User authentication using client-side browse history
First Claim
1. A computer-implemented method, comprising:
- receiving, by a computer system from a computing device, a request for a first web page of a web site, wherein;
the first web page comprises a universal resource locator (URL) of a second web page first code, and second code,the first code is configured to, upon execution at the computing device;
determine whether the URL is present in a browser history stored at the computing device, the browser history comprising a list of URLs,determine, based at least in part on presence of the URL in the list of URLs of the browser history, a color attribute of the URL in the list and whether a state of the URL is a visited state, the visited state representing a change to the state of the URL, the color attribute and the change indicating that the second web page was presented by the computing device prior to receiving the request for the login web page, anddetermine, based at least in part on the state, whether the second web page was accessed by the computing device prior to receiving the request for the first web page, andthe second code is configured to;
execute at the computing device after a predefined time delay relative to providing the first web page, whereas the predetermined time delay have a value greater than zero, anddetermine access to a third web page of the web site based at least in part on execution of the second code after elapse of the predefined time delay,providing, by the computer system to the computing device, the first web page based at least in part on the request;
receiving, by the computer system from the computing device, a first indication that the second web page was accessed prior to the request for the first web page and a second indication that the third web page was accessed, the first indication received based at least in part on a determination by the code of the presence of the URL, the color attribute, and the state of the URL being the visited state upon an execution of the code at the computing device, and the second indication received based at least in part on the execution of the second code after the elapse of the predefined time delay; and
authenticating, by the computer system, the user account based at least in part on the first indication and the second indication.
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques for authenticating a user may be described. In particular, a network-based document may be provided to a computing system of a user. The network-based document may include code and an identifier of another network-based document. The code may be configured to, upon execution, determine whether the other network-based document was accessed prior to providing the network-based document to the computing system. The other network-based document may be accessible to the user based on an identifier of the user. An indication that the other network-based document was accessed may be determined. For example, the indication may be received from the computing system based on an execution of the code at the computing system. The user may be authenticated based on the indication.
78 Citations
20 Claims
-
1. A computer-implemented method, comprising:
-
receiving, by a computer system from a computing device, a request for a first web page of a web site, wherein; the first web page comprises a universal resource locator (URL) of a second web page first code, and second code, the first code is configured to, upon execution at the computing device; determine whether the URL is present in a browser history stored at the computing device, the browser history comprising a list of URLs, determine, based at least in part on presence of the URL in the list of URLs of the browser history, a color attribute of the URL in the list and whether a state of the URL is a visited state, the visited state representing a change to the state of the URL, the color attribute and the change indicating that the second web page was presented by the computing device prior to receiving the request for the login web page, and determine, based at least in part on the state, whether the second web page was accessed by the computing device prior to receiving the request for the first web page, and the second code is configured to; execute at the computing device after a predefined time delay relative to providing the first web page, whereas the predetermined time delay have a value greater than zero, and determine access to a third web page of the web site based at least in part on execution of the second code after elapse of the predefined time delay, providing, by the computer system to the computing device, the first web page based at least in part on the request; receiving, by the computer system from the computing device, a first indication that the second web page was accessed prior to the request for the first web page and a second indication that the third web page was accessed, the first indication received based at least in part on a determination by the code of the presence of the URL, the color attribute, and the state of the URL being the visited state upon an execution of the code at the computing device, and the second indication received based at least in part on the execution of the second code after the elapse of the predefined time delay; and authenticating, by the computer system, the user account based at least in part on the first indication and the second indication. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. One or more non-transitory computer-readable media comprising instructions that, when executed with one or more processors, cause a system to at least:
-
provide, to a computing system associated with a user account, a first network-based document of a network-based resource, wherein; the first network-based document comprises first code, second code, and a document network address of a second network-based document, and the first code is configured at least to, upon execution; determine whether the document network address is present in a history stored at the computing system, the history comprising a list of document network addresses, determine, based at least in part on presence of the document network address in the list of the history, whether a state of the document network address is a visited state, the visited state representing a change to the state of the document network address, the change indicating that the second network-based document was presented by the computing system prior to a request of the computing system for the first network-based document, and determine, based at least in part on the state, whether the second network-based document was accessed by the computing system prior to the request of the computing system for the first network-based document, and the second code is configured to; execute at the computing system after a predefined time delay relative to providing the first network-based document, whereas the predetermined time delay have a value greater than zero, and determine access to a third network-based document of the network-based resource based at least in part on execution of the second code after elapse of the predefined time delay, determine a first indication that the second network-based document was accessed prior to the request based at least in part on a determination of the presence of the document network address and the state being the visited state upon an execution of the code at the computing system; determine a second indication that the third network-based document was accessed based at least in part on the execution of the second code after the elapse of the predefined time delay; and authenticate the user account based at least in part on the first indication and the second indication. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14)
-
-
15. A computing system comprising:
-
one or more hardware processors; one or more non-transitory computer-readable media comprising instructions that, when executed with the one or more processors, cause the computing system to at least; receive, from a system, a first network-based document of a network-based resource based at least in part on a request from the computing system for the first network-based document, wherein the first network-based document is associated with a user account and comprises first code, second code, and a document network address of a second network-based document based at least in part on an execution of the first code; determine that the document network address is present in a history stored at the computing system, the history comprising a list of document network addresses, determine, based at least in part on presence of the document network address in the history, whether a state of the document network address is a visited state, the visited state representing a change to the state of the document network address, the change indicating that the second network-based document was presented by the computing system prior to the request for the first network-based document, and determine, based at least in part on the state being the visited state, that the document network address was accessed by the computing system prior to the request for the first network-based document; determine access to a third network-based document of the network-based resource based at least in part on an execution of the second code after an elapse of a time delay for executing the second code relative to receiving the first network-based document, whereas the time delay have a value greater than zero; and send, to the system, a first indication that the second network-based document was accessed prior to request for the first network-based document and a second indication that the third network-based document was accessed, wherein the user account is authenticated by the system based at least in part on the first indication and the second indication. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification