An interactive client-server authentication system and method are based on
Random Partial Pattern Recognition algorithm (RPPR). In RPPR, an ordered
set of data fields is stored for a client to be authenticated in secure
memory. An authentication server presents a clue to the client via a
communication medium, such positions in the ordered set of a random
subset of data fields from the ordered set. The client enters input data
in multiple fields according to the clue, and the server accepts the
input data from the client via a data communication medium. The input
data corresponds to the field contents for the data fields at the
identified positions of the random subset of data fields. The server then
determines whether the input data matches the field contents of
corresponding data fields in a random subset.