Authentication is the process of validating who a person is before allowing them access to a system (Sakai in this case). Authentication typically happens at login time, when the user presents a username and password, but sometimes it's necessary to re-authorize a person. A username and password combination is only one form of "credentials" that can be ued to establish identity. Other approaches use certificates, mutliple passwords, dongles, code generator cards, and biometrics. Ideally, a person should only have to login once to establish a Sakai session. This is referred to as single signon.