You may already have encountered ‘authorization’, ‘authentication’, or even multi-factor authentication more often than you realize. Just describing a normal working day in the office, will suffice.
Authentications are omnipresent
It's 7:30 a.m. You're on the train, on your way to the office, and you want to use the time to check your e-mails on your smartphone. To unlock the phone, you either enter a pin, use your fingerprint, or the built-in facial recognition - all of these are examples of authentication. Next, you open the email program on your phone and you may have to enter a password. Again, you must confirm your identity to the program through some form of authentication. Once you have arrived at the office, you sit at your desk and log on to your computer. Again, you identify yourself through authentication (e.g. a password).
In these three cases, after you have authenticated yourself, the system checks whether the user name matches the password you have entered, and whether the combination exists. This means that your entries are now authenticated. If they are correct, and can be assigned to a specific identity, you can now access and use the device, application, or programme with the access rights of precisely this identity.
A two-factor or multi-factor authentication offers special protection.
Before the next meeting, you need to make a bank transfer. To do this, you log in to your bank's online banking. Here, you are also asked for a password - an authentication - which is again subsequently authenticated by the system. But now the banking institution asks for additional confirmation of your identity. This can be in the form of security questions that you have to answer. Or you may be sent a pin or code to a second device, for example your smartphone. Only after entering this information will you gain access to the system and be able to make the transfer. This is called two-factor authentication. Unlike the authentication, that is usually activated by default in the system, you have to activate the two-factor authentication yourself. But once implemented, it offers special protection for you and your data.
Authorizations grant entry and access
After the lunch break, your supervisor calls you in for a meeting. This takes place in a conference room that is normally restricted to the management team. To enter the room, the door must be opened for you or your access card, which you can otherwise use to move around the office building, must be unlocked for this area as you are not authorized beforehand.
Your boss asks you to revise a colleague's document for a meeting that takes place in an hour. When you open the file, you are then told that you do not have access to it. Since your colleague works in a different department, you lack the appropriate authorization. You have to ask the colleague if you are allowed to edit this file. The colleague answers promptly and grants you permission. Now you are authorized to read and edit this file.
Perseus’ Tip: Due to security reasons, it is advised to customize folder accesses. Certain files do not have to be publicly available to the entire staff; they should only be made accessible to a specific group of people. Data breaches and data loss can be limited in this way.
Authorization for program installations
By now it's 17:30, and you are almost done for today. Before you can leave, however, your computer indicates that an important update needs to be installed. Since updates are supposed to be installed immediately, you click the notification to start the process. However, the system requires an account with admin rights for this, which you do not possess with your account. You therefore lack the appropriate authorization to carry out the procedure. You must obtain this from the person responsible. In most cases, the IT administrator of the company accesses your computer and authorizes the installation of the update via his own account or gives your account (if necessary, temporarily) the corresponding extended rights.
You can already find a detailed definition of the individual terms in our glossary under the article Authentication, multi-factor authentication and authorization.