Auto-creation of application passwords
First Claim
Patent Images
1. A method, comprising:
- detecting, by one or more server computers, an attempt, by an application on a client device, to log in to a user account associated with the application using a first password, the one or more server computers being configured to implement a two-factor authentication process;
determining, by the one or more server computers, that the first password is stored in account information for the user account as the first factor of the two-factor authentication process;
obtaining, by the one or more server computers, device information associated with the client device, the device information including a device identifier of the client device and a geographic location of the client device;
obtaining, by the one or more server computers, historical login information associated with the user account;
determining, by the one or more server computers from the historical login information and the device information, at least one of a number of times that the client device has previously logged in to the user account from the geographic location or a recency with which the client device has previously logged in to the user account from the geographic location;
determining, by the one or more server computers, whether the client device is a trusted device based, at least in part, on at least one of the number of times that the client device has previously logged in to the user account from the geographic location or the recency with which the client device has previously logged in to the user account from the geographic location;
generating and storing, by the one or more server computers, without human intervention, a second password in association with the client device and the user account at least in part in response to determining that the client device is a trusted device andlogging, by the one or more server computers, the application into the user account using the second password as the second factor of the two-factor authentication process.
5 Assignments
0 Petitions
Accused Products
Abstract
In one embodiment, an attempt to log in to a user account, by an application on a client device, is detected. It is determined whether the client device is a trusted device. An application password is generated and stored, by a server, in association with the client device and the user account based, at least in part, upon whether the client device is a trusted device.
-
Citations
22 Claims
-
1. A method, comprising:
-
detecting, by one or more server computers, an attempt, by an application on a client device, to log in to a user account associated with the application using a first password, the one or more server computers being configured to implement a two-factor authentication process; determining, by the one or more server computers, that the first password is stored in account information for the user account as the first factor of the two-factor authentication process; obtaining, by the one or more server computers, device information associated with the client device, the device information including a device identifier of the client device and a geographic location of the client device; obtaining, by the one or more server computers, historical login information associated with the user account; determining, by the one or more server computers from the historical login information and the device information, at least one of a number of times that the client device has previously logged in to the user account from the geographic location or a recency with which the client device has previously logged in to the user account from the geographic location; determining, by the one or more server computers, whether the client device is a trusted device based, at least in part, on at least one of the number of times that the client device has previously logged in to the user account from the geographic location or the recency with which the client device has previously logged in to the user account from the geographic location; generating and storing, by the one or more server computers, without human intervention, a second password in association with the client device and the user account at least in part in response to determining that the client device is a trusted device and logging, by the one or more server computers, the application into the user account using the second password as the second factor of the two-factor authentication process. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A system, comprising:
-
one or more servers, the one or more servers including one or more processors and one or more memories, the servers being configured to; detect an attempt, by an application on a client device, to log in to a user account associated with the application using a first password, the servers being configured to implement a two-factor authentication process; determine that the first password is stored in account information for the user account as the first factor of the two-factor authentication process; obtain device information associated with the client device, the device information including a device identifier of the client device and a geographic location of the client device; obtain historical login information associated with the user account; determine, from the historical login information and the device information, at least one of a number of times that the client device has previously logged in to the user account from the geographic location or a recency with which the client device has previously logged in to the user account from the geographic location; determine whether the client device is a trusted device based, at least in part, on at least one of the number of times that the client device has previously logged in to the user account from the geographic location or the recency with which the client device has previously logged in to the user account from the geographic location; generate and store a second password in association with the client device and the user account, without human intervention, at least in part in response to determining that the client device is a trusted device; and log the application into the user account using the second password as the second factor of the two-factor authentication process. - View Dependent Claims (15, 16, 17, 18, 19)
-
-
20. A computer program product, comprising:
-
one or more non-transitory computer readable storage media having computer program instructions stored therein, the computer program instructions being configured such that, when executed by one or more computing devices, the computer program instructions cause the one or more computing devices to; detect an attempt, by an application on a client device, to log in to a user account associated with the application using a first password, the one or more computing devices configured to implement a two-factor authentication process; determine that the first password is stored in account information for the user account as the first factor of the two-factor authentication process; obtain device information associated with the client device, the device information including a device identifier of the client device and a geographic location of the client device; obtain historical login information associated with the user account; determine, from the historical login information and the device information, at least one of a number of times that the client device has previously logged in to the user account from the geographic location or a recency with which the client device has previously logged in to the user account from the geographic location; determine whether the client device is a trusted device based, at least in part, on at least one of the number of times that the client device has previously logged in to the user account from the geographic location or the recency with which the client device has previously logged in to the user account from the geographic location; generate and store, without human intervention, a second password in association with the client device and the user account at least in part in response to determining that the client device is a trusted device; and log the application into the user account using the second password as the second factor of the two-factor authentication process. - View Dependent Claims (21, 22)
-
Specification