Session authentication using temporary passwords

US 20050015604A1
Filed: 07/16/2003
Published: 01/20/2005
Est. Priority Date: 07/16/2003
Status: Active Grant

First Claim

Patent Images

1. A method of authenticating a user at an un-trusted computing system, the user having at least one portable computing device coupled to a peripheral device, the method comprising:

randomly generating a temporary password by the portable computing device;

sending the temporary password to the peripheral device;

rendering the temporary password by the peripheral device for perception by the user;

inputting a password, by the user, into the un-trusted computing system;

receiving, by the portable computing device, the password input by the user from the un-trusted computing system; and

allowing access to the portable computing device using the un-trusted computing system when the temporary password matches the user-inputted password.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Authenticating a user of an un-trusted computing system, the user having at least one portable computing device coupled to a peripheral device, may be accomplished by randomly generating a temporary password by the portable computing device, sending the temporary password to the peripheral device, rendering the temporary password by the peripheral device for perception by the user, inputting a password, by the user, into the un-trusted computing system, receiving, by the portable computing device, the password input by the user from the un-trusted computing system, and allowing access to the portable computing device using the un-trusted computing system when the temporary password matches the user-inputted password. In one embodiment, the peripheral device may be a small form factor device worn by the user. In one embodiment, the user may carry or have immediate access to multiple portable computing devices.

89 Citations

View as Search Results

28 Claims

1. A method of authenticating a user at an un-trusted computing system, the user having at least one portable computing device coupled to a peripheral device, the method comprising:
- randomly generating a temporary password by the portable computing device;
  
  sending the temporary password to the peripheral device;
  
  rendering the temporary password by the peripheral device for perception by the user;
  
  inputting a password, by the user, into the un-trusted computing system;
  
  receiving, by the portable computing device, the password input by the user from the un-trusted computing system; and
  
  allowing access to the portable computing device using the un-trusted computing system when the temporary password matches the user-inputted password.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1, wherein randomly generating the temporary password comprises randomly generating the temporary password periodically.
  - 3. The method of claim 1, wherein randomly generating the temporary password comprises randomly generating the temporary password in response to a user-initiated action to the peripheral device.
  - 4. The method of claim 1, wherein the temporary password is valid for only a predetermined period of time.
  - 5. The method of claim 4, wherein the predetermined period of time is less than one minute.
  - 6. The method of claim 1, wherein sending the temporary password to the peripheral device comprises sending the temporary password from the portable computing device to the peripheral device over a secure wireless link.
  - 7. The method of claim 1, wherein rendering the temporary password comprises displaying the temporary password on a display of the peripheral device.
  - 8. The method of claim 7, further comprising displaying a number of seconds until the temporary password expires on a display of the peripheral device.
  - 9. The method of claim 1, wherein rendering the temporary password comprises rendering the temporary password audibly for hearing by the user.
  - 10. The method of claim 1, wherein the password comprises at least one of numbers, letters, symbols, images, and shapes.
  - 11. The method of claim 1, further comprising detecting initiation of an action by the user to the peripheral device to cause the rendering of the temporary password.
  - 12. The method of claim 1, further comprising:
    - generating an indicator by the portable computing device;
      
      sending the indicator to the peripheral device and the un-trusted computing system;
      
      rendering the indicator by the peripheral device for perception by the user;
      
      rendering the indicator by the un-trusted computing system for perception by the user;
      
      wherein the user inputs a password only when the indicator rendered by the peripheral device matches the indicator rendered by the un-trusted computing system the user desires to use.
  - 13. The method of claim 1, wherein the peripheral device is at least one of worn by the user and carried by the user.
  - 14. The method of claim 1, wherein the portable computing device and the un-trusted computing system communicate over a wireless link.

15. An article comprising:
- a storage medium having a plurality of machine readable instructions, wherein when the instructions are executed by a processor, the instructions provide for authenticating a user of an un-trusted computing system, the user having at least one portable computing device coupled to a peripheral device, by randomly generating a temporary password by the portable computing device, by sending the temporary password to the peripheral device, by receiving at the portable computing device a password input by the user from the un-trusted computing system, and by allowing access to the portable computing device using the un-trusted computing system when the temporary password matches the user-inputted password.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The article of claim 15, wherein instructions for randomly generating the temporary password comprise instructions for randomly generating the temporary password periodically.
  - 17. The article of claim 15, wherein the temporary password is valid for only a predetermined period of time.
  - 18. The article of claim 17, wherein the predetermined period of time is less than one minute.
  - 19. The article of claim 15, wherein instructions for sending the temporary password to the peripheral device comprise instructions for sending the temporary password from the portable computing device to the peripheral device over a secure wireless link.
  - 20. The article of claim 15, wherein the password comprises at least one of numbers, letters, symbols, images, and shapes.

21. A system for authenticating a user desiring to use an un-trusted computing system comprising:
- a portable computing device; and
  
  a peripheral device, coupled to the portable computing device, capable of rendering a password for perception by the user;
  
  the portable computing device comprising;
  
  a random password generator to randomly generate a temporary password;
  
  a memory to store instructions and data; and
  
  a processor to execute the instructions obtained from the memory to send the temporary password to the peripheral device for rendering to the user, to receive from the un-trusted computing system a password input by the user; and
  
  to allow access to the data by the un-trusted computing system when the temporary password matches the user-inputted password.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28)
- - 22. The system of claim 21, wherein the peripheral device comprises a display and renders the password by displaying the password on the display.
  - 23. The system of claim 21, wherein the portable computing device communicates with the peripheral device over a secure wireless link.
  - 24. The system of claim 21, wherein the portable computing device communicates with the un-trusted computing system over a wireless link.
  - 25. The system of claim 21, wherein the random password generator randomly generates the temporary password periodically, the temporary password valid for only a predetermined period of time.
  - 26. The system of claim 21, wherein the peripheral device is capable of being at least one of worn and carried by the user.
  - 27. The system of claim 21, wherein the peripheral device comprises an input mechanism activation of which initiates rendering of the password by the peripheral device.
  - 28. The system of claim 21, wherein the peripheral device comprises an input mechanism activation of which causes the portable computing device to randomly generate a new temporary password.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Pering, Trevor A., Want, Roy, Light, John J., Sundararajan, Muralidharan

Granted Patent

US 7,278,024 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/184
CPC Class Codes

G06F 21/35 communicating wirelessly

G06F 21/36 by graphic or iconic repres...

Session authentication using temporary passwords

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

89 Citations

28 Claims

Specification

Use Cases

Quick Links

Others

Session authentication using temporary passwords

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

89 Citations

28 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others