A longstanding goal in computer security is to enable highly secure transmission of data. Passwords are a commonly used technique for user authentication whereby a user may enter a sequence of alphabetic, numeric, or other characters. The password may be directly compared with a password at a server computer, or hashed and compared with a hash stored at the server computer. Once the password is verified, an encryption key may be established between the user and the server computer. However, typical passwords chosen by users are often low-entropy: they have few characters and common patterns. Thus, brute force attacks such as general purpose graphical processing unit (GPGPU) based attacks may be used to crack passwords. In some cases, minimum password length and complexity requirements may be defined to force users to choose complex passwords. However, increasing a password's complexity increases a user's difficulty in remembering the password, which may lead to yet other sources of vulnerability (e.g., the user writing down the password on a notepad or saving it in an electronic document).
Embodiments of the present invention address these problems and other problems individually and collectively.