In today’s world every system we interact with, we need to identify ourselves. And How do we identify? Using id and passwords. This is a very effective solution but has its own caveats. First of all, passwords can be easily brute-forced using dictionary attacks. To circumvent this, we need to enforce strict password policies. Which means the password is generally not easy to remember and it needs to be changed every month or so. So now if you are interacting N number of applications you need to remember N number of not easy to remember passwords and need to change all of them monthly.