When a user contacts a bank or other enterprise via the telephone, the bank might require the user to orally provide his or her password to authenticate his identity. This type of authentication is particularly vulnerable to eavesdroppers, and, therefore, the need exists for a better method of authenticating a user via telephone.