×

Systems and methods for maintaining split knowledge of web-based accounts

  • US 10,068,082 B1
  • Filed: 11/16/2017
  • Issued: 09/04/2018
  • Est. Priority Date: 11/16/2017
  • Status: Active Grant
First Claim
Patent Images

1. A computerized method of enabling multi-factor authentication for a web-based account, the method comprising:

  • providing a first computing device accessible to a first user and configured with Internet access, a second computing device accessible to the first user, and a backend system accessible to a second user, the backend system in communication with the second computing device via a secure communication network, the backend system having a time-based one-time password (TOTP) token generator and an application programming interface;

    creating, by the first user, a web-based account having account details including a username and an account password;

    requesting, by the first user, via the first computing device, to enable multi-factor authentication for the web-based account;

    displaying, for the first user, via the first computing device, a multi-factor authentication initiation screen including secret information and at least one data field for entering at least one TOTP token;

    capturing, by the second computing device, the secret information in memory;

    transmitting, by the second computing device, the secret information over the secure communication network to the backend system via the application programming interface;

    generating, by the second user, using the TOTP token generator, the at least one TOTP token;

    transmitting, by the second user, via the application programming interface, the at least one TOTP token to the second computing device, the second computing device displaying the at least one TOTP token on a token screen;

    entering, by the first user, via the multi-factor authentication initiation screen, the at least one TOTP token into a corresponding data field of the at least one data field; and

    receiving, by the first computing device, from the web-based account, validation of the at least one TOTP token,wherein only the first user has access to the account password and only the second user has access to the TOTP token generator.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×