Challenge-response authentication: A method of authentication in which a server presents a question or challenge to a user or system seeking access, who must then provide a valid answer or response. This type of authentication is often used in scenarios where passwords alone are deemed insufficiently secure. The challenge is typically a random number, and the response is the correct encryption of this number using a shared key. By ensuring that the response is correct, the system verifies the identity of the user or system, thereby enhancing the security of the access process.
Categories: CC D3: Access Controls Concepts | CCSP D5: Cloud Security Operations | CISM D3: Information Security Program | CISSP D5: Identity and Access Management (IAM) | Security+ D1: General Security Concepts | SSCP D2: Access Controls
« Back to Glossary Index