# Identity ValidationAuthelia uses multiple methods to verify the identity of users to prevent a malicious user from performing actions on behalf of them. This section describes these methods.

## Configuration

{{< config-alert-example >}}

```yaml {title="configuration.yml"}
identity_validation:
  elevated_session: {}
  reset_password: {}
```

## Options

The two areas protected by the validation methods are:

- [Elevated Session](elevated-session.md) which prevents a logged in user from performing privileged actions without
  first proving their identity.
- [Reset Password](reset-password.md) which prevents an anonymous user from performing the password reset for a user
  without first proving their identity.