In computer security, logging (or signing) in and out is the process by which individual access to a computer system is controlled by identification of the user using credentials provided by the user. It is an integral part of computer security. A user can log in to a system to obtain access, and then log out when the access is no longer needed. Note that the term log in (a verb) is two words, while login (a noun referring to the procedure, credentials, or form used) is one word; the same applies to log out and logout.

Logging in

The website Wikipedia's login form. A user name and password are required.

The primary use of a computer login procedure is to authenticate the identity of any computer user (or computer software on this or a different computer) attempting to access the computer's services. The login procedure can also provide an audit trail of the use of the system.

To log in to a system usually requires:

• a user name, a unique sequence of characters the user chooses to represent himself or herself with. A user name can be the user's real name, but is more often a short nickname or screen name. The term User ID is also used on some systems (e.g. EBay). Many websites now use emails in place of the username, which are not publicly available, making password guessing much more difficult (the hackers need to guess the email as well)
• a password, another sequence of characters which provides the user with a key to the system and is kept secret from others.

Logon banner in Windows Server 2008.

Logging out

To log out (also: to log off, sign out, or sign off) is to close off one's access to a computer system after previously having logged in.

Logging out may be done explicitly by the user performing some action, such as entering the appropriate command, or clicking a website link labeled as such. It can also be done implicitly, such as by powering the machine off, closing a web browser window, leaving a website, or not refreshing a webpage within a defined period.

In the case of web sites that use cookies to track sessions, when the user logs out, session-only cookies from that site will usually be deleted from the user's computer. In addition, the server invalidates any associations with the session, making any session-handle in the user's cookie store useless. This features comes in handy if the user is using a public computer. As a security precaution, one should not rely on implicit means of logging out of a system, especially not on a public computer, instead one should explicitly log out and wait for the confirmation that this request has taken place.

Logging out of a computer when leaving it is a common security practice, preventing unauthorized users from tampering with it. There are also people who choose to have a password-protected screensaver to activate after some time of inactivity, requiring the user to renter their login credentials to unlock the screensaver to gain access to the system.

References

1. ↑

See also

• Computer security
• Account
• Password
• Password policy
• Login spoofing
• Login session
• OpenID
• /var/log/wtmp

cs:Login de:Login fr:Identifiant ko:??? id:Log masuk it:Login lv:Ie?urn?le ln:Ekitoli nl:Login ja:???? pl:Login pt:Login ru:????? sk:Login vi:??ng nh?p