Usual password schemes suffer from the flaw that they are easy to steal. An attacker who has correctly observed a login session (by peeping, wiretapping and/or by launching a "man-in-the-middle" attack, etc.) can easily ...