Many secure web sites require some form of user identification and/or authentication as part of the log in process or as part of a transaction such as for example a payment transaction. Key loggers, root-kits and other malware may observe and capture the credentials entered by a user during one of these processes. Some solutions may require the presence of software or other mechanisms at the remote server or web host.