By Deane Barker

The security controls in place to verify human ownership of a specific user account, usually by way of a username or password. Authentication is different than authorization. The latter involves what a user account can do assuming successful authentication.

In a CMS, the authentication system is often pluggable so that the system can use an external user database or even a custom authentication mechanism.