At a high level, when an identity has to gain access to a resource or an environment (for example, a user logging in to an AWS account), the user has to identify itself in the form of a username, and then verify that they are who they say they are, which is normally confirmed in the form of a password. If the verification process is successful, the identity is then authenticated. Authentication simply means that the identity has correctly identified itself as an identity that is permitted to gain access.

When you are authenticating to a system, your identity has to be a unique identity to ensure that there is no confusion with other identities. You have probably seen this yourself if you have tried to sign up to a newsletter on a website or have created a new email address. Your first attempt of an ID may have been rejected because it was already in use. In such a situation, you have to come up with another unique login ID. The password, however, does not have to be unique; it's likely that multiple identities for the same system are using the same password, without even knowing it.

Without realizing it, many of us perform actions relating to the principles of authentication on a daily basis; it's not just a process related to the cloud or computers. For example, we all use credit/debit cards, and when we pay for something with our card, we are essentially providing an identity to the card reader, defining who we are and ensuring that we can pay for the item we are buying. The verification of that identity comes in the form of a pin number; this verification completes the authentication to the bank, and the money is deducted from our account.

So, authentication is a two-step process, comprised of an identity and the verification of that identity.