A-Z Popular Blog Security Search »
Information Security
Related Guides

Authentication vs Authorization

 , updated on
Authentication is the process of verifying identification.
Authorization is the process of verifying rights to access resources such as information, locations, funds and assets.

Example: Funds

Entering your bank card and pin into a bank machine is an example of authentication. The bank confirms that you are the owner of the card by validating the pin.
If you attempt to transfer $1 million into a foreign account from the bank machine, the bank will check if your account is authorized to do that from an ATM machine. The bank may reject that transaction based on authorization rules even though you are properly authenticated.

Example: Locations

An office requires employees to scan their id and enter their password at the entrance. The act of verifying the employees id and password is authentication. The act of verifying that the employee has the right to access a particular floor of a particular building is authorization.

Example: Information

A document repository asks for a user name and password. The process of verifying the user name and password is authentication. The process of verifying that a user has rights to view a particular document is authorization.
Authentication vs Authorization
Verifying the identity of an entity.
Verifying that an authenticated entity has the right to access a particular resource.

Information Security

This is the complete list of articles we have written about information security.
Audit Trail
Canary Trap
Confidential Information
Critical Infrastructure
Cryptographic Keys
Cryptographic Salt
Cybersecurity Risk
Data Breach
Data Remanence
Data Room
Data Security
Deep Magic
Defense In Depth
Digital Identity
Failure Of Imagination
Incident Response
IoT Security
Key Stretching
Network Security
Operations Security
Overlay Network
Password Entropy
Password Fatigue
Proof Of Work
Secure Code Review
Security As A Service
Security Controls
More ...
If you enjoyed this page, please consider bookmarking Simplicable.


A list of authentication techniques and considerations.

Password Entropy

An overview of password entropy.

Identification vs Authentication

The difference between identification and authorization.

Security vs Privacy

The relationship between security and privacy.


An overview of technology hardening.

Deep Magic

An overview of deep magic, a technology term.

Defense In Depth

An overview of defense In depth.

Encryption Examples

A definition of encryption with examples.

Canary Trap

A definition of canary trap with an example.


A definition of honeypot with examples.

Security Through Obscurity

A definition of security through obscurity with an example.


A definition of token with examples.


A definition of backdoor with examples.
The most popular articles on Simplicable in the past day.

New Articles

Recent posts or updates on Simplicable.
Site Map