imported>A. B.: add {Multiple issues} shell

2025-06-24T02:33:42Z

add {Multiple issues} shell

← Previous revision		Revision as of 02:33, 24 June 2025
Line 1:		Line 1:
	{{~~Unreferenced~~\|date=~~December 2009~~}}		{{Multiple issues\|
	'''Closed-loop [[authentication]]''', as applied to [[computer network]] communication, refers to a mechanism whereby one party verifies the purported [[Digital identity\|identity]] of another party by requiring them to supply a copy of a [[security token\|token]] transmitted to the canonical or trusted point of contact for that identity. It is also sometimes used to refer to a system of mutual authentication whereby two parties authenticate one another by signing and passing back and forth a [[cryptography\|cryptographically]] signed [[cryptographic nonce\|nonce]], each party demonstrating to the other that they control the [[secret key]] used to certify their identity.		{{More references\|date=June 2025}}
			{{technical\|date=June 2025}}
			{{inline\|date=June 2025}}
			}}
			'''Closed-loop [[authentication]]''', as applied to [[computer network]] communication, refers to a mechanism whereby one party verifies the purported [[Digital identity\|identity]] of another party by requiring them to supply a copy of a [[security token\|token]] transmitted to the canonical or trusted point of contact for that identity. It is also sometimes used to refer to a system of mutual authentication whereby two parties authenticate one another by signing and passing back and forth a [[cryptography\|cryptographically]] signed [[cryptographic nonce\|nonce]], each party demonstrating to the other that they control the [[secret key]] used to certify their identity.

	==E-mail Authentication==		==E-mail Authentication==
Line 20:		Line 24:
	==References==		==References==
	{{reflist}}		{{reflist}}
			{{Refbegin}}

			:*{{cite web \|last1=Corella \|first1=Francisco \|last2=Lewison \|first2=Karen \|title=Privacy Postures of Authentication Technologies \|url=https://pomcor.com/techreports/PrivacyPostures.pdf \|website=pomcor.com \|publisher=Pomian & Corella, LLC. \|access-date=24 June 2025 \|language=en \|date=2013-07-14}}

			{{Refend}}
	{{DEFAULTSORT:Closed-Loop Authentication}}		{{DEFAULTSORT:Closed-Loop Authentication}}
	[[Category:Computer access control]]		[[Category:Computer access control]]

2400:4050:9222:E700:5CA:19F3:8C09:719: /* E-mail Authentication */ Fix mistaken edit

2025-04-11T15:55:06Z

E-mail Authentication: Fix mistaken edit

New page

{{Unreferenced|date=December 2009}}
'''Closed-loop [[authentication]]''', as applied to [[computer network]] communication, refers to a mechanism whereby one party verifies the purported [[Digital identity|identity]] of another party by requiring them to supply a copy of a [[security token|token]] transmitted to the canonical or trusted point of contact for that identity. It is also sometimes used to refer to a system of mutual authentication whereby two parties authenticate one another by signing and passing back and forth a [[cryptography|cryptographically]] signed [[cryptographic nonce|nonce]], each party demonstrating to the other that they control the [[secret key]] used to certify their identity.

==E-mail Authentication==
{{Main|Opt in e-mail}}
Closed-loop email authentication is useful for simple situations where one party wants to demonstrate control of an email address to another, as a weak form of identity verification. It is not a strong form of authentication in the face of host- or network-based attacks (where an imposter, Chuck, is able to intercept Bob's email, intercepting the [[Cryptographic_nonce|nonce]] and thus masquerading as Bob.)

A use of closed-loop email authentication is used by parties with a [[shared secret]] relationship (for example, a website and someone with a [[password]] to an account on that website), where one party has lost or forgotten the secret and needs to be reminded. The party still holding the secret sends it to the other party at a trusted point of contact. The most common instance of this usage is the "lost password" feature of many websites, where an untrusted party may request that a copy of an account's password be sent by email, but only to the email address already associated with that account. A problem associated with this variation is the tendency of a naïve or inexperienced user to click on a URL if an email encourages them to do so. Most website authentication systems mitigate this by permitting unauthenticated password reminders or resets only by email to the account holder, but never allowing a user who does not possess a password to log in or specify a new one.

In some instances in web authentication, closed-loop authentication is employed before any access is granted to an identified user that would not be granted to an anonymous user. This may be because the nature of the relationship between the user and the website is one that holds some long-term value for one or both parties (enough to justify the increased effort and decreased reliability of the registration process.) It is also used in some cases by websites attempting to impede [[Internet bot|programmatic]] registration as a prelude to spamming or other abusive activities.

Closed-loop authentication (like other types) is an attempt to establish identity. It is not, however, incompatible with [[anonymity]], if combined with a [[pseudonymity]] system in which the authenticated party has adequate confidence.

==See also==
''See [[:Category:Computer security]] for a list of all computing and information-security related articles''.
* [[Information Security]]
* [[Authentication]]
* [[Cryptography]]

==References==
{{reflist}}
{{DEFAULTSORT:Closed-Loop Authentication}}
[[Category:Computer access control]]

Closed-loop authentication - Revision history

imported>A. B.: add {Multiple issues} shell

2400:4050:9222:E700:5CA:19F3:8C09:719: /* E-mail Authentication */ Fix mistaken edit