Definition

digest authentication

Digest authentication is a method of authentication in which a request from a potential user is received by a network server and then sent to a domain controller. The domain controller sends a special key, called a digest session key, to the server that received the original request. The user must then produce a response, which is encrypted and transmitted to the server. If the user's response is of the correct form, the server grants the user access to the network, Web site or requested resources for a single session.

In its simplest form, digest authentication is an enhanced method of single-factor authentication (SFA). The drawback of SFA is the fact that the single factor (the password or user response) is relatively easy for an experienced hacker to discover and exploit. Superior security can be obtained by the use of a two-factor authentication scheme, in which a physical token such as smart card is employed in addition to the password or keyboard-generated response to verify the identity of a potential user. Even better security may be provided by digest authentication in conjunction with multifactor authentication, in which three or more independent parameters are used. Such parameters may include biometric verification, fingerscanning or a voiceprint.

This was last updated in May 2007
Posted by: Margaret Rouse

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

More News and Tutorials

Do you have something to add to this definition? Let us know.

Send your comments to techterms@whatis.com

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: