What is a word to describe the opposite of "authentication"?

Authentication is seen as "entering the state of being authenticated." An opposite of authentication would essentially mean "entering the state of being unauthenticated". It is more common to refer to the specific process used and the specific context would determine the most appropriate variant. A few examples:

Your session is about to expire.

This certificate is no longer valid — it is has been invalidated.

You have been logged out.

This painting is no longer for sale because the authentication has been retracted; its authenticity is suspect and if it is a forgery it will be exposed.

Your credentials have been compromised. Please authenticate.

If you truly need to refer to a specific opposite than the two most logical words would be:

  • unauthenticate
  • deauthenticate

You can read more about the un- versus de- differences here on EL&U. It is worth noting that "deauthenticate" seems to be more common while "unauthenticated" is already a word and sets a precedence for using "un-".

In the end, if you will be using the word for any official documentation or publicly facing content you should check with your employer and manager for any official style guides. There is no one correct answer, here, and consistency is very important.


One last note is that the term "reauthenticate" has a similar problem but can be avoided by simply using the word "authenticate." Certain dictionaries do include an entry for "reauthenticate", however. I was not able to find a dictionary that included either "unauthenticate" or "deauthenticate."


Try repudiate (repudiation), meaning "to reject the validity or authority of; to refuse to recognize; to cast off or disown (a son, lover, etc)"

The third definition there hints at the meaning of refusing to acknowledge the continuing existence of something (a relationship, for example) that existed at some other time.

Synonyms include rescind, countermand and invalidate.

You could say something like "Your credentials are hereby repudiated."

Repudiation is a data security term, described here:

Repudiation: A repudiation threat involves carrying out a transaction in such a way that there is no proof after the fact of the principals involved in the transaction. In a Web application, this can mean impersonating an innocent user's credentials. You can help guard against repudiation by using stringent authentication. In addition, use the logging features of Windows to keep an audit trail of any activity on the server.

I would take the repudiation of credentials to mean that any future transactions would be considered unauthenticated and repudiable.


I know of no common usage antonyms. However, I think there is a need for more fine grained language around security, so I've been making up until I find something that does the trick. I use:

Misauthenticate: to accidentally be authenticated as somebody else--like accidentally swiping your spouse's credit card. Or to do so with permission, like using your boss's password in order to carry out her instructions.

Disauthenticate: to purposefully be authenticated as somebody else without their permission--like using stolen passwords to impersonate someone.

Deauthenticate: to change a relationship such that the other party no longer knows who you are--like logging out and then logging back in as a guest.


It doesn't really have one.

As an adjective I might use "unauthenticated". e.g. "You are unauthenticated". But it doesn't exist as a verb.

cf.: http://thesaurus.com/browse/authenticate