Personal security, particularly with respect to the Internet, has been a primary concern for individuals and business that conduct activities online. Entities devoted to security subversion have become increasingly sophisticated and have been able to circumvent some of the strongest security measures in the world. Accordingly, there exists a constant need for improved security measures.
Illustrative methods of subverting security measures may involve using one or more computing systems, such as a bot, a botnet, and/or the like, to generate an attack. Such methods can be particularly useful in using automated techniques to guess passwords. Previous attempts to prevent such automated techniques have resulted in security measures that use challenge-response testing to determine whether an entity requesting access to an account is a human or a computing system. Such challenge-response testing generally requires an entity to enter characters from a distorted image to verify that the entity is a human user. For a time, the challenge-response testing was successful in verifying an entity was human. However, advances in computing technology have made such challenge-response testing less effective.
Other illustrative methods of subverting security measures may include unauthorized users posing as authorized users to gain access to a secured resource. In such methods, the unauthorized user may have information pertinent to an authorized user that is used to “trick” the security measures into allowing the unauthorized user access to the secured resource. Current methods include requiring an authorized user to provide additional security information when setting up an account, such as, for example, a mother's maiden name, a name of a dog, an old address, and/or the like. However, such information is easily obtainable by unauthorized users.