This chapter discusses various authentication schemes and examines their implementations, advantages, and drawbacks. The first line of defense a computer system has against intruders is the user authentication system. The user authentication system attempts to prevent unauthorized users from gaining access by requiring users to validate their authorization to use the system. The primary objective of an authentication system is to prevent unauthorized users from gaining access to a computer system. Biometric authentication systems rely on a user's physical characteristics to grant or deny access. Examples of biometric keys are fingerprints, voice prints, retinal prints, hand geometry, and facial profiles. Informational keys are predetermined words, phrases, or questions that an authorized user knows and can provide to the system when queried. One of the most commonly used authentication schemes employs passwords. Questionnaire authentication attempts to validate a user with questions that an intruder is unlikely to know. Three commonly used physical keys are magnetic cards, smartcards, and specialized calculators.