Communities

Writing
Writing
Codidact Meta
Codidact Meta
The Great Outdoors
The Great Outdoors
Photography & Video
Photography & Video
Scientific Speculation
Scientific Speculation
Cooking
Cooking
Electrical Engineering
Electrical Engineering
Judaism
Judaism
Languages & Linguistics
Languages & Linguistics
Software Development
Software Development
Mathematics
Mathematics
Christianity
Christianity
Code Golf
Code Golf
Music
Music
Physics
Physics
Linux Systems
Linux Systems
Power Users
Power Users
Tabletop RPGs
Tabletop RPGs
Community Proposals
Community Proposals
tag:snake search within a tag
answers:0 unanswered questions
user:xxxx search by author id
score:0.5 posts with 0.5+ score
"snake oil" exact phrase
votes:4 posts with 4+ votes
created:<1w created < 1 week ago
post_type:xxxx type of post
Search help
Notifications
Mark all as read See all your notifications »
Users Search
Help Dashboard Sign In Sign Up
Q&A Code Reviews Meta
Q&A
Posts Tags Edits
Ask Question

Welcome to Software Development on Codidact!

Will you help us build our independent community of developers helping developers? We're small and trying to grow. We welcome questions about all aspects of software development, from design to code to QA and more. Got questions? Got answers? Got code you'd like someone to review? Please join us.

Comments on What makes a software module an "authentication" module?

Post

What makes a software module an "authentication" module?

+0
−3

As I don't have any significant experience with internationally-standard information security literature, I would like to ask here if some international information security organization took the initiative to standardize the terms "authentication" in general and authentication modules in particular as to well define what elements should such a module include in minimum.

What makes a software module an "authentication" module?

I'd guess:

  • Receive a password as input
  • Possibly; receive an email as input
  • Possibly; receive a username as input
  • Possibly; receive an encryption private key as input
  • Possibly; receive a "two factor authentication data"
  • Possibly; receive a Captcha input
security authentication
posted about 3 years ago
3y ago
deleted user
History
Why does this post require moderator attention?
You might want to add some details to your flag.
Why should this post be closed?

1 comment thread

General comments (8 comments)
General comments
Alexei‭ wrote about 3 years ago
copy link

Possible interesting reading: https://cybersecurity.ieee.org/blog/2016/06/02/design-best-practices-for-an-authentication-system/

Alexei‭ wrote about 3 years ago · edited about 3 years ago
copy link

Is "What elements should an authentication module include"? a suitable title (summary) for your post? I think the post's body suggestion such a summary (or similar).

r~~‭ wrote about 3 years ago
copy link

Have you tried answering this question yourself? Maybe looked up the word ‘authentication’ on Wikipedia? Possibly followed a link from that article to a publication from NIST (not international, but it's not clear why you specifically want an international organization's take—and at any rate, that publication references other ISO standards you could look at)?

r~~‭ wrote about 3 years ago
copy link

On reread, my previous comment maybe comes off like I'm trying to provoke. What I'm trying to do is suggest that you improve this question by sharing more of what you've looked at and why that doesn't satisfy you, or, if you haven't looked at much, by doing that and then coming back with a more specific question.

EJP‭ wrote almost 3 years ago · edited almost 3 years ago
copy link

The purpose of authentication is to establish the identity of the peer, and the number of ways to do that is infinite. Any software that accomplishes that objective can be categorized as authantication software. Your question is therefore ill-formed. But no competently written piece of software is ever going to receive a private key as input. Keys aren't private if they are communicated.

deleted user wrote almost 3 years ago
copy link

@EJP --- ill-formed ; just can't be answered ; or can include only answers which are primarily opinion based? About competently written piece of software I agree.

deleted user wrote almost 3 years ago
copy link

And BTW, I feel as if with a bit of edit what you wrote can actually be a good answer.

EJP‭ wrote almost 3 years ago · edited almost 3 years ago
copy link

@JohnDoes 'Ill-formed' in that it proposes a test via specific requirements when the number of ways to accomplish the task is infinite and need not include any of those proposed.