done or what are the authentication types.

Lesson goals and objectives

In this lesson you will learn:

  • that there are multiple ways for the user to be authenticated,
  • that using multiple authentication types is safer,
  • what does each authentication type mean

There are multiple ways in which users can be authenticated. All authentication types can be divided into three groups.

Something the user knows

When authenticating the user must provide or enter something only he knows. This can be a password, pin number, passphrase … All authentication types, that require the user to enter something that he must recall from his memory, fall into this group.

Something the user has

This type of authentication expects a user to use some form of physical objects. This can be a USB key, smartphone, smart card, a token device, etc. In some situations, it is enough just to possess an object in other cases this object provides extra information that the user must retype into some web authentication form.

Something the user is

When this type of authentication is used, the user must use a part of its body in the authentication process. This can include fingerprint, retina or palm scanning, voice verification, or face recognition.

Forms of authentication most used

Today the most used authentication methods are:

  • password authentication – for web-based applications this is still the most popular form of authentication
  • fingerprint scanning – newer smartphones and laptops provide this type of authentication, so this is becoming more and more popular as it is easy to use
  • multi-factor authentication – this type of authentication expect the user to use more methods – typical the user first provides user name and password and then add a code that is sent to him over mail or SMS

Average user spends


hours entering/resetting passwords.



of users prefer password less based authentication methods.



reuse an everage five password across personal and business accounts



Leave a Reply

Your email address will not be published. Required fields are marked *