A method,
system and
computer program is provided for protecting against one or more security attacks from third parties directed at obtaining user credentials on an unauthorized basis, as between a
client computer associated with a user and a
server computer is provided. The
server computer defines a trusted
Public Key Cryptography utility for use on the
client computer. The
Public Key Cryptography utility is operable to perform one or more cryptographic operations consisting of encrypting / decrypting data, authenticating data, and / or authenticating a sender, decrypting and / or verifying data. The user authenticates to the
Public Key Cryptography utility, thereby invoking the accessing of user credentials associated with the user, as defined by the
server computer. The Public
Key Cryptography Utility facilitates the communication of the user credentials to the server computer, whether directly or indirectly via an
authentication agent, the server computer thereby authenticating the user. In response, the server computer providing access to one or more
system resources linked to the server computer to the user. The present invention also provides a series of methods enabling the server computer to authenticate the user by operation of the Public
Key Cryptography utility and / or based on enrolment of the user and providing the Public
Key Cryptography utility to the user.