1. Field of the Invention
The present invention relates to using passwords to control access to electronic content.
2. Background of the Related Art
Passwords are commonly used to control access to electronic content. For example, electronic content may be stored on a computer system in one or more password-protected files. Efforts are made to restrict knowledge of the password to authorized users of the electronic content. In a familiar example, the electronic content is an account holder's account information stored on a server of a merchant or creditor. The account holder may access the account information over the Internet by first supplying the correct password. Other familiar examples include the use of passwords to restrict log-in access to computers and portable electronic devices, and/or to restrict access to selected files on the computers and portable electronic devices by password-protecting the selected files.
For as long as passwords have been in use, people have tried to circumvent password protection to gain unauthorized access to the password-protected content. For example, an unauthorized user will sometimes attempt to discover or guess a password. The process of “brute-forcing” a password involves making repeated, often randomly-generated guesses until the correct password is eventually determined. A computer may be employed in brute-forcing efforts due to its ability to generate many guesses in a short period of time.
To thwart efforts to guess or brute-force a password, password protection schemes will commonly “lock out” access to the electronic content after a certain number of incorrect password attempts. However, even authorized users will sometimes make incorrect password attempts, such as if the authorized user mistypes a password and has to re-enter it, or forgets the password and has to try several possibilities. Getting locked out can be very inconvenient for authorized users. When access is locked out, access can no longer be achieved by merely entering the correct password, and additional measures must be taken before access is restored. For example, an account holder may have to contact a merchant to supply additional identification information, or a network computer user may have to solicit the assistance of a busy network administrator, so the merchant or network administrator can restore user accessibility of the electronic content.