Authentication to separate authorized users of a computing device (e.g., a computer system, a data entry terminal, a smartphone, etc.) from unauthorized users has become increasingly important as individuals and organizations continue to store ever greater amounts of sensitive data on such devices, and as such devices become ever increasingly connected to still others of such devices through ever expanding arrays of wired and wireless networks. One long accepted approach to authentication is to require a would-be user of a computing device to enter a password that is intended to be known only to one or more authorized users, and perhaps also to one or more authorized system administrators having some degree of control over who is supposed to be an authorized user of that computing device. The use of passwords requires far fewer computational resources than various biometric-based approaches to authentication that have been previously proposed (e.g., reading finger prints, voice analysis, etc.).
Unfortunately, the use of passwords suffers numerous drawbacks. A password may become known to someone who is not an authorized user of a computing device, thereby enabling that unauthorized person to operate that computing device as if he/she were an authorized user. Passwords having characteristics in their combinations of characters or keystrokes that are deemed to make them “strong” passwords (e.g., passwords that are not easily guessed) tend to be difficult for authorized users to remember. Indeed, it is often the case that given an opportunity to create a password themselves, an authorized user will tend to create a “weak” password that may be a street name, a pet's name, an all-too simple sequence of numbers (e.g., “1234”), etc. that is all too easily guessed by others. Further, once discovered, a password is quickly and easily spread to others (e.g., via the Internet, on slips of paper, etc.). It is with respect to these and other considerations that the techniques described herein to utilize a keyboard as a biometric authentication device are needed.