Password Based Authentication

• The use of a password and username is the most common form of authentication used and is generally considered the cheapest and most convenient method. This requires the user to provide and remember a key containing a specified amount of alpha and numeric characters in relation to a username or e-mail address which must be correct at each login. Passwords saved on a network can be encrypted to prevent theft by employee or programs designed by hackers.
  
  

Device Based Authentication

• Portable hardware devices that are similar to credit cards in size with a magnetic strip to hold data have been designed as an authentication method. These smart cards securely store public and private certificate information, are carried by the user and inserted into a card reader attached to a computer device. Many of these systems require the use of a PIN and will lock down if an incorrect PIN is entered a particular number of times, preventing use if stolen.
  
  

Biometric Authentication

• Some verifications cannot be forgotten, reproduced or stolen.Christopher Furlong/Getty Images News/Getty Images
  
  Biometrics user authentication identifies and verifies the identity of the user with measurements of unique characteristics stored in the programs server, eliminating the need for a password or identification card. Physiological statistics generally used are such things as fingerprint, facial recognition and iris or retina scan. Voice recognition, signature and keystroke scans are referred to as behavioral biometrics. All of the verifications associated with this authentication are highly individual to each user and are very difficult to steal or reproduce.
  
  

OpenID

• The OpenID Foundation was created in an effort to prevent sensitive information being intercepted and abused by dishonest or unsecure websites. The user password is supplied only to the identity provider, and the provider verifies the user identity to the visited websites, which eliminates repeatedly storing a username and password. The user and the provider are the only entities that have access to the password, and the user can control exactly how much information is shared.