To verify a user's identity

To encrypt user data

To provide access to resources

To determine what a user can do

The guest's access to amenities

The guest's room number

The guest's identity

The guest's payment method

Because it is only used by select users

Because it uses complex encryption

Because login pages are often publicly accessible

Because it requires multi-factor authentication

Sensitive authentication details

Usernames

Session IDs

Page titles

Denial of service

Brute force attacks

Phishing attacks

Social engineering

Securing password recovery processes

Implementing multi-factor authentication

Using established security standards

Reinventing authentication mechanisms

It relies on a single security question

It requires multiple forms of verification

It uses only passwords

It is optional for all users