The invention is directed to the field of data security, and more particularly to techniques for managing passwords or other keys used in security operations such as user authentication.
Passwords are commonly used for purposes of authenticating a user of a computer system as a condition of permitting access to protected data and/or functions. For example, an online banking application requires that a customer provide a correct password or personal identification number (PIN) before allowing the customer to access his/her account information or perform banking transactions.
As computer use proliferates, especially with mobile computing that enables users to access information almost anywhere and anytime, users and administrators increasingly encounter the problems of password management—the need to establish, protect and use an increasingly large set of passwords for a variety of different computer systems and applications. Passwords can easily be forgotten, necessitating some cumbersome process of re-establishing a password before access to a desired service is granted. Additionally, it is necessary for users to enter passwords using the small keyboards of mobile devices, which may be more error-prone than when a regular-size keyboard (of a desktop computer, for example) is used. Another factor contributing to the burden of passwords is an increased focus on data security. Many applications have a time-out feature that requires a user to re-enter a password if sufficient period of inactivity has elapsed, to reduce the opportunity for unauthorized intrusions.