At EasyTechJunkie, we're committed to delivering accurate, trustworthy information. Our expert-authored content is rigorously fact-checked and sourced from credible authorities. Discover how we uphold the highest standards in providing you with reliable knowledge.

Learn more...

What is an Authentication Server?

C. Martin
C. Martin

An authentication server is a device that controls who may access a computing network. The goals of authentication are authorization, privacy, and non-repudiation. Authorization determines what objects or data a user may have access to on the network, if any. Privacy keeps information from being disclosed to non-authorized individuals. Non-repudiation is often a legal requirement and refers to the fact that the authentication server may record all access to the network along with identifying data, such that a user cannot repudiate, or deny, the fact that he or she has accessed or modified the data in question.

Authentication servers come in many different forms. The software controlling the authentication may reside in a network access server computer, a router or other piece of hardware controlling access to the network, or some other network access point. Regardless of the type of machine that is hosting the authentication software, the term authentication server is still usually used to refer to the combination of hardware and software that fulfills the authentication function.

Racks of servers.
Racks of servers.

In addition to variations in hardware, there are a number of different types of logical algorithms that can be used by an authentication server. The simplest of these authentication algorithms is usually considered to be the use of passwords. In a simple implementation, the authentication server may simply store a list of valid user names and the corresponding passwords, and authenticate all users who attempt to connect to the network according to this list.

Kerberos is another type of authentication protocol, used in many Windows® authentication server systems, for example, and in some online security or Internet security systems. There are three main aspects to Kerberos authentication: authentication of the user's identity, secure packaging of the user's name, and secure transmission of the user credentials over the network. Kerberos authentication servers on Windows® operating systems are available for the Windows XP®, Windows 2000®, and Windows 2003® operating systems.

A proxy server is a server or computer that intercepts requests to and from an inner network and an external network, such as the Internet. Proxy servers sometimes act as authentication servers, in addition to a number of other functions that they may fulfill. There are many different options that may be used to implement authentication servers, including hardware, operating system, and software package requirements. As such, it is usually important for an organization to thoroughly analyze security requirements prior to implementing an authentication server into the networking environment.

Discussion Comments


My sister-in-law is a computer programmer, and knows more about computers than I will ever know. She is able to do a lot of her work from home.

With all of the privileged information she has access to, it is surprising to me that she can work on so many projects from home.

I have heard her talk about the authentication server when she logs on. If she doesn't enter all the correct information, she doesn't get very far.

There are other programmers who do the same thing, so it is crucial that authentication is authorized. Once they are properly logged on the correct server, then they can do their work just like they were physically at the work place.


I am not very tech savvy, but spend a lot of time on the computer, both at work and home. We have more than one computer at home, but not everybody has their own computer to use all the time.

Because of this, each of us have different user names and passwords for each computer. I don't know if this would be considered an authentication server or not, but it seems to serve a similar purpose.

If you don't type in the right password, for your user name, you are denied access. We do this both for privacy reasons and for authentication.

This wouldn't be nearly as crucial as it would be for business purposes, but it seems to work out fine for our personal needs.

@burcinc-- We have an authentication server in place where I work and it functions just fine. The reason it works so well is because the only way any of the servers can be accessed is through the computers at our workplace. They've been made especially for this. And the server knows the identity of each computer and who uses it, so it allows access those it wants while not giving access to others.

When it's done this way, it's very reliable. We've never had any problems. Sometimes we have interns who try to access other servers by accident and they will get a message saying "This server is not in your authentication search policy." So they know that there not supposed to try to go there.


Is there an authentication server that is 100% reliable?

I personally don't find the password or user credentials requirement to be a hard enough deterrent to prevent unauthorized people from accessing certain networks. There is even software on the market now that helps people break codes and passwords.

Someone with a decent knowledge of computers and networks can probably find a way to sneak in. I think there has to be more strict authentication methods. Identifying the user is a good way to do this, but I think it requires expensive software and equipment to do. It can't be cheap to put in place face recognition or fingerprint recognition. And most organizations and business are not going to have the money or time to do these things.

Out of all the services available, which method is the best and most safe with authentication servers?

Post your comments
Forgot password?
    • Racks of servers.
      Racks of servers.