(no title)

If you think two different words having different meanings is difficult, wait 'til you hear about contranyms! English is full of words like these, where context is needed to understand the meaning.

If something is fast, it moves quickly or not at all. Cocktails can be garnished, but so can wages. Sales or trade of a product could be sanctioned by one country, but sanctioned by another.

I generally think it is a good thing to communicate clearly. Sometimes that means using words differently to explain something. Other times, that means using words the same way as others. I think this is a case of the latter.

Also, I think the idea of "native speaker" is a bit of a red flag. There are plenty of people that speak English from birth but are utterly unintelligible, and there are plenty of people that speak English as a second language who speak more clearly than those.

I don’t really consider making an API call as “logging in”. The term sounds really out of place other than in a few specific contexts.

The wild thing is that they’re apparently from different etymologies. “Authorization” comes from “auctor” in Latin, meaning “leader” or “author”, whereas “authentication” originally comes from the Greek “auto” meaning “self”. There probably was some cross influence that brought them into line though.

I don’t think they are almost identical, they just have the same prefix. “Login” and “permission” each have the same problem: “login” is very similar to “logging”, and “permission” shares a prefix with “persistence” (or permanent). Ultimately software engineering is a broad enough field that we will necessarily have to use similar words to describe the many, many concepts

"login" refers to the record of access¹, not the access itself, so it is more properly associated with audit. This dates from the early days² of time-sharing systems when you didn't need a password, you were just saying hi to the computer.

__________

[1] Derived from the signing of a ship's logbook³ when coming aboard.

[2] A few decades ago.

[3] The logbook originally⁴ recorded navigational data and is named for instruments measuring speed through water⁵, of which the simplest is literally throwing roped wooden logs off the stern and counting the knots on the line paying out per interval⁶.

[4] Doubtless some bright-eyed young hornblower with a glittering future career as an admiralty archivist realised that log-structured records could be generalised usefully to all timestamped event and measurement capture, which is why your syslog is full of crap.

[5] Consequently any vessel, maritime or otherwise, measures its speed through the medium in knots. The Enterprise NCC-1701-D, for example, tops out ca.146 megaknots under impulse engine.

[6] It follows by transitive etymology that you may use the term "knots" to edify and delight your colleagues when referring to the rate of creation of user sessions.

That's because they share the same root auto-, i.e. "self". Because they're related concepts...

> Most people don't speak english natively either.

This is a problem with only one solution: continue to improve one's skill with the language. You can't solve this by choosing different terms, because then something else will be the "this is confusing to non-native speakers" hangup. You can whack those moles until the day you die and you'll never get them all.

I disagree. To authenticate something is to challenge it to prove its identity. Authentication is much broader in scope than "login," even within the narrow domain of computer science. JWT signing, domain certs and so forth fall under the "authN" header and use the same cryptographic tools and techniques... even many forms of user authN don't have a "login" flow.

Why would we choose "login" - which is more of a special case than the norm to describe something we already have a precise term for?

If words being similar is truly an issue we would have vastly different languages.

Related words for related concepts is very normal, and if you are a professional in this space it's the least we can do to recognize the difference. We aren't astronauts, we have the time to figure it out.

Language learners already learned a second language, they have the skills to figure this out. At least it's not a homonym.

Most people literally do speak English

https://www.google.com/search?q=most+popular+language+in+the...

but the rest of your point is dead on.

'permission' might be ok, but 'login' is very imprecise and much more ill defined than authenticate.

> Having two almost identical terms that mean completely different things is not a very good idea.

What's the problem of telling apart the task of authenticating users from authorizing their access?

There's already identification and authorization (IAM) which is mostly a backronym.

In the case of “auth”, it stands for two related but often separately managed operational processes.

From an end user perspective, auth is the problem. Users can’t determine what is login vs permission. If non native speakers can’t handle the distinction, it’s a valuable lesson to learn.

Login is not obvious. A login is usual a process step before the main part of the process. That does not fit to an API call which is authenticated using a token.

Well, in that case, we are all going to have to talk about the difference between a "product manager" and a "project manager" ;)

what's the difference between login and logon?

Except then I won't be able to flip the bozo bit on people who confuse authentication for authorization in conversation...

You're saying that they are almost identical because they share the first 4 letters.... That's a pretty low bar.