Device, system, and method of recovery and resetting of user authentication factor
First Claim
1. A method comprising:
- (AA) monitoring input-user interactions of a user, that utilizes an electronic device to access a computerized service;
(BB) analyzing said input-user interactions, and identifying a particular word that the user typed multiple times in a user-specific typing manner;
subsequently,(CC) determining that a current user, that (i) fails to perform an authentication process for accessing said computerized service or (ii) requests to perform a reset process for a user-authentication factor of said computerized service, is a genuine user that is authorized to reset said user-authentication factor of said computerized service, by performing;
(a) constructing a unique multiple-word phrase, which comprises (i) said particular word that was identified in step (BB), and also (ii) one or more other words; and
presenting to the current user a fresh task that requires the current user to type said unique multiple-word phrase;
(b) monitoring a fresh manner in which the current user types said unique multiple-word phrase;
(c) determining whether or not fresh typing of said unique multiple-word phrase as monitored in step (b), exhibits during typing of said particular word the user-specific typing manner that was identified in step (BB) during repeated previous typing of said particular word;
(d) if the determining of step (c) is positive, then determining that the current user is the genuine user that is authorized to reset said user-authentication factor of said service.
6 Assignments
0 Petitions
Accused Products
Abstract
Devices, systems, and methods of password recovery and password reset, as well as resetting or recovering other types of user-authentication factor. A system monitors and tracks user-interactions that are performed by a user of an electronic device or a computerized service. The system defines a user-specific task or challenge, in which the user is requested to enter a phrase or perform a task. A user-specific feature is extracted from the manner in which the user performs the task. Subsequently, that user-specific feature is utilized instead of a security question, in order to verify the identity of the user and to allow the user to perform password reset or to perform a reset of another user-authentication factor; by presenting to the user the same task or a similar task, and monitoring the manner in which the user performs the fresh task.
-
Citations
7 Claims
-
1. A method comprising:
-
(AA) monitoring input-user interactions of a user, that utilizes an electronic device to access a computerized service; (BB) analyzing said input-user interactions, and identifying a particular word that the user typed multiple times in a user-specific typing manner; subsequently, (CC) determining that a current user, that (i) fails to perform an authentication process for accessing said computerized service or (ii) requests to perform a reset process for a user-authentication factor of said computerized service, is a genuine user that is authorized to reset said user-authentication factor of said computerized service, by performing; (a) constructing a unique multiple-word phrase, which comprises (i) said particular word that was identified in step (BB), and also (ii) one or more other words; and
presenting to the current user a fresh task that requires the current user to type said unique multiple-word phrase;(b) monitoring a fresh manner in which the current user types said unique multiple-word phrase; (c) determining whether or not fresh typing of said unique multiple-word phrase as monitored in step (b), exhibits during typing of said particular word the user-specific typing manner that was identified in step (BB) during repeated previous typing of said particular word; (d) if the determining of step (c) is positive, then determining that the current user is the genuine user that is authorized to reset said user-authentication factor of said service. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
Specification