Computer systems are frequently relied upon to process and store sensitive information. Increasingly, computers are also becoming more and more interconnected with one other via networks such as the Internet. With this increased interconnectivity, the risk of unauthorized access to computers and information has increased.
Password protection schemes are commonly employed to control user access to computer systems by identifying and authenticating authorized users. With a password protection system, proprietary or confidential information retained by the computer system may be protected from unauthorized access. Typical password protection schemes often require a user to input alphanumeric character strings (e.g., a user ID character string and a password character string) in response to a challenge from a security system of a computer. The inputted character strings may then compared with user ID character strings and associated password character strings stored in memory (e.g., in a lookup table). If the inputted user ID and password character strings match one or the user ID character strings and its associated password character string stored in memory, the user is then granted access to data and/or execute programs via the computer system.
Unauthorized access to computer system information can be obtained by exploiting various security flaws found in computer software products. A common flaw is the susceptibility of said software to the theft of identification and authentication data either directly from said software as it executes, or, from the operating system or hardware on which said software is executing. Another common flaw is the susceptibility of said software to illicit modification. Such modifications may remove, disable, or compromise the security features of said software. Also, identification and authentication data can be stolen by monitoring keystrokes on a keyboard, for example, in order to steal a password as it is being typed in. Once stolen, this identification and authentication data may be used to obtain unauthorized access to the protected system.
In order for a password protection scheme to provide effective protection, a user's password needs to be kept secret. However, many common password protection schemes suffer from several problems including:    1. Vulnerability to computational attack by a high speed computer which can simply wander through all combinations of characters until a correct password is found.    2. Once a password has been found, it can subsequently be used over and over again until the breach is discovered.    3. Since users frequently find it difficult to remember passwords, users typically tend to choose simple sequences of character for their passwords which are easy to discover and, therefore, even more vulnerable to attack.