Authentication is the act of establishing or confirming a user as authentic. Authenticating a user frequently includes verifying the user's identity. One common use of authentication is access control. In other words, a resource (i.e., a file, an application, a web site, a software program, a hardware device such as a computer system, a physical facility, a safe, a room, a filing cabinet, and/or anything else that needs to be secure), intended to be used only by authorized individuals, attempts to detect and exclude unauthorized users. Access to the resource is therefore controlled by insisting on an authentication process to establish, with some degree of confidence, the identity of the user.
Authentication is often achieved using one or more tests. A user must generate correct responses to the one or more tests in order to be authenticated. The correct responses may be initially defined when the user registers (e.g., creates a user profile) associated with the resource. Known authentication tests include passwords, personal identification numbers (PINs), and biometrics (e.g., fingerprints, voice recognition, retinal scans).