yeah, but you don't use just password to login. It's the combination of user + password that needs to match.
There are 3 different concept involved:
identification - know which user you're dealing with. That's the purpose of a username. It identifies you uniquely. Several people might have the same password, so the password alone doesn't do anything. Some platforms can have several conditions for identification (eg: see AWS where to login as an IAM user you need to know the account number + your username)
authentication - for an identified user, verify that they are who they say they are. That's what a password does.
authorization - for an authenticated user, what can they do ?
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
yeah, but you don't use just password to login. It's the combination of user + password that needs to match.
There are 3 different concept involved:
identification - know which user you're dealing with. That's the purpose of a username. It identifies you uniquely. Several people might have the same password, so the password alone doesn't do anything. Some platforms can have several conditions for identification (eg: see AWS where to login as an IAM user you need to know the account number + your username)
authentication - for an identified user, verify that they are who they say they are. That's what a password does.
authorization - for an authenticated user, what can they do ?