Username and Password
The most common method of authentication is to ask a user to enter their username and password. As mentioned above, the application checks the username and password against their database to verify the user’s identity.
Multi-Factor Authentication (MFA)
Given that passwords are easily compromised, multi-factor authentication is a method that requires additional unique information each time a user attempts to log in. The most common implementation is two-factor authentication (2FA), where a unique code (or “token”) is created that needs to be provided in addition to login credentials. There are two types of these tokens, “soft” tokens created by an SMS message or an application or “hard” tokens such as USB sticks. MFA can also employ biometric authentication as an additional level of security.
Public-Key Certificate
Public-Key certificate is a secure method of authentication that leverages public-key encryption to verify a user has the corresponding private key. In practice, the identity of web servers is verified using Transport Layer Security (TLS). Every time you load a web page, HTTPS uses public-key certificates via TLS to authenticate the website’s identity.
Internet of Things devices and API endpoints also use public-key certificates for mutual authentication, where both the server and the user are verified simultaneously.
Learn more about the complex topic of public-key encryption.
Biometric Authentication
Fingerprint, face, and retina scans are methods employed to verify the identity of a human. These can be used as a part of MFA for enhanced security.
Magic Links
Magic links are a method of identity verification that involves sending a unique web link to an email or via an SMS link. By clicking on the link, you’re automatically logged into the application.
SSO
Single-Sign-On (SSO) is a method of identity verification used by applications that allow you to log in using credentials from a 3rd party, such as Google, Apple, Facebook, or Github, as well as enterprise-grade solutions from Microsoft, Okta, and Ping. When you log into an app using SSO, you’re redirected to the 3rd party service to log in to that account. Once logged in, you’re redirected back to the original application. This method is popular with developers due to its simplicity in implementing authentication. OAuth is the technical standard that makes SSO possible.