System and method for controlling invalid password attempts
First Claim
1. A method of managing invalid password attempts, said method comprising:
- receiving a message from a computer system, wherein the message includes a distinguished name, the distinguished name corresponding to a failed login attempt;
calculating a total failed login attempt number corresponding to the distinguished name;
identifying a failed login attempt allowed number;
determining whether the total failed login attempt number is greater than the failed login attempt allowed number; and
revoking a password corresponding to the distinguished name based on the determination.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for controlling invalid password attempts in a multiple replica computer system environment is presented. A centralized strikeout server receives failed login attempts from the multiple replica servers over a secure sockets layer (SSL) connection. The centralized strikeout server tracks the number of failed login attempts over a configurable login tracking period. If the number of failed login attempts exceeds the number of failed login attempts allowed, the centralized server revokes the password corresponding to the user id which exceeded the number of failed login attempts allowed. Password revocation message are sent to one or more login servers. Cleanup processing removes older failed login attempts that occurred outside the login tracking period. Digital signatures, or certificates, are used to authenticate computer systems to one another.
-
Citations
20 Claims
-
1. A method of managing invalid password attempts, said method comprising:
-
receiving a message from a computer system, wherein the message includes a distinguished name, the distinguished name corresponding to a failed login attempt;
calculating a total failed login attempt number corresponding to the distinguished name;
identifying a failed login attempt allowed number;
determining whether the total failed login attempt number is greater than the failed login attempt allowed number; and
revoking a password corresponding to the distinguished name based on the determination. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. An information handling system comprising:
-
one or more processors;
a memory accessible by the processors;
one or more nonvolatile storage devices accessible by the processors;
a password managing tool to process invalid password attempts, the password managing tool including;
means for receiving a message from a computer system, wherein the message includes a distinguished name, the distinguished name corresponding to a failed login attempt;
means for calculating a total failed login attempt number corresponding to the distinguished name;
means for identifying a failed login attempt allowed number;
means for determining whether the total failed login attempt number is greater than the failed login attempt allowed number; and
means for revoking a password corresponding to the distinguished name based on the determination. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A computer program product stored in a computer operable media for processing invalid password attempts, said computer program product comprising:
-
means for receiving a message from a computer system, wherein the message includes a distinguished name, the distinguished name corresponding to a failed login attempt;
means for calculating a total failed login attempt number corresponding to the distinguished name;
means for identifying a failed login attempt allowed number;
means for determining whether the total failed login attempt number is greater than the failed login attempt allowed number; and
means for revoking a password corresponding to the distinguished name based on the determination. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification