Many service providers provide their corresponding services to users over a network, such as the public Internet. As the users consume these services, it is often necessary or useful for the users to provide the service providers with confidential information, such as financial information, purchase histories, and other personal data. More generally, the service providers often wish to distinguish individual users (or user accounts) uniquely, for purposes including, e.g., marketing available services, or providing users with services for which those users have paid.
Thus, it is often necessary for service providers to authenticate users, and thereby establish an identity or role of a user, and provide corresponding, appropriate access to authorized network resources. Accordingly, many different authentication techniques have been developed, and these include the use of a username/password combination, as well as various biometric techniques (e.g., fingerprint analysis).
Each of the existing authentication techniques have advantages and disadvantages, in terms of, e.g., level of security, availability, expense, and/or required hardware/software. For example, username/password combinations require users to establish and remember information, often for a number of different service providers, while a service provider(s) is often required to store the username/password combinations securely for many different users. Biometric techniques may be secure, and easy for a user to implement, but may require hardware that may be expensive and/or unavailable to particular users. Consequently, for these and other reasons, further improvements are desirable in the field of user authentication for accessing network resources.