Account access recovery system, method and apparatus

US 10,498,738 B2
Filed: 09/30/2015
Issued: 12/03/2019
Est. Priority Date: 06/07/2015
Status: Active Grant

First Claim

Patent Images

1. A non-transitory machine readable medium storing a program, which when executed by at least one processing unit recovers access to a service associated with an account, the program comprising sets of instructions for:

providing a login credential to log into the account to receive the associated service from a server set;

receiving an access continuation parameter (ACP) after logging into the account;

accessing the server set to receive the service;

receiving a rejection of a subsequent access to the server set to receive the service, the rejection being based at least in part on the login credential having been modified at the server set; and

responsive to receiving the rejection based at least in part on the login credential having been modified at the server set, providing the ACP to continue to receive the service without providing the modified login credential.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Some embodiments of the invention provide a program for recovering access to a service associated with an account. The program provides a login credential to log into the account to receive the associated service. Next, the program receives an access continuation parameter (ACP) after logging into the account. The program then accesses the service and receives a rejection of a subsequent access to the service. The program then provides the ACP in lieu of the login credential to continue to receive the service.

Citations

20 Claims

1. A non-transitory machine readable medium storing a program, which when executed by at least one processing unit recovers access to a service associated with an account, the program comprising sets of instructions for:
- providing a login credential to log into the account to receive the associated service from a server set;
  
  receiving an access continuation parameter (ACP) after logging into the account;
  
  accessing the server set to receive the service;
  
  receiving a rejection of a subsequent access to the server set to receive the service, the rejection being based at least in part on the login credential having been modified at the server set; and
  
  responsive to receiving the rejection based at least in part on the login credential having been modified at the server set, providing the ACP to continue to receive the service without providing the modified login credential.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The non-transitory machine readable medium of claim 1, wherein the program further comprises a set of instructions for storing the ACP after receiving the ACP.
  - 3. The non-transitory machine readable medium of claim 2, wherein the program further comprises a set of instructions for encrypting the ACP before storing the ACP.
  - 4. The non-transitory machine readable medium of claim 2,wherein the non-transitory machine readable medium is a machine readable medium of a device,wherein the set of instructions for storing the ACP comprises a set of instructions for storing the ACP on the device.
  - 5. The non-transitory machine readable medium of claim 1,wherein the program is for execution on a device,wherein when the ACP is provided, the device is allowed to remain logged into the account even after the login credential has been modified without the device providing the modified login credential.
  - 6. The non-transitory machine readable medium of claim 5, wherein the set of instructions for providing the login credential comprises a set of instructions for completing a login process, said login process comprising providing the login credential and providing a second factor authentication parameter.
  - 7. The non-transitory machine readable medium of claim 5, the login credential having been modified at the server set responsive to a user request therefor.
  - 8. The non-transitory machine readable medium of claim 1,wherein the program further comprises a set of instructions for receiving a service token after providing the login credential and logging into the account,wherein the set of instructions for receiving the subsequent-access rejection comprises a set of instructions for receiving a rejection of the service token,wherein the set of instructions for providing the ACP comprises a set of instructions for providing the ACP in order to obtain a new service token for accessing the service without providing the login credential.
  - 9. The non-transitory machine readable medium of claim 8, wherein the sets of instructions for providing the ACP comprises sets of instructions for:
    - providing the ACP to a set of one or more authentication servers to authenticate the ACP;
      
      receiving a password token from the set of authentication servers; and
      
      providing the password token to a set of one or more service servers to obtain the new service token.

10. For a device, a method for recovering access to a service associated with an account, the method comprising:
- submitting a login credential to log into the account to receive the associated service from a server set;
  
  receiving an access continuation parameter (ACP) after logging into the account;
  
  accessing the server set to receive the service;
  
  determining that a subsequent access to the server set to receive the service is rejected based at least on information corresponding to the login credential having been modified at the server; and
  
  providing the ACP in lieu of the login credential to continue to receive the service after the subsequent access to the server set to receive the service is rejected based at least on information corresponding to the login credential having been modified at the server.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The method of claim 10 further comprising storing the ACP after receiving the ACP.
  - 12. The method of claim 11 further comprising encrypting the ACP before storing the ACP.
  - 13. The method of claim 11, wherein storing the ACP comprises storing the ACP on the device.
  - 14. The method of claim 10, wherein when the ACP is provided in lieu of the login credential, the device is allowed to remain logged into the account even after the login credential has been modified without the device providing the modified login credential.
  - 15. The method of claim 14, wherein providing the login credential comprises completing a login process, said login process comprising providing an account password and providing a second factor authentication parameter.
  - 16. The method of claim 14, wherein the modified login credential is an account password.
  - 17. The method of claim 10 further comprising:
    - receiving a service token after providing the login credential to the server set and logging into the account,wherein determining the subsequent-access rejection comprises receiving a rejection of the service token,wherein providing the ACP in lieu of the login credential comprises providing the ACP in order to obtain a new service token for accessing the service without providing the login credential.
  - 18. The method of claim 17, wherein providing the ACP comprises:
    - providing the ACP to a set of one or more authentication servers to authenticate the ACP;
      
      receiving a password token from the set of authentication servers; and
      
      providing the password token to a set of one or more service servers to obtain the new service token.

19. A device comprising:
- at least one processing unit anda non-transitory machine readable medium storing a program, which when executed by the processing unit recovers access to a service associated with an account, the program comprising sets of instructions for;
  
  providing a login credential to log into the account to receive the associated service from a server set;
  
  receiving an access continuation parameter (ACP) after logging into the account;
  
  accessing the server set to receive the service;
  
  receiving a rejection of a subsequent access to the server set to receive the service, the rejection being based at least in part on the login credential having been invalidated responsive to a non-deterministic event; and
  
  responsive to receiving the rejection of the subsequent access to receive the service based at least in part on the login credential having been invalidated responsive to the non-deterministic event, providing the ACP in lieu of the login credential to continue to receive the service without re-authenticating the login credential.
- View Dependent Claims (20)
- - 20. The device of claim 19, wherein the program further comprises a set of instructions for:
    - encrypting the ACP; and
      
      storing the encrypted ACP.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Apple Inc.
Original Assignee
Apple Inc.
Inventors
Krstic, Ivan, Wilson, James, Friedman, Eric Daniel, Subramaniam, Selvarajan, Gautier, Patrice O., Gates, John Patrick, Santhanagopal, Ramarathnam, Vaidyanathaswami, Prabhakaran, Mambakkam, Sudhakar, Pai, Raghunandan, Narayanan, Karthik
Primary Examiner(s)
Najjar, Saleh
Assistant Examiner(s)
Almeida, Devin E

Application Number

US14/872,027
Publication Number

US 20160359863A1
Time in Patent Office

1,525 Days
Field of Search
US Class Current
CPC Class Codes

G06F 12/1408   by using cryptography for d...

G06F 21/42   using separate channels for...

G06F 21/45   Structures or tools for the...

G06F 2212/1052   Security improvement

G06F 2221/2131   Lost password, e.g. recover...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/083   using passwords cryptograph...

H04L 63/0861   using biometrical features,...

H04L 63/102   Entity profiles

Account access recovery system, method and apparatus

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Account access recovery system, method and apparatus

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links