System and method for authenticating users using image selection
First Claim
1. A method for enrolling a password to be used in verifying the claimed identity of a user of a computer system, said method comprising:
- displaying a plurality of individual images using a graphical display interface; and
generating a password responsive to a selection by a user of a sequence of said displayed images based on (i) the selected sequence of the images and (ii) the manner in which the images are selected from at least two selection styles.
0 Assignments
0 Petitions
Accused Products
Abstract
A general-purpose method is provided for authenticating, i.e., verifying the claimed identity of, users of a computer system through the selection of a sequence of images from a displayed assembly of images. The method is based on the capability of computer systems to display and manipulate individual thumbnail images via a graphical user display interface. The method takes image sequences selected by a user and formulates a password that is dependent on both the sequence and style of their selection. To ease the users'"'"' burden of complying with organizational policy to change passwords after some period of time, the method allows the same image sequence to be used repeatedly in a password change dialogue, yet generate a completely different password value each time. A new method of “salting” passwords to make them less vulnerable is also provided.
-
Citations
21 Claims
-
1. A method for enrolling a password to be used in verifying the claimed identity of a user of a computer system, said method comprising:
-
displaying a plurality of individual images using a graphical display interface; and
generating a password responsive to a selection by a user of a sequence of said displayed images based on (i) the selected sequence of the images and (ii) the manner in which the images are selected from at least two selection styles. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A method for verifying the claimed identity of a user of a computer system, said method comprising:
-
comparing (i) a sequence of individual visual images selected by a user as a visual password with (ii) a password previously enrolled based on a selected sequence of said visual images and stored in the computer system in a cryptographically protected form; and
permitting access to the computer system when there is a match between the selected password and the previously enrolled password.
-
-
21. A method for enrolling a password to be used in verifying the claimed identity of a user of a computer system, said method comprising:
-
displaying a plurality of individual images using a graphical display interface; and
generating a password responsive to a selection by a user of a sequence of said displayed images, the individual images being presented in an image matrix and the individual images selected being mapped onto a value matrix populated with randomly assigned values selected from a set of binary values.
-
Specification