Open in app

Sign in

Write

Sign in

AUTHENTICATION/PASSWORD-BASED

Authentication 3/7 : Password-Based

This article of the Authentication series talks about how secured communication is achieved using password-based authentication with detailed working.

Pravinkumar Singh
2 min readOct 8, 2023

One of the most common methods used to ensure a secured communication is password-based authentication. This method involves verifying a user’s identity by comparing the entered password with the stored version of the password. The system does not store the actual password for security reasons. Instead, it stores a hashed version of the password. When a user enters their password, the system hashes the input and compares it with the stored hash. If the two match, the user is granted access.

Life before password-based authentication wasn't so easy, all computers or servers with critical details were housed in secured facilities and those were accessible to limited people. However, with time it changed and expanded the access using password-based authentication. Of course, this was first created at MIT, initially, it used a password-file to authenticate users, eventually, it changed to a string-password.

Usage

It is used in a wide variety of applications, from logging into your email account to accessing your bank account online. It is a simple and effective method of verifying a user’s identity.

Working

Let’s walk through the process of password-based authentication using a simple example:

User Registration: When a user registers for an account, they provide a password. This password is hashed using a cryptographic hash function, and the resulting hash is stored in the system.

def register_user(password):
    password_hash = hashlib.sha256(password.encode()).hexdigest()
    # Store password_hash in the system

User Login: When the user attempts to log in, they enter their password. The system hashes the entered password using the same hash function used during registration.

def login_user(input_password):
    input_password_hash = hashlib.sha256(input_password.encode()).hexdigest()
    # Compare input_password_hash with stored password_hash

Authentication: The system compares the hash of the entered password with the stored hash. If the two hashes match, the user is authenticated and granted access. If they do not match, the authentication fails, and access is denied

def authenticate(input_password, stored_password_hash):
    input_password_hash = hashlib.sha256(input_password.encode()).hexdigest()
    if input_password_hash == stored_password_hash:
        return "Access granted"
    else:
        return "Access denied"

This simple example illustrates the basic process of password-based authentication. However, real-world systems often incorporate additional security measures, such as salted hashes and multi-factor authentication, to further enhance security.

image by Pravinkumar Singh

So, this was about secured communication using password-based authentication. I hope you liked this article, I suggest reading the next article about Two Factor Authentication [2FA].

Peace.

Authentication
Password Authentication
Software Engineer
Hash
Password Security

--

--

Pravinkumar Singh

Written by Pravinkumar Singh

73 Followers

Engineer & Explorer https://www.linkedin.com/in/iampravo/

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams