Welcome to Software Development on Codidact!
Will you help us build our independent community of developers helping developers? We're small and trying to grow. We welcome questions about all aspects of software development, from design to code to QA and more. Got questions? Got answers? Got code you'd like someone to review? Please join us.
What makes a software module an "authentication" module?
As I don't have any significant experience with internationally-standard information security literature, I would like to ask here if some international information security organization took the initiative to standardize the terms "authentication" in general and authentication modules in particular as to well define what elements should such a module include in minimum.
What makes a software module an "authentication" module?
I'd guess:
- Receive a password as input
- Possibly; receive an email as input
- Possibly; receive a username as input
- Possibly; receive an encryption private key as input
- Possibly; receive a "two factor authentication data"
- Possibly; receive a Captcha input
2 answers
The purpose of authentication is to establish the identity of the peer, and the number of ways to do that is infinite. Any software that accomplishes that objective can be categorized as authantication software. Your question is therefore ill-formed.
But no competently written piece of software is ever going to receive a private key as input. Keys aren't private if they are communicated.
0 comment threads
I don't think there is a formal definition on what constitutes a "authentication" module.
It's just a term for defining a part of a system where you identify yourself and the security part of the system is activated.
1 comment thread