Method of dynamically adapting a secure graphical password sequence

US 10,169,565 B2
Filed: 10/09/2017
Issued: 01/01/2019
Est. Priority Date: 03/27/2014
Status: Active Grant

First Claim

Patent Images

1. A method of dynamically adapting a secure graphical password sequence by executing computer-executable instructions stored on a non-transitory computer-readable medium comprising:

providing a computing device;

the computing device performing;

authenticating a user to request access to a restricted user account on the computing device;

defining a plurality of element selection requirements for a password sequence;

defining a plurality of preferences for the password sequence and a selection grid, the selection grid being used to input the password sequence;

dynamically generating the selection grid from the element selection requirements and the plurality of preferences, the selection grid comprising a plurality of grid cells containing at least one graphical element from a plurality of graphical elements, each of the graphical elements being associated with at least one element category and an authentication value;

displaying a user interface with the selection grid;

receiving a plurality of cell selections as the password sequence, each of the cell selections corresponding to one of the grid cells and corresponding to one of a plurality of sequential locations in the password sequence;

comparing the password sequence to the element selection requirements in order to authenticate the password sequence as a valid password sequence;

rejecting the password sequence as a current invalid password sequence;

accepting the password sequence as a current valid password sequence in response to determining the password sequence as valid; and

providing the access to the restricted user account in response to authenticating the user requesting the access with the current valid password sequence;

allowing the user to update parameters of the password sequence via successful or unsuccessful logins over time;

adding at least one additional layer of complexity to the element selection requirements in response to finding the pattern similarities between the current and previous invalid password sequences; and

randomizing or increasing or decreasing a probability of displaying incorrect selections.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of dynamically adapting a secure graphical password sequence provides a secure means to access a restricted account through a dynamic password defined by element selection requirements. A selection grid is dynamically generated with graphical elements, and a password sequence is inputted by selecting certain grid cells containing graphical elements. Various preferences provide full customizability for the dynamic password, and security measures increase the difficulty of an undesirable user ascertaining the element selection requirements. The dynamic password can adapt over time through user input by designating one of the sequential locations of the password sequence as a sequence updating parameter.

Citations

30 Claims

1. A method of dynamically adapting a secure graphical password sequence by executing computer-executable instructions stored on a non-transitory computer-readable medium comprising:
- providing a computing device;
  
  the computing device performing;
  
  authenticating a user to request access to a restricted user account on the computing device;
  
  defining a plurality of element selection requirements for a password sequence;
  
  defining a plurality of preferences for the password sequence and a selection grid, the selection grid being used to input the password sequence;
  
  dynamically generating the selection grid from the element selection requirements and the plurality of preferences, the selection grid comprising a plurality of grid cells containing at least one graphical element from a plurality of graphical elements, each of the graphical elements being associated with at least one element category and an authentication value;
  
  displaying a user interface with the selection grid;
  
  receiving a plurality of cell selections as the password sequence, each of the cell selections corresponding to one of the grid cells and corresponding to one of a plurality of sequential locations in the password sequence;
  
  comparing the password sequence to the element selection requirements in order to authenticate the password sequence as a valid password sequence;
  
  rejecting the password sequence as a current invalid password sequence;
  
  accepting the password sequence as a current valid password sequence in response to determining the password sequence as valid; and
  
  providing the access to the restricted user account in response to authenticating the user requesting the access with the current valid password sequence;
  
  allowing the user to update parameters of the password sequence via successful or unsuccessful logins over time;
  
  adding at least one additional layer of complexity to the element selection requirements in response to finding the pattern similarities between the current and previous invalid password sequences; and
  
  randomizing or increasing or decreasing a probability of displaying incorrect selections.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 2. The method of claim 1, wherein the computing device performs:
    - adding the at least one additional layer of complexity to the element selection requirements comprising adding a plurality of additional layers of complexity to the element selection requirements.
  - 3. The method of claim 1, wherein the computing device performs:
    - adding the at least one additional layer of complexity to the element selection requirements comprising adding a layer of complexity to the element selection requirements; and
      
      adding the layer of complexity to the element selection requirements comprising determining the pattern of similarities between current and previous short term, medium term and long term valid and invalid password sequences and selecting to present the selection grid so as to increases the complexity for another user to find the pattern of similarities, or finding the pattern of correct or incorrect parameters over time.
  - 4. The method of claim 1, wherein the computing device performs:
    - adding the at least one additional layer of complexity to the element selection requirements comprising adding a layer of complexity to the element selection requirements; and
      
      adding the layer of complexity to the element selection requirements comprising increasing the number of the graphical elements displayed within each grid cell of the plurality of grid cells, or additional grid cells with the same level of complexity, in the selection grid in the subsequent authentication attempts if a malicious pattern is detected.
  - 5. The method of claim 1, wherein the computing device performs:
    - displaying a plurality of correct selections on the selection grid, the correct selections corresponding to graphical elements which meet the element selection requirements.
  - 6. The method of claim 1, wherein the computing device performs:
    - displaying a plurality of incorrect selections on the selection grid, the incorrect selections corresponding to graphical elements which do not meet the element selection requirements and are either negative in value or of zero authentication value.
  - 7. The method of claim 1, wherein the computing device performs:
    - providing a plurality of categories for the graphical elements, each of the categories comprising a plurality of category elements;
      
      designating a first subset of elements from the category elements of one of the categories as correct selections for the password sequence; and
      
      designating a second subset of elements from the category elements of one of the categories as incorrect selections for the password sequence.
  - 8. The method of claim 1, wherein the computing device performs:
    - designating a minimum authentication score for the password sequence;
      
