×

Devices, systems and computer-implemented methods for preventing password leakage in phishing attacks

  • US 10,356,125 B2
  • Filed: 05/26/2017
  • Issued: 07/16/2019
  • Est. Priority Date: 05/26/2017
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented method of preventing leakage of user credentials to phishing websites, comprising:

  • capturing user credentials input to a webpage of a website;

    generating a hash of the captured user credentials;

    updating a stored list of trusted website credentials with the generated hashed user credentials upon determining that the domain of a Uniform Resource Locator (URL) of the website to which the user credentials were input is present in a stored list of trusted websites;

    in response to determining that the domain of the URL of the website to which the user credentials were input is not present in the stored list of trusted websites, determining whether the generated hashed user credentials matches one of a plurality of hashed user credentials in the list of trusted website credentials; and

    subsequentlywhen the generated hashed user credentials matches a hashed user credential in the list of trusted website credentials, requesting input indicative of whether the URL of the website is trusted or whether the URL of the website is unknown and/or untrusted;

    when the requested input indicates that URL of the website is unknown and/or untrusted, sending the URL of the website to a remote computer server over a computer network and disallowing submission of the user credentials to the website; and

    in response to the requested input indicating that the URL of website is trusted, adding the domain of the URL of the website to the stored list of trusted websites, adding the generated hash of the captured user credentials to the stored list of trusted website credentials and allowing the user credentials to be submitted to the website.

View all claims
  • 7 Assignments
Timeline View
Assignment View
    ×
    ×