Authentication is the testing or reconciliation of evidence of users’ identities. It establishes the user’s identity and ensures that the user proves he, she, or it is who they claim they are.  The most common example of an authentication entity is a password.  Single-factor authentication (requiring a single challenge to validate identity) is commonly used for routine access control; multifactor authentication should be considered for sensitive or critical assets.