1. Field of the Invention
The present invention relates to password authentication systems and, more particularly, to password authentication systems and methods as may be used to gain access to protected, secured systems.
2. Background and Related Art
Passwords play a large part of typical secured system users experience and are one of the most common means for gaining access to a wide variety of user accounts. For example, E-mail, banks, postals, commercial and various corporate and government networking sites all require passwords.
Typical password authentication systems employ a single password corresponding to a computer-based account. Such systems generally rely on a static history of the previous few passwords used for the account where the system requirement prohibits the reuse of a password within some specified past number of iterations. Such history of previous passwords may also be used to compare the difference between a proposed new password and previous passwords. Where the difference between a proposed new password and previous passwords maintained in the history does not meet some established criteria, the proposed password will be rejected by the system.
In addition, other password rules may be employed by such system. For example, the length of the password string of characters and type of characters employed may be specified. In addition, rules as to the order of characters employed and their position in the string may be specified. Alternatives to password access to systems do exist but are more time consuming, costly and difficult for the user.
Thus, although passwords are the generally accepted approach for user access to networks, accounts and the like, their use can be difficult because of the various rules governing their creation. However, since passwords protect accounts with valuable assets, they have increasingly been subject to attacks by various schemes.
The problems of password access to user accounts, and the like, is made more difficult by the large role passwords play in user lives. It has been found that the average web user has 6.5 passwords, each of which is shared across approximately 4 different sites. Moreover, it has been found that each user has about 25 accounts that require passwords, and types an average of 8 passwords per day.
Accordingly, there is a need for password authentication systems that offer higher security, and yet are less difficult and cumbersome to use by the users. For example, if users are required to obtain and remember a new password every one to three moths for multiple accounts, users are then inclined to use the same weak passwords over several of the accounts.