Authentication mechanisms in user interfaces

Who is this article for

An article for interface designers who want to understand how the registration, authorization, password recovery processes used in various systems work. If you are a developer / designer, and you find an error / inaccuracy, then let me know (I will gladly finalize the article).

Start

Today I would like to talk about how authentication takes place in applications of various platforms - from mobile applications to console utilities.

Authentication is the process by which a user authenticates their identity to a system. The system provides personal data only to its owner.

The authentication mechanism at the basic level is quite simple - you need to enter data in the form of a username and password. Check the data for a match, and if the data match, then you are the true owner of the account.

An account is a collection of user data stored in the system. As a rule, only one user has access to an account - its owner.

Example:

In the movies, when a spy is asked to name a passphrase to confirm his identity, then, in fact, the user authentication process is carried out. If the passphrase (password) is correct, then the spy is trusted and provided with data hidden from the rest. (Exaggerated)

Authentication processes

- ( ) - , , . , .

1. (CREATE) -

   
   
   
   
   

2. (READ) -

   
   
   
   
   

3. (UPDATE) - - , .

   
   
   
   
   

4. (DELETE) -

   
   
   
   
   

()

- . :

1. Email (username@mail.com)

   
   
   
   
   

2. (+996 777 777 777)

   
   
   
   
   

3. (username)

   
   
   
   
   

4. (Google, Facebook, Apple… )

   
   
   
   
   

- , . ( Google, Figma). /.

()

- , (), - ( - ).

1. (password9379992*)

   
   
   
   
   

2. SMS (9379992SMS)

   
   
   
   
   

3. (9379992MAIL)

   
   
   
   
   

4. PIN (9379992)

   
   
   
   
   

5. / ( ssh key)

   
   
   
   
   

6. (, )

   
   
   
   
   

- ( ) , (, , , ). , , .

. : , , .

, . , , .

. :

- , - .

.

1. 
   
   
   
   

2. 
   
   
   
   

3. 
   
   
   
   

4. , , , .

   
   
   
   
   

5. .

   
   
   
   
   

6. 
   
   
   
   

.

, - . - Email + , .

, - . , ( ) . , . - . . . - . - , .

, .

1. 
   
   
   
   

2. 
   
   
   
   

3. 
   
   
   
   

4. 
   
   
   
   

5. 
   
   
   
   

6. ,

   
   
   
   
   

7. 
   
   
   
   

. , . ( ).

, - . .

1. 
   
   
   
   

2. ( )

   
   
   
   
   

3. 
   
   
   
   

4. 
   
   
   
   

5. 
   
   
   
   

.

. , - .

, - . , .

""

- . . - , .

- (), Cookies. , ( ) .

Cookies

Cookies - , () . , - Cookies, . - () , () .

, .

In this article, we examined the basic principles of how authentication works in various systems. This entire article is aimed at helping interface designers understand how the authentication process works, what it is for, what types it is and what happens at most stages during authorization, registration, password recovery by the user.

I hope it was useful to you, and at least a little interesting.