Identification makes a claim about what someone or something is, and authentication establishes whether this claim is true.
Authentication is the set of methods used to establish whether a claim of identity is true. It doesnt decide what the party is permitted to do, thats authorization.
Factors are: Something you know, something you are, something you have, something you do, where you are.
Multifactor/2factor authentication uses multiple factors stated above.
Mutual Authentication is a mechanism where both parties in a transaction authenticate each other. Typically software-based. Usually relies on Digital Certificates. Without it, you're susceptible to man in the middle attacks. The attacker could impersonate the server to the client and the client to the server, then intercepting traffic.![[Pasted image 20231005134726.png]]