Computer login traditionally consists of a user typing in an account name and a password.
Historically, access validation, such as authenticating a password for an account, has been through reading data from a single password file comprising account name and encrypted password. Once a single account and a typed password is known, system security can be compromised. Once encryption for a single password is broken, all other passwords are potentially comprised, as all passwords and account names are conveniently located in the single password file and use the same encryption.
U.S. Pat. No. 6,442,692 [Zilberman] disclosed a special microcontroller embedded within a keyboard. The microcontroller was employed “to measure certain characteristics of the user's keystroke dynamics” independent of the typed text, including the timing, intervals, and durations of key presses and pauses. These measured characteristics were then used as integral information for authenticating a user's identity.
U.S. Pat. No. 6,766,456 [McKeeth] disclosed user input from one or a combination of input devices as a basis for user authentication. McKeeth used matching of “implicit input” as part of the authentication, where the implicit input is related to the timing and/or duration of explicit inputs.
Zilberman and McKeeth used surreptitious surveillance of user input, where the user could not choose or control data vital to authentication. McKeeth disclosed the possible usage of multiple input devices, used singularly or in combination, but only disclosed that “the computer system may be configured,” never anticipating that a user may choose the input device configuration.