Identification – proving one’s identity
During the authentication process, a person provides proof that they are who they claim to be. In everyday life, this is done, for example, by presenting an identity card. In IT, a password combined with a username is often used for this purpose.
Authentification– the process of verifying the authenticity of the aforementioned proof of identity
In everyday life, this is done, for example, by checking an identity card for forgery and by comparing it with the person in question. In IT, for example, the system checks whether the combination of username and password exists in the system.
Authorisation – the granting of access to the privileges to which a successfully verified identity is entitled
In everyday life, this might involve presenting an ID card to gain access to a company where one has been registered as a guest. However, as a guest, one might only be granted access to the meeting room, but not to the assembly hall. In IT, authorisation allows one to work within a user account, for example. However, if that account does not have administrator rights, it is not possible to install new programmes, for instance.
You come across it very often. Every time you log in to your work computer, every time you check your emails, and even every time you visit a website. In all these instances, you or your computer prove your identity, it is verified, and then you are granted – or denied – the appropriate privileges. If you make a typo when entering your password, you will not be granted access to your user account. The authentication was unsuccessful, so you will not be authorised.
Authentication
Use the most secure authentication methods possible, e.g. via encrypted connections.
Ensure that the passwords you use for authentication are as secure as possible, i.e. as complex as possible.
Where possible, prevent your authentication details from being intercepted and misused by third parties, e.g. via keyloggers.
Authentication
Use two-factor authentication wherever possible. Even if cybercriminals get hold of your login details, two-factor authentication renders them useless to them.
Authorisation
Ensure that you only have the privileges you actually need in all programmes and systems. For example, work using a user account that does not have administrator rights. This will not limit your productivity, but it will prevent malware from carrying out certain tasks, or at least make it more difficult for it to do so.
