Today’s web applications are facing all kind of security intrusions commonly derived from Password cracking attacks. The user itself could even write the password somewhere accessible to untrusted parties making it easy for identity thieves access private information or worst, take over the user account. One of the most effective ways to address this situation is requiring additional secrets that