Many computer systems and communication systems rely on the use of various security means, including passwords, to prevent access by unauthorized users. A password commonly is a sequence of alphanumeric characters known only to an authorized user that can be entered on a keyboard. However, as used in this specification, a password may comprise any act or series of acts that must be performed to gain access to a system and which acts are, at least presumably, known only by persons authorized to have access to the system. For instance, while a series of alphanumeric characters that may be typed on a keyboard is the most common form for a password, other types are known. For instance, various kinds of combination locks where one must punch buttons in a certain order and apparatus which require a particular series of manipulations of a handle or joystick are also known.
Successful typing of a password enables an authorized user to utilize features of the computer system or communications system. For example, in a computer system, a password may be utilized to limit access to certain databases only to authorized users. The authorized users must type in a certain character sequence (password) via a keyboard associated with said system before access will be permitted.
The passwords usually are secure means to restrict access. However, the sequence of characters in the password can be discovered by an unauthorized user. A security leak or an intentional tap can result in unauthorized and fraudulent access. Examples of these cases include: 1) visually inspecting the movement of fingers while an authorized user is entering the password; 2) looking into personal notebooks or notes; and 3) random search techniques.
There are several secured access means known in the prior art that provide additional security not provided by passwords. These secured access means include personal identification systems such as “fingerprint”, “retinal image” and “voiceprint” systems. In such systems, an individual provides a sample of his or her fingerprint, eyeprint or voice such as by placing a thumb or eye on an optical scanner or speaking into a microphone coupled to a voice recognition system. “Fingerprint” and “retinal image” systems are very secure as fingerprints and retinal patterns are unique to each person and cannot be easily copied. “Voiceprint” systems are also very secure because they detect unique aspects of a person's voice.
Other secured access techniques include signature systems which operate based on an identification criteria comprising a person's signature and a verification system which carries data representative of the signature dynamics of an individual. This technique requires a reading station or a facility access station wherein a person signs his name on a surface that is equipped to read and digitize the signature. The digitized signature is compared against a reference signature stored in the verification system.
Many of the personal identification systems, including “fingerprint”, “retinal image”, “voiceprint”, and “signature” systems, are very secure in nature, but are rather complex and expensive. They conventionally require intrusive hardware and software and significant amounts of computational time and power in order to accurately analyze and compare the necessary data to effect a recognition or approval for access.
The use of passwords is a simpler and more cost effective way to allow authorized access. However, passwords lack the necessary level of security required for many applications.
Thus, there exists a need for a method and apparatus that provides additional security of passwords, especially against theft by visual inspection or random search techniques.