Two-factor computer password client device, system, and method
First Claim
1. A client device for constructing a two-factor password utilized by an authentication device to authenticate an accessing computer, said client device comprising:
- an input/output (I/O) port for interfacing the client device with the accessing computer, said I/O port receiving a user identification (user ID) from the accessing computer, and sending the two-factor password to the accessing computer;
a database for storing a second factor; and
a client application connected to the I/O device and the database, said client application being adapted to;
retrieve the second factor from the database;
combine the user ID and the retrieved second factor to form the two-factor password; and
send the two-factor password to the I/O device for sending to the accessing computer.
1 Assignment
0 Petitions
Accused Products
Abstract
A client device, system, and method for constructing a two-factor password utilized by an authentication device to authenticate an accessing computer. The client device connects to the accessing computer through an input/output (I/O) port such as a USB connection. When a user desires to access a network, he enters a user ID, which is sent from the accessing computer to the client device. The client device includes a client application, which retrieves a second factor from an internal database, and combines the user ID and the retrieved second factor to form the two-factor password. The two-factor password is sent to the accessing computer, which transmits it to the authentication device. The accessing computer is authenticated only if both the user ID and the second factor match a user ID and second factor stored in the authentication device.
41 Citations
23 Claims
-
1. A client device for constructing a two-factor password utilized by an authentication device to authenticate an accessing computer, said client device comprising:
-
an input/output (I/O) port for interfacing the client device with the accessing computer, said I/O port receiving a user identification (user ID) from the accessing computer, and sending the two-factor password to the accessing computer;
a database for storing a second factor; and
a client application connected to the I/O device and the database, said client application being adapted to;
retrieve the second factor from the database;
combine the user ID and the retrieved second factor to form the two-factor password; and
send the two-factor password to the I/O device for sending to the accessing computer. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A system for protecting a network against unauthorized access while enabling an authorized accessing computer to access the network, said system comprising:
-
a client device that connects to the authorized accessing computer, said client device constructing a two-factor password utilized by an authentication server to authenticate the accessing computer, said client device comprising;
an input/output (I/O) port for interfacing the client device with the accessing computer, said I/O port receiving a user identification (user ID) from the accessing computer, and sending the two-factor password to the accessing computer;
a database for storing a second factor; and
a client application connected to the I/O device and the database, said client application being adapted to;
retrieve the second factor from the database;
combine the user ID and the retrieved second factor to form the two-factor password; and
send the two-factor password to the I/O device for sending to the accessing computer; and
an authentication server connected to the network for receiving the two-factor password and authenticating the accessing computer, said authentication server comprising;
means for receiving the two-factor password sent from the accessing computer;
means for determining whether the received user ID matches a stored user ID associated with the accessing computer;
means for determining whether the received second factor matches a stored second factor associated with the accessing computer; and
means for positively authenticating the accessing computer only if the received user ID matches the stored user ID, and the received second factor matches the stored second factor. - View Dependent Claims (16, 17)
-
-
18. A method of protecting a network against unauthorized access while enabling an authorized accessing computer to access the network, said method comprising:
-
receiving from a user, a user identification (user ID);
automatically constructing by the accessing computer, without further input from the user, a two-factor password comprising the user ID and a second factor added by the accessing computer, said two-factor password being utilized by an authentication server to authenticate the accessing computer;
sending the two-factor password to the authentication server;
verifying by the authentication server that the two-factor password received from the accessing computer matches a stored two-factor password associated with the accessing computer; and
granting the accessing computer access to the network only if the two-factor password received from the accessing computer matches the stored two-factor password associated with the accessing computer. - View Dependent Claims (19, 20, 21, 22, 23)
-
Specification