In recent years there has been a steady increase in vast pool of computer systems and applications that process and store huge amount of sensitive information via a computer network such as Internet, in order to meet the ever increasing needs of users. Internet users create accounts and get benefits of various services offered on Internet by accessing various computer systems. In many scenarios, to provide a proof of the user's identity, users are required to provide user credentials or sensitive information, which are then stored in servers for future authentications. Usually, such sensitive information that enables user authentication is stored in text format or is encrypted with some basic encryption technique. This provides considerably easy unauthorized access to computers and servers for accessing users' confidential information which finally leads to forfeiture of monetary transactions, fraud and unethical use of a user's information.
In a conventional authentication mechanism, it is mandatory for every user to create a password or passcode containing alphanumeric and special characters having fixed minimum length to avoid unauthorized access. If a password is weak, users are requested by the system to rethink and choose a stronger password. Generally, every system uses different techniques to choose password and calculate password strength for an account. Thus, users are prompted/suggested to use alphanumeric characters along with special characters by every individual service provider. Use of several such services tends to create multiple passwords for a single user. It is difficult to remember various passwords and then associate those passwords to the respective services. Additionally, at numerous occasions users fail to recall a password due to its complexity. Besides, it is not a good practice to keep a single password for all the services. As, if one account of a service is compromised, then, all the accounts of that user might be at stake. An alternative mechanism is to protect the passwords by appending them with biometric technology such as retina based authentication and finger print authentication. But, these techniques are not scalable enough when there is need for transmitting highly sensitive information through the network.
Therefore, a system and method that will successfully address the aforementioned problems is still considered to be one of the challenges of the field. Furthermore, a system that will enable the user to remember the complex passwords without compromising user's credentials is also considered to be a problem which requires to be solved.