Humans are hard to authenticate. When authenticating humans, security systems deal with one or more factors about that human to prove that they are indeed who they claim to be. The methods of authenticating humans have been built up over the millennium. Computers simply move these concepts to electronic technology. There are three factors3 that we use to authenticate humans.
• Something the user knows (e.g., secret passphrase, password, personal knowledge, etc.)
• Something the user has (e.g., identity card, smartcard, security token, phone, etc.)
• Something the user is (e.g., how they look, how they behave, fingerprint, DNA, etc.)
Everyone is accustomed to using passwords to log in to computer systems. ...