One of the benefits of the World Wide Web is that it generally allows people to connect globally without substantial barriers. However, this has also led to lack of proper security for users communicating via the web. The lack of proper security exposes users to cyber-criminals, hackers, and others, who want to steal information from people using the web.
One attempt to provide protection against unauthorized access to data is to authenticate users prior to giving them access to such data. For example, users may be required to provide a password that only the user should know before allowing the access. However, users often store passwords or other authentication information in devices such as the user's computer, cell phone, or the like. In this case, cyber-criminals may hack the user's device and obtain the user's authentication information to impersonate the user and unlawfully access data.
Accordingly, what is desired is a system and method for authenticating users while limiting exposure to data used for authentication purposes.