"determining, in response to the authentication request, data including a timestamp, a remote IP address, and a local IP address associated with the client for a user, wherein the data including the IP remote address and the local IP address further comprises the timestamp associated with the user that is exclusive or'ed with a cryptographically strong digest of a concatenation of the IP remote add" . . . .