Problems with authenticating website users through the use of passwords are well known. Users are told to create very strong passwords, use different passwords on every site, record or remember all their passwords, and keep all of them private. The burden is on the user, yet even for the users who are willing and able to do all of this there is still more work for them if passwords are stolen from a website they frequent. They then have to provide a new, unique, strong password for that site. The problem for users is magnified for those who use the same password for all or most of the web sites they visit, creating a real headache when their password is compromised. But using a complicated and different password for each site requiring user authentication is a trial for many people, even when using a password manager.
Similar problems arise for those who wish to password protect files or discs on the computer itself. They can be locked out of a file or disc simply because they have forgotten or misplaced the password they used to keep the material private.
What is needed is a method and system for creating and using passwords that recognizes that not all users are willing or, perhaps, able to take the recommended steps required to protect their passwords, a method and system which provides passwords that are private, unforgettable, easily changed, very strong and far less burdensome for the user.