1. Technical Field
The present-invention generally relates to computer security and in particular to security management on distributed computer systems. Still more particularly, the present invention relates to password management for internet services.
2. Description of the Related Art
The explosive growth of the Internet has created a problem in password management. As more and more web sites which require some form of user authentication appear on the Internet, the problem facing users in managing their userids and passwords is becoming increasingly difficult.
Further, as many web sites are being visited by an increasingly-large number of users it is becoming increasingly difficult for a typical user to acquire a userid of choice. The user is normally forced to create a particular variant of his preferred userid (e.g. bob003), or is assigned some userid by the web site itself.
Many web sites also have their own security policies and requirements. For example, a userid and/or; password may have to be a minimum length and may require or forbid certain content. The web site may also force you to change your password on a regular basis, and may also prevent you from using certain aspects of your previous passwords.
Therefore, many Internet-users are forced to manage dozens of userids and passwords each potentially having different requirements. These userids and password combinations are difficult to remember or are not very secure. Many users attempt to resolve this by creating lists of userids and passwords so they will not be forgotten.
This problem is further complicated by the ubiquitous nature of Internet access. As a user goes from one terminal to another he currently has no secure way to access his userids and passwords (e.g. work, home, other). For example, while a user might store a list of userids and passwords on his office computer system, this list would be unavailable when the user is working on another computer system.