A plurality of authentication mechanisms exist in the art. Some are based on user input of user identification and/or password, others are based on documentation, such as providing a driver's license or a credit card, and still others are based on biometrics, including iris scans, fingerprints, and so on. Such authentication mechanisms may grant users access to various levels of a given enterprise. For example, when users call banks, they may have to provide a personal identification number (PIN) to check the balance of their savings account. However, this single mechanism, and others like it, is insecure since users tend to pick PINs that can be easily hacked (or, alternatively, they may forget their PINs and/or disable this feature altogether when accessing an enterprise). In fact, none of the mechanisms in the art are arranged and structured in such a way as to leverage the strong aspect of each individual mechanism while minimizing the weak aspect thereof. Thus, what is needed are sound authentication mechanisms that are built on a plurality of other mechanisms in such a way as to leverage the strong aspects of each of the plurality of other mechanisms while minimizing the weak aspects.