A
password management service located either on a user computer or in the cloud intercepts a user's attempt to create an account on a
Web site. The user enters a sequence of a physical key combination and the service assigns a particular
keyboard layout for this
Web site. The service generates a
password by combining the key combination with the assigned
keyboard layout and returns this
password to the user or to the
Web site. The service stores the name of the Web site in association with the designated
keyboard layout. Upon a subsequent login attempt, the service again intercepts the user's
typing of the same physical key combination, generates the same password by combining the key combination with the previously assigned and stored keyboard
layout, and returns the generated password to the Web site for
authentication. A keyboard
layout for
a site may be chosen by the user, may be selected by the service, or a random
layout may be generated. The service enforces a password constraint of
a site by adding in the required characters, by requiring the user to choose a new key combination, or by using a different keyboard layout.