Ever since humanity assigned value to resources such as property and information, there has been a need for access control methods, that is, methods to keep unauthorized entities from gaining access to the resources. This started with simply hiding the resources and then proceeded to the locking away of resources. As information became more and more valuable, encryption was added to the arsenal—a resource may be accessible but rendered useless to anyone but authorized entities. In the electronic age computers are used to control access. A terminal (such as a display with a keypad or keyboard) is presented to a user who wishes to gain access and an access procedure is required to be performed successfully.
Computer security is a major concern in modern society. Personal, confidential and classified information is stored on computers. For example, banking is conducted via the Internet, personal secure data is stored on computer systems, and documents detailing classified information are also stored on computers. Unfortunately, computers and computer networks are very susceptible to unauthorized access (hacking or attack.)
A common prior art method of controlling access to a computer system is to require the user to enter a username and then a password. For example, FIG. 29 shows a prior art entry screen. The user has entered his username and then his password. To gain entry the user clicks on the Enter button as shown. If the correct username and password are entered, the user is allowed access to the system. The entity determining whether to allow access can be called a verifier (since it needs to verify the provided access information.) The user requesting access needs to have previously established an account with the verifier through an enrollment process. The account can be considered the information that is used to allow access—in the present case the username and password. This information is a shared secret; both the user and the verifier must have it in their possession for an access procedure to succeed. A shared secret is really an oxymoron; the ideal secret is one that is not shared. The fact that both user and verifier store this secret considerably increases the chance that an unauthorized entity can get hold of it—it increases the vulnerability or weakness of the protection. Other weaknesses are inherent in the specific access control method and also in the user of the method.
To have maximum effectiveness as a security measure, a password must be hard to guess. If the user has a simple password to remember, it is more likely that an attacker will be able to quickly guess his password. Therefore, a user is advised to pick a password that is hard to guess and is comprised of random letters and numbers (similar to the password shown in FIG. 29). The problem, however, with a password of random numbers and letters is that the password is difficult for the user to remember. This is especially true if the user has multiple accounts requiring multiple passwords. If the user does have multiple accounts, he will typically do one or more of the following: 1) the user may just use the same password for each account, or 2) he may have multiple random passwords, but just write them all down so that he does not have to remember them, or 3) he may not change his password as frequently as he should.
These user behaviors significantly increase the vulnerability of this prior art method. For example, if the user repeatedly uses the same password, an attacker will only need to figure out the password once and will then know how to access all of the user's files. Likewise, if the user chooses many passwords and writes them down, an attacker will only need to find the document that lists the passwords and then he can gain easy access to the user's systems.
Additional weaknesses are: the access procedure has to be hidden—an attacker could simply observe (possibly from a distance) the person entering their password or—more worryingly—use key-logging software to record the user's entry for later retrieval. A user may also be tricked into revealing his password (social engineering, phishing,) or simply tell a colleague or acquaintance.
Of great concern are also the increasingly sophisticated and automated attacks on computer systems and the compromising of verifier systems with often millions of records of user account information stolen.
Other prior art access control methods include challenge-response security questions, biometric identification (iris scans, fingerprint scans,) and hardware tokens. All address some of the mentioned vulnerabilities but introduce others or add inconvenient or expensive requirements (extra hardware, for example.)
What is needed is a better system for user authentication for allowing secure access to a computer controlled device.