This page uses content from Wikipedia and is licensed under CC BY-SA.


An authenticator is a way to prove to a computer system that you really are who you are (called authentication). It is either:

  • A piece of data (often called a token) that you got from the last place where you proved who you are (to save you, or the software, the hassle of logging in again).
  • A program, usually running somewhere on the computer network, that takes care of authentication.

Authenticator tokens are common when one program needs to authenticate itself to a larger server or cloud repeatedly. For instance, you (the human) might sign on to a secure website with your name and password, after which you can surf around inside the secure server, visiting different web pages. Every time you move to a new page, however, the server must believe that you are the same person who originally signed in (otherwise it will refuse). Your browser keeps an authenticator token, which it sends upon every page request (often as a browser cookie), that does this.

More complex situations might involve a program that runs automatically (say, at 4:00am every morning) that similarly requires authentication to get at the data it needs, but there's no human around to log in for them. An authenticator token must be prepared in advance that this program uses. Ultimately, some human must authenticate to create such a token.

  • In INFOSEC, authenticators are means used to confirm the identity or eligibility of a station, originator, or individual.
  • In IEEE 802.1X, an authenticator is an entity at one end of a point-to-point LAN segment that facilitates authentication of the entity attached to the other end of that link. In practice, the authenticator is usually a network switch or wireless access point that serves as the point of connection for computers joining the network. The authenticator receives connection requests from a supplicant on the connecting computer.