Most users need a unique password for every enterprise application, causing an exponential growth rate in passwords. Unfortunately, most applications provide no easy way - or no way at all - to centrally control user passwords. As a result, users create passwords that are often easy-to-guess derivatives of names, Social Security numbers, and birthdays. These "Obvious" passwords make it easy for unauthorized users to gain access to enterprise applications and data. Moreover, authorized users frequently lose or forget their passwords, creating a significant password management burden on IT support.