Computing systems such as desktop computers, laptop computers, tablets, netbooks, and servers, are now commonly used by various people and organizations. For example, students may use laptops when they attend classes on a school campus and employees may use desktops, laptops, tablets and servers when working at corporate/company locations. Computing systems may often be mobile computing systems, such as laptops, netbooks, smart phones, and personal digital assistants (PDAs). These mobile computing systems allow users to perform tasks at different locations (e.g., at home or at a coffee shop, rather than at a corporate office), due to the mobility of the mobile computing systems. Mobile computing systems also provide users with convenient access to a computing system, when the user is not able to access a desktop computer or server. Many users use mobile computing systems because of the convenience and portability of the mobile computing systems.
As the prevalence of computing systems grows, authentication of users and system security on the computing systems is an important concern. Many computing systems use a username/password combination to allow a user access to the computing system (e.g., log into the computing system). If a non-authorized person obtains a user's username/password, then the non-authorized person will be able to obtain all of the privileges and the type of access the user had to the computing system. In addition, if a non-authorized person is able to gain access to the computing system after a user has been given access to the computing system (e.g., after the user has logged in), then the non-authorized person will also have all of the privileges and the type of access the user had to the computing system.
After gaining the privileges/access of the user, a non-authorized person may attempt to change the settings on the computing system, access network resources, and/or attempt to access sensitive data (e.g., a user's files on a local hard drive) on the computing system. For example, the non-authorized person may change network settings on the computing system to redirect network traffic to a different server. In another example, the non-authorized person may attempt to access company confidential files that a user may have stored on the computing system. In yet another example, the non-authorized person may attempt to install malicious programs such as spyware, malware, viruses, trojans, keyloggers, and/or worms on the user's computing system. In a further example, the non-authorized person may be able connect to the network resources after gaining the privileges/access of the user. The non-authorized person might gain access to the network resources such as shared files, documents, emails, network drives, websites, and/or network services, by impersonating the user (e.g., by using a user's username and/or password).