This disclosure relates to the field of computer systems. More particularly, methods and apparatus are provided for retaining and automatically entering a login password or other security credential.
Username/password schemes are common methods of preventing unauthorized computer access, and require a valid user to enter an identifier (e.g., a username, an account number, an electronic mail address) and a security token associated with that identifier (e.g., a password, an access code, a personal identification number or PIN) before being granted the desired access. The user is expected to keep the credentials secret, or at least the security token.
As security threats continue to grow and evolve, so too has the sophistication of some username/password schemes. In particular, as more computer systems, data repositories, and other computing resources are hacked into or otherwise disrupted, organizations responsible for securing access to those resources (and other organizations having similar responsibilities) realize the need for tighter security.
One way of making access to their systems more secure is to place stricter requirements on user passwords, to decrease the likelihood of a malicious actor guessing a password or determining it through trial and error. For example, instead of simply enforcing some minimal length for a new password, tighter security schemes may require one or more of each of multiple different types or classes of characters (e.g., lower-case letter, upper-case letter, numeral, punctuation). In addition, users may be prompted or even required to change their passwords regularly (e.g., every month, every six months, every year), and may not be permitted to re-use a previous password. Further, users are warned not to use the same password for multiple systems, so that if one password is compromised the potential damage is limited.
As a result of increasingly stringent password requirements, users may be required or expected to remember numerous different and complex passwords without writing them down or otherwise making them easily available in a form that an eavesdropper or malicious actor could readily pilfer, observe, or intercept.