Many computing devices, whether they are desktop computers or mobile devices, make extensive use of passwords to protect sensitive information and to control access to secure resources. The password may be used to control access to the device by, for example, restricting access to applications on the device until the password is correctly entered. In addition, the password may be used as part of an encryption algorithm to encrypt data on the device.
Typically, an end-user may be prompted for a password. However there are cases where a password may be lost, forgotten or compromised, or in the case of a mobile device, the device itself may be lost.
In some cases, a password may be provided to and stored on a server, which may then allow the password to be retrieved. However, in other situations it is undesirable, for security reasons, to store an unencrypted version of the password or to provide the password to the server.
In cases involving devices with encrypted perimeters having an encryption key derived from a password, a lost or forgotten password prevents data on the computing device from being retrieved. Moreover, in some cases and for security reasons, the plain-text password is not stored on the device, meaning that it is technically impossible for the computing device to perform any tasks involving the encrypted data without the password.