Today, many computer systems rely on a single-phrase password system to grant access to the computer system. Single-phrase password systems are easy to circumvent, such as by interception, by “brute-force” software programs that generate multiple combinations of characters, which are entered into the system, or by programs that snoop around system memory looking for possible passwords. Furthermore, many people write down their passwords, because they are non-intuitive and thus difficult to remember.
Some prior art systems use one-time password modules. Using these modules, a user inputs a seed into a one-time password generator, which generates a list of multiple passwords of seemingly random characters. The system on which these passwords are to be used will accept each password on the list only once. Thus, even if an eavesdropper were to intercept a password that an authorized user has used or is using to log on to the system, the eavesdropper cannot use the password. Because it has been used by the authorized user, it cannot be used again.
One-time password modules have the disadvantage of generating strings of random characters that are incomprehensive, non-intuitive, and thus difficult to remember. Users often write the list of passwords down, compromising the security of the system if the list is found and later used by an unauthorized user.
Other prior art systems use biometric information to grant access to a computer system. These systems use biometric hardware, which may not fit on systems that have a small footprint, and associated software.