User authorization management system using a meta-password and method for same
First Claim
1. A method for management of user authentication information, comprising:
- receiving a first meta-password from an associated user;
maintaining a repository including a list of network addresses and associated handles, each handle having an associated encoded password;
intercepting a user authentication response sent by the associated user;
identifying a network address to which the authentication response is directed;
generating a modified authentication response based upon the user authentication response and based upon contents of the repository corresponding to said network address; and
transmitting the modified authentication response to the identified network address via the network.
1 Assignment
0 Petitions
Accused Products
Abstract
A user authentication information management method receives a meta-password from a user. A repository (34) lists network addresses (36) and associated handles (38), each handle having an associated encoded password. An authentication response from the user is intercepted. A modified authentication response is generated by identifying a network address to which the response is directed (208), searching for the identified network address (210) in the repository (34), identifying a handle (212) corresponding to the address based on the searching (210), decoding the password associated with the handle using the meta-password as a decoding key (214), and substituting the decoded password for the meta-password in the authentication response (216). The method also generates pseudo-random passwords (124) consistent with password rules (128). The repository (34) can reside on a client device (14), a proxy server, a local area network, or a security server having an Internet protocol (IP) address. The repository (34) can also be disposed at a database service.
-
Citations
39 Claims
-
1. A method for management of user authentication information, comprising:
-
receiving a first meta-password from an associated user;
maintaining a repository including a list of network addresses and associated handles, each handle having an associated encoded password;
intercepting a user authentication response sent by the associated user;
identifying a network address to which the authentication response is directed;
generating a modified authentication response based upon the user authentication response and based upon contents of the repository corresponding to said network address; and
transmitting the modified authentication response to the identified network address via the network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 17, 18, 19, 20, 21, 22, 23, 24, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39)
-
-
16. A system for managing user authentication information, the system operating in conjunction with an associated interfacing program which interfaces an associated user with a plurality of associated secure services, the system comprising:
-
a repository containing at least an address table wherein each address has an associated handle and each handle has an associated encoded password;
a software hook by which an authentication response sent by the interfacing program is intercepted; and
a processor for processing the intercepted authentication response by combining a password extracted from the repository with the intercepted authentication response, said processing being selectively performed upon receipt from the user of a meta-password associated with the repository.
-
-
25. An article of manufacture comprising a program storage medium readable by a computer and embodying one or more instructions executable by the computer for performing a method for management of user authentication information, comprising:
-
receiving a first meta-password from an associated user;
maintaining a repository including a list of network addresses and associated handles, each handle having an associated encoded password;
intercepting a user authentication response sent by the associated user;
identifying a network address to which the authentication response is directed;
generating a modified authentication response based upon the user authentication response and based upon contents of the repository corresponding to said network address; and
transmitting the modified authentication response to the identified network address via the network.
-
Specification