Whenever you log into a website with a username/password combination, you are doing a process called *authentication* (AuthN), which verifies that you are, in fact, who you claim to be.

Authentication schemes are generally accepted to be based on one or more of three things:

* **Something you know** (password or PIN)
* **Something you have** (an access keycard or a cell phone)
* **Something you are** (fingerprint or retina scan)

Often times, online services will use multi-factor authentication (MFA) as a way of enhancing security. Even if one method of authentication is compromised (for example, passwords) a malicious person could not fraudulently authenticate because they did not possess the other form of authentication.

Because Authentication can be a complex and tricky process, companies will sometimes outsource it to other businesses that specialize in AuthN.