DEV Community

Cover image for Why Do We Need Authorization and Authentication? πŸ”‘

Why Do We Need Authorization and Authentication? πŸ”‘

Maria 🍦 Marshmallow on December 30, 2022

We live in an era where digital data is becoming an increasingly valuable asset, and with that comes the need for privacy and security. Authorizati...
Collapse
 
chasm profile image
Charles F. Munat

We need authentication and authorization because human beings are lying, devious, thieving, dishonest c*nts. Infants, really, who can't be trusted. Ever.

And our refusal to embrace adulthood and maturity -- ever -- costs us trillions upon trillions of dollars every year and untold suffering, death, and destruction.

All because we just won't grow the f*ck up.

That's why we need authentication and authorization. Just think of how much easier and nicer everything would be if we just did the right thing. Ha, ha. But noooo.

Collapse
 
mariamarsh profile image
Maria 🍦 Marshmallow

Yes, unfortunately there are many dishonest people in the world. I'm not talking about real life yet, but on the Internet every second link is a scam.
I hope you never had any unpleasant situations related to this πŸ€—

Collapse
 
chasm profile image
Charles F. Munat

I've never been scammed (I'm careful), but I started my career around the time things really started to take off: 1995. Spam was something you encountered on Usenet newsgroups. I thought it was dumb, but it didn't really bother me until my email inbox started filling up with hundreds or thousands of messages offering me penis-enlarging pills (or breast-enlarging), get-rich-quick schemes, herbal "remedies", etc.

Many of these early spam were incredibly vile and rude, and I was outraged that these sociopaths could so easily invade my inbox and ruin my email experience. Back then there was still some expectation that others would treat you with respect. You had to go looking for trouble. Now suddenly it came looking for you.

And then the Nigerian scams started and the phishing and all the rest. Until spam filters were invented, I often got so angry that I simply logged off and did something else until I cooled down. I spent at least a year really angry.

This was before GMail and even before Hotmail was popular. Hell, it was before Google. But it was a horrible experience and it really destroyed my opinion of humanity (which wasn't that high to begin with). The worst part is that all of this could have been solved easily by making spam illegal, and then tracking down and imprisoning repeat offenders. They always leave a trail.

But a lot of people were making money off of spam (and still do) -- not just the spammers but those who hired them -- and off the traffic, and off anti-spam products, etc., so there was little impetus to fix the problem. As always, the real problem is not the small number of evildoers, but the huge number of those who simply go along, look the other way, or try to profit off of it.

I still get regular spam that gets by the filters -- and how many potentially important emails have I missed because they went to the spam bin? Have I lost job opportunities? Romance opportunities? Things that might have changed my life for the better?

And we haven't even touched on viruses, Trojan horses, blackmail, extortion, porn and revenge porn, etc.

Thread Thread
 
chasm profile image
Charles F. Munat

Oh, and, of course, the global surveillance state...

Thread Thread
 
mariamarsh profile image
Maria 🍦 Marshmallow

You wrote a whole post heh πŸ˜›
I think this is the same global problem along with bloated code that I reviewed on my blog earlier. It would be great if we raise such topics more often.

Collapse
 
bretbernhoft profile image
Bret Bernhoft

You bring up a really important field of practice for all IT professionals; security. Authorization and authentication are security tools that the Internet depends on. And it's our job, as Developers, to understand how to best utilize all of this. Thank you for your article, as well as the clean graphics.

Collapse
 
mariamarsh profile image
Maria 🍦 Marshmallow • Edited

Thank you Bret! πŸ₯° I hope someone will be more careful now πŸ›‘

Collapse
 
frederickprice profile image
Frederick Price

Cool article, thanks

Collapse
 
mariamarsh profile image
Maria 🍦 Marshmallow

πŸ€—πŸŒˆ

Collapse
 
phophogr profile image
Phoebe Green

Very informative post!

Collapse
 
mariamarsh profile image
Maria 🍦 Marshmallow

Thanks πŸ₯°

Collapse
 
alessioferrine profile image
alessioferrine

This is a very important topic, in the modern world we all need to think about digital security first.

Collapse
 
mariamarsh profile image
Maria 🍦 Marshmallow

Thank you ❀️
It's a really important thing πŸ€”

Collapse
 
atndesign profile image
Moulun Kevin

Really informative content, it helps me understand the core principles of authorization and authentication, thank you!

Collapse
 
mariamarsh profile image
Maria 🍦 Marshmallow

Thank you Kevin, my pleasure πŸ₯°

Collapse
 
merc_opolo profile image
Merc Opolo

This is quite an interesting article. Auth is an important step to prevent security issues, thanks for the reminder.

Collapse
 
mariamarsh profile image
Maria 🍦 Marshmallow

Glad you liked it, take care of yourself βš”οΈ

Collapse
 
somnath_rangrej profile image
Somnath Rangrej

Thanks for sharing the article,

Even in web API testing using Postman, we indeed use the same concepts/types of Authorization and Authentication!

Collapse
 
mariamarsh profile image
Maria 🍦 Marshmallow

I'm glad to help, thank you for your interest!πŸ’–