Authentication is a security measure in computing designed to verify the claimed identity of an entity before it is given a privilege to access any protected resources. Although authentication is conceptually the simplest of all the security mechanisms employed within web applications, its functionality is subject to more design weaknesses than any other security mechanism commonly employed.

The Authentication Model

The authentication model is consisted of four components:

Authentication Approaches

Web-based Authentication

Username enumeration

Password Guessing

Authentication Eavesdropping

Defensive Mechanism