Abstract: A method, system, server processing system and computer readable medium for authenticating a user attempting to access a secure environment is disclosed. In one aspect, the server processing system is configured to: receive an authentication request to authenticate the user attempting to access the secure environment; transfer, to the user or a user device associated with the user, an index corresponding to a selected key from a keymap; receive data indicative of a code which is based on the selected key presented by the user device and a personal identifier, and determine, using the code whether the user is authenticated. Advantageously, the server processing system never stores nor receives data directly indicative of the personal identifier such that no one else is able to determine the personal identifier, not even an employee of the secure environment which the user is attempting to access.

Abstract: A method, system, server processing system and computer readable medium for authenticating a user attempting to access a secure environment is disclosed. In one aspect, the server processing system is configured to: receive an authentication request to authenticate the user attempting to access the secure environment; transfer, to the user or a user device associated with the user, an index corresponding to a selected key from a keymap; receive data indicative of a code which is based on the selected key presented by the user device and a personal identifier, and determine, using the code whether the user is authenticated. Advantageously, the server processing system never stores nor receives data directly indicative of the personal identifier such that no one else is able to determine the personal identifier, not even an employee of the secure environment which the user is attempting to access.