      tallying the authentication value of each of the graphical elements of the grid selections to produce a total sequence value; and
      
      authenticating the password sequence as the valid password sequence in response to the total sequence value being equal to the minimum authentication score.
  - 9. The method of claim 1, wherein the computing device performs:
    - designating a minimum authentication score or randomizing a minimum authentication score via an algorithm for the password sequence;
      
      tallying the authentication value for each of the graphical elements of the grid selections to produce a total sequence value; and
      
      authenticating the password sequence as the valid password sequence in response to the total sequence value being greater than the minimum authentication score.
  - 10. The method of claim 1, wherein the computing device performs:
    - designating a sequence length requirement or randomizing a sequence length requirement via an algorithm for the password sequence as one of the element selection requirements, the sequence length requirement designating a required number of cell selections;
      
      rejecting the password sequence in response to the password sequence not meeting the sequence length requirement; and
      
      rejecting the password sequence in response to the number of cell selections being less than or larger than the sequence length requirement.
  - 11. The method of claim 1, wherein the computing device performs:
    - designating one of the sequential locations in the password sequence as a sequence updating parameter;
      
      designating an element update threshold;
      
      receiving a specific graphical element as the sequence updating parameter; and
      
      updating the authentication value of the specific graphical element in response to the specific graphical element being received as the sequence updating parameter a number of times corresponding to the element update threshold.
  - 12. The method of claim 11, wherein the computing device performs:
    - increasing the authentication value of the specific graphical element in response to the specific graphical element being received as a correct entry in the password sequence a number of times equal to the element update threshold.
  - 13. The method of claim 11, wherein the computing device performs:
    - decreasing the authentication value of the specific graphical element in response to the specific graphical element being received as an incorrect entry in the password sequence a number of times equal to the element update threshold.
  - 14. The method of claim 11, wherein the computing device performs:
    - allowing the user to manually update the sequence updating parameter; and
      
      allowing the user to manually update any of the selection parameters.
  - 15. The method of claim 11, wherein the computing device performs:
    - adding the specific graphical element as a new element selection requirement for the valid password sequence in response to the specific graphical element being received as a new element selection a number of times equal to the element update threshold.
  - 16. The method of claim 1, wherein the computing device performs:
    - randomly distributing the graphical elements across the selection grid.
  - 17. The method of claim 1, wherein the computing device performs:
    - assigning a priority value to each of the preferences; and
      
      executing each of the preferences in order from highest to lowest priority in order to generate the selection grid.
  - 18. The method of claim 1, wherein the computing device performs:
    - assigning an activity identifier to each of the preferences;
      
      executing a specific preference in response to the activity identifier of the specific preference being active; and
      
      ignoring the specific preference in response to the activity identifier of the specific preference being inactive.
  - 19. The method of claim 1, wherein the computing device performs:
    - compiling an aggregated login attempt history from the received password sequence and previous received password sequences;
      
      updating the element selection requirements from the aggregated login attempt history;
      
      searching the aggregated login attempt history for previous invalid password sequences; and
      
      comparing the current invalid password sequence to the previous invalid password sequences in order to find pattern similarities between the current invalid password sequence and the previous invalid password sequences.
  - 20. The method of claim 1, wherein the computing device performs:
    - adding at least one additional personalized preference into the plurality of preferences, the at least one additional personalized preference being determined by the user.
  - 21. The method of claim 1, wherein the user being a personnel.
  - 22. The method of claim 1 comprising:
    - providing another computing device, the user being the another computing device.
  - 23. The method of claim 1, wherein the user interface comprises an element selected from the group consisting of a retina detector, a camera, a fingerprint detector, a biometrics analyzer, a DNA analyzer, a voice detector, a sound detector, a computer mouse, a touch screen, a touch pad, a virtual touch glove, a keyboard, a magnetic card, smart electronic glasses, smart electronic watch, smart electronic other computing accessories, portable storage devices, cloud storage, GPS, RFID, smart chip, a USB port and a Bluetooth.
  - 24. The method of claim 1, wherein the password sequence is configured to be used for any transactions that holds value for a user whether that be financial, media, memories, legal documents, serving as an identification mechanism, online access, portable storage access, cloud storage, messaging, medical documents, social interactions online, offline access, virtual wallet key, a computer software, a voting registration or an information delivery.
  - 25. The method of claim 1, wherein the plurality of preferences comprises double selecting one grid when presented with the selection grid.
  - 26. The method of claim 1, wherein the plurality of preferences comprise creating custom rules for any one selection such that a scoring behavior is changed based on conditions set by the user.
  - 27. The method of claim 1, wherein the plurality of preferences comprise forcing the correct answer to the selection grid to ensuring that the user selects one incorrect preference.
  - 28. The method of claim 1, wherein the plurality of preferences comprise allowing the selection grid to vary in size or shape on each log in attempt.
  - 29. The method of claim 1, wherein the plurality of preferences comprise allowing the selection grid to present the grid in small sets one by one instead of presenting the entire grid at once.
  - 30. The method of claim 1, wherein the password sequence is configured to be used offline for bank safe or home/commercial security system or starting a car.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Yahya Zia
Original Assignee
Yahya Zia
Inventors
Zia, Yahya
Primary Examiner(s)
Lemma, Samson B

Application Number

US15/728,249
Publication Number

US 20180032714A1
Time in Patent Office

449 Days
Field of Search

726 7
US Class Current
CPC Class Codes

G06F 21/36   by graphic or iconic repres...

G06F 21/46   by designing passwords or c...

H04L 63/083   using passwords cryptograph...

Method of dynamically adapting a secure graphical password sequence

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

Method of dynamically adapting a secure graphical password sequence

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links