1. Introduction
There are several ways for users to authenticate themselves in computing systems. Besides the standard use of passwords there are many advanced mechanisms or methods for users to login into a system. Those technologies include the use of smartcards, remote frequency identification tags, biometrics, pattern recognition, picture-based authentication (i.e. select a number of pictures using the right sequence, or point out a specific pixel location on a picture) etc. ([1], [2], [3]). Most of these methods however are prone to failure, albeit at a low rate and thus, along with any of the above authentication methods usually comes a password option that will provide an alternative for authenticating the user. This fact makes the recovery of such passwords an important issue, especially for reasons of business continuity and in the context discussed in this paper, for incident investigation.