In modern society, a person typically has many accounts to access different applications, including banking, email, websites, and databases. Each of these applications requires the user to enter a password. The password, in combination with a user name, identifies the user and provides the user with access to information that is relevant to that user. Typically, a user is not able to access information relating to a different user, particularly in banking and other financial applications. Some websites allow a user to view, but not modify, a directory of another user.
Different applications impose different requirements and restrictions on passwords. Passwords typically consist of alphanumeric characters, but different applications may require a different number of characters or the inclusion of at least one number. It is prudent not to use as a password any personal information that might be readily obtained or guessed. Such information includes birthdays and names.
As a user typically has many passwords, each of which may have different parameters and lengths, it is difficult for the user to remember all of the passwords. It is also difficult to recall the application to which a given password corresponds. It is generally not advisable to use the same password for all applications, because the password rules may differ for different applications. Further, using the same password for a bank account and a frequent flyer account, for example, provides the airline, or an employee thereof, with the means to access confidential banking details of the user.
If a single password is used for multiple applications, compromising one password can compromise accounts on all other applications. Recording passwords is both cumbersome and a security risk. If a written record of passwords and corresponding applications is lost or stolen, the consequences may be disastrous for the user concerned.
Some companies offer a service to validate a user at all websites on the Internet via a single password. Such systems cost money and may not be entirely trustworthy. In such systems, a validated user accesses an intermediary website using a single password. That website then validates the user at all other websites.
Thus, a need exists for a method of generating passwords for multiple applications using a single key.