User authentication based on tracked activity

What is claimed is: 1. An apparatus comprising: a controller comprising one or more of hardware circuits, a programmable hardware device and a processor executing code, the controller configured to: electronically track one or more activities of a user, wherein electronically tracking the one or more activities comprises obtaining information about at least one activity from an electronic device of the user; determine that the electronic device has not been stolen based on a successful authentication of the user via the electronic device; identify a subset of the one or more electronically tracked activities, for which information was obtained from the electronic device prior to the successful authentication, as verified activities of the user; present an authentication challenge to the user via a user interface for the electronic device, at a time subsequent to determining that the electronic device has not been stolen, the authentication challenge based on at least one activity from the subset of verified activities for the user; and determine whether to authenticate the user for access to one or more resources via the electronic device, based on the user's response to the authentication challenge. 2. The apparatus of claim 1 , wherein the controller is further configured to determine whether an authentication trigger has occurred, the authentication trigger based on one or more of a time since a previous authentication, an attempt to access a resource, an attempt to perform an operation, and a location for the user, wherein the controller presents the authentication challenge in response to determining that the authentication trigger has occurred. 3. The apparatus of claim 1 , wherein electronically tracking the one or more activities of the user comprises gathering information about one or more of a location for the user, an internet resource accessed by the user, an application used by the user, an electronic file accessed by the user, an interaction with another user, a financial transaction by the user, and a wireless network joined by the user. 4. The apparatus of claim 1 , wherein the authentication challenge comprises a query such that a correct answer to the query involves the user's knowledge of the one or more activities. 5. The apparatus of claim 1 , wherein a difficulty of the authentication challenge is based on a risk related to the one or more electronically tracked activities. 6. The apparatus of claim 5 , wherein the difficulty of the authentication challenge increases based on an incorrect response to a previous authentication challenge, and wherein the controller is configured to deny access to the one or more resources in response to a limit of incorrect responses being reached. 7. The apparatus of claim 1 , wherein the controller is configured to deny access to the one or more resources based on an incorrect response to the authentication challenge. 8. The apparatus of claim 7 , wherein the controller is configured to lock the electronic device in response to a predetermined number of incorrect responses to authentication challenges. 9. The apparatus of claim 1 , wherein the controller is configured to grant access to the one or more resources based on a correct response to the authentication challenge. 10. A method comprising: electronically tracking one or more activities of a user, wherein electronically tracking the one or more activities comprises obtaining information about at least one activity from an electronic device of the user; determining that the electronic device has not been stolen based on a successful authentication of the user via the electronic device; identifying a subset of the one or more electronically tracked activities, for which information was obtained from the electronic device prior to the successful authentication, as verified activities of the user; presenting an authentication challenge to the user via a user interface for the electronic device, at a time subsequent to determining that the electronic device has not been stolen, the authentication challenge based on at least one activity from the subset of verified activities for the user; and determining whether to authenticate the user for access to one or more resources via the electronic device, based on the user's response to the authentication challenge. 11. The method of claim 10 , further comprising determining whether an authentication trigger has occurred, the authentication trigger based on one or more of a time since a previous authentication, an attempt to access a resource, an attempt to perform an operation, and a location for the user, wherein presenting the authentication challenge is in response to determining that the authentication trigger has occurred. 12. The method of claim 10 , wherein electronically tracking the one or more activities of the user comprises gathering information about one or more of a location for the user, an internet resource accessed by the user, an application used by the user, an electronic file accessed by the user, an interaction with another user, a financial transaction by the user, and a wireless network joined by the user. 13. The method of claim 10 , wherein the authentication challenge comprises a query such that a correct answer to the query involves the user's knowledge of the one or more activities. 14. The method of claim 10 , wherein a difficulty of the authentication challenge is based on a risk related to the one or more electronically tracked activities. 15. The method of claim 10 , further comprising denying access to the one or more resources based on an incorrect response to the authentication challenge. 16. The method of claim 10 , further comprising granting access to the one or more resources based on a correct response to the authentication challenge. 17. A program product comprising a non-transitory computer readable storage medium that stores code executable by a processor, the executable code comprising code to perform: electronically tracking one or more activities of a user, wherein electronically tracking the one or more activities comprises obtaining information about at least one activity from an electronic device of the user; determining that the electronic device has not been stolen based on a successful authentication of the user via the electronic device; identifying a subset of the one or more electronically tracked activities, for which information was obtained from the electronic device prior to the successful authentication, as verified activities of the user; presenting an authentication challenge to the user via a user interface for the electronic device, at a time subsequent to determining that the electronic device has not been stolen, the authentication challenge based on at least one activity from the subset of verified activities for the user; and determining whether to authenticate the user for access to one or more resources via the electronic device, based on the user's response to the authentication challenge. 18. The program product of claim 17 , the executable code further comprising code to perform: determining whether an authentication trigger has occurred, the authentication trigger based on one or more of a time since a previous authentication, an attempt to access a resource, an attempt to perform an operation, and a location for the user, wherein presenting the authentication challenge is in response to determining that the authentication trigger has occurred.