The present invention relates to computer-based security, and more specifically, to pass-pattern authentication for computer-based security.
The use of passwords as a means for authentication is a continued source of vulnerability. In order to enhance the likelihood of remembering a password, individuals tend to select common or familiar words, phrases, names, or dates that are relevant to the user. However, in doing so, it tends to make the password more vulnerable to compromise. A recent study indicates that a few of the most common passwords are “12345,” “password,” and “qwerty.” These passwords may be easily uncovered by one who is able to apply a common password cracking tool to ascertain user passwords and gain access to user accounts. Further, these passwords are also subject to detection by others via direct observation (e.g., viewed by another at the time a user enters the password at an ATM).
In some cases, techniques have been instituted to combat the use of common terms as passwords, such as extending the minimum length of the password, requiring the use of alphanumeric values in the password, and requiring a combination of upper and lower case letters, to name a few. However, as more restrictions are placed on the creation of a password, the greater the tendency that a user will have difficulty remembering it. If the password is too difficult to remember, a user may be tempted to write it down and keep it with him/her or near the device used to authenticate, which greatly increases the vulnerability factor and may even defeat the purpose of having a password.