Phone factor authentication
First Claim
1. A method comprising:
- receiving, by an identity management application running on a user computer, a request to authenticate a user to access a user application using the user computer;
determining, by the identity management application running on the user computer, that a mobile device associated with the user is connected to the user computer using a short distance wireless connection;
requesting, by the identity management application running on the user computer, authentication information for the user from the mobile device over the short distance wireless connection;
receiving, by the identity management application running on the user computer, the authentication information for the user from the mobile device over the short distance wireless connection, wherein the authentication information is provided by the mobile device after receipt from a remote identity management system; and
in response to receiving the authentication information, authenticating the user to access the user application using the user computer, comprising;
sending, by the user computer, the received authentication information to the remote identity management system;
receiving, by the identity management application, confirmation of user authentication from the remote identity management system based on the authentication information provided to the mobile device and received from the user computer;
determining, by the identity management application running on the user computer, that the mobile device is no longer connected to the user computer using the short distance wireless connection; and
in response, revoking the authentication for the user to access the user application using the user computer.
4 Assignments
0 Petitions
Accused Products
Abstract
Systems and techniques are described for authenticating a user. A described technique includes receiving, by an identity management application running on a user computer, a request to authenticate a user to access a user application using the user computer. The technique includes determining, by the identity management application, that a mobile device associated with the user is connected to the user computer using a short distance wireless connection. The technique includes requesting, by the identity management application running on the user computer, authentication information for the user from the mobile device over the short distance wireless connection. The technique includes receiving, by the identity management application running on the user computer, the authentication information for the user from the mobile device over the short distance wireless connection. In response to receiving the authentication information, the technique includes authenticating the user to access the user application using the user computer.
-
Citations
17 Claims
-
1. A method comprising:
-
receiving, by an identity management application running on a user computer, a request to authenticate a user to access a user application using the user computer; determining, by the identity management application running on the user computer, that a mobile device associated with the user is connected to the user computer using a short distance wireless connection; requesting, by the identity management application running on the user computer, authentication information for the user from the mobile device over the short distance wireless connection; receiving, by the identity management application running on the user computer, the authentication information for the user from the mobile device over the short distance wireless connection, wherein the authentication information is provided by the mobile device after receipt from a remote identity management system; and in response to receiving the authentication information, authenticating the user to access the user application using the user computer, comprising; sending, by the user computer, the received authentication information to the remote identity management system; receiving, by the identity management application, confirmation of user authentication from the remote identity management system based on the authentication information provided to the mobile device and received from the user computer; determining, by the identity management application running on the user computer, that the mobile device is no longer connected to the user computer using the short distance wireless connection; and in response, revoking the authentication for the user to access the user application using the user computer. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system comprising:
-
one or more computers; and one or more storage devices encoded with instructions that when executed by the one or more computers cause the one or more computers to perform operations comprising; receiving a request to authenticate a user to access a user application using a user computer; determining that a mobile device associated with the user is connected to the user computer using a short distance wireless connection; requesting authentication information for the user from the mobile device over the short distance wireless connection; receiving the authentication information for the user from the mobile device over the short distance wireless connection, wherein the authentication information is provided by the mobile device after receipt from a remote identity management system; and in response to receiving the authentication information, authenticating the user to access the user application using the user computer, comprising; sending, by the user computer, the received authentication information to the remote identity management system; and receiving, by the identity management application, confirmation of user authentication from the remote identity management system based on the authentication information provided to the mobile device and received from the user computer; determining, by the identity management application running on the user computer, that the mobile device is no longer connected to the user computer using the short distance wireless connection; and in response, revoking the authentication for the user to access the user application using the user computer. - View Dependent Claims (10, 11, 12, 13)
-
-
14. One or more non-transitory computer readable media storing instructions that when executed by one or more computers cause the one or more computers to perform operations comprising:
-
receiving, by an identity management application running on a user computer, a request to authenticate a user to access a user application using the user computer; determining, by the identity management application running on the user computer, that a mobile device associated with the user is connected to the user computer using a short distance wireless connection; requesting, by the identity management application running on the user computer, authentication information for the user from the mobile device over the short distance wireless connection; receiving, by the identity management application running on the user computer, the authentication information for the user from the mobile device over the short distance wireless connection, wherein the authentication information is provided by the mobile device after receipt from a remote identity management system; and in response to receiving the authentication information, authenticating the user to access the user application using the user computer, comprising; sending, by the user computer, the received authentication information to the remote identity management system; and receiving, by the identity management application, confirmation of user authentication from the remote identity management system based on the authentication information provided to the mobile device and received from the user computer; determining, by the identity management application running on the user computer, that the mobile device is no longer connected to the user computer using the short distance wireless connection; and in response, revoking the authentication for the user to access the user application using the user computer. - View Dependent Claims (15, 16, 17)
-
Specification