PASSWORD BASED ACCESS INCLUDING ERROR ALLOWANCE

US 20080066167A1
Filed: 09/10/2007
Published: 03/13/2008
Est. Priority Date: 09/12/2006
Status: Abandoned Application

First Claim

Patent Images

1. A method of managing user access via a client device, the method comprising:

assigning a password to the user;

prompting the user to input the password via an input device of the client device;

receiving an input from the user via the input device responsive to said prompting;

granting access to the user when the received input is the same as the password;

granting access to the user when the received input is not the same as the password and includes a first incorrect character; and

denying access to the user when the received input is not the same as the password and includes at least a second incorrect character different from the first incorrect character.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An approach is provided for enabling a client user to access secure information or services via a security code including a password and/or username even when the security code provided by the client user includes one or more errors. As one example, a level of error allowance may be selected by a system administrator based on a prescribed minimum level of security and the security code selected by the client user. The application of error allowance can reduce the number of times a client user is denied access to requested information or services due to incorrect or mistyped security code input while also ensuring the prescribed minimum level of security is retained.

Citations

20 Claims

1. A method of managing user access via a client device, the method comprising:
- assigning a password to the user;
  
  prompting the user to input the password via an input device of the client device;
  
  receiving an input from the user via the input device responsive to said prompting;
  
  granting access to the user when the received input is the same as the password;
  
  granting access to the user when the received input is not the same as the password and includes a first incorrect character; and
  
  denying access to the user when the received input is not the same as the password and includes at least a second incorrect character different from the first incorrect character.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein a first key of the input device for inputting the first incorrect character is located more proximate to a second key of the input device for inputting a corresponding correct character of the password than a third key of the input device for inputting the second incorrect character.
  - 3. The method of claim 1, wherein the input including the second incorrect character further includes a greater number of incorrect characters than the input including the first incorrect character.
  - 4. The method of claim 1, wherein the input including the second incorrect character includes a different quantity of characters than each of the password and the input including the first incorrect character.
  - 5. The method of claim 4, wherein the input including the first incorrect character includes a first quantity of characters and the input including the second incorrect character includes a second quantity of characters;
    - and wherein the second quantity of characters is greater than or less than the first quantity of characters.
  - 6. The method of claim 1, wherein the password assigned to the user was selected by the user and wherein the client device is communicatively coupled with a wide area network.
  - 7. The method of claim 1, wherein said prompting includes displaying a password field via a display device of the client device and wherein the received input is provided to the password field.

8. A network system, comprising:
- a network server;
  
  a client device communicating with the network server via a network;
  
  a password selection tool configured to enable the user to select a password that includes at least a minimum number of characters; and
  
  a password validation engine configured to prompt the user for the password responsive to a request by the user for information stored at the server, wherein the password validation engine is configured to receive a user response to said prompt via the client device;
  
  wherein the password validation engine is further configured to compare the password selected by the user with the user response to identify correct password characters contained in the user response, and responsive to said comparison;
  
  grant the user access to the information stored on the server when the user response includes less than all of the correct password characters and at least a first number of correct password characters; and
  
  deny the user access to the information stored on the server when the user response includes less than all of the correct password characters and a second number of correct password characters less than the first number of correct characters.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The system of claim 8, wherein the password validation engine is further configured to grant the user access to the information stored on the server when the user response includes a first number of correct password characters that is less than all of the correct password characters and at least the same as or greater than the minimum number of password characters;
    - and deny the user access to the information stored on the server when the user response includes a second number of password characters less than all of the correct password characters and less than the minimum number of characters.
  - 10. The system of claim 8 further comprising, a network administrator interface configured to enable a network administrator to select the minimum number of characters for the password selected by the user.
  - 11. The system of claim 8, wherein the client device includes an input device;
    - andwherein the password is selected by the user via the input device and the user response is provided to the password validation engine via the input device.
  - 12. The system of claim 8, wherein the password selection tool and the password validation engine reside at the server and are accessed by the user via the client device.
  - 13. The system of claim 8, wherein the network includes a wide area network.
  - 14. The system of claim 13, wherein the wide area network includes the Internet.

15. A method of managing access of a user of a network client, the method comprising:
- assigning a security code to the user;
  
  receiving an access request from the user via an input device of the network client, wherein the access request is received at a server communicating with the network client via a network;
  
  requesting a security code from the user via a graphical user interface of the network client in response to the received access request;
  
  receiving a response from the user via the input device of the network client responsive to the security code request, wherein the response is received at the server;
  
  generating a plurality of security code variations at the server based on the security code assigned to the user;
  
  granting the requested access to the user when the response received at the server includes the security code or one of the generated security code variations; and
  
  denying the requested access to the user when the response received at the server does not include the security code or one of the security code variations.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The method of claim 15, wherein the number of security code variations that are generated at the server is selectable by a network administrator.
  - 17. The method of claim 15, wherein the security code includes a password.
  - 18. The method of claim 15, wherein the security code includes a username.
  - 19. The method of claim 15, wherein the access request by the user includes a request for secure information to be provided to the user of the network client.
  - 20. The method of claim 15, wherein the access request by the user includes a request for additional control to be provided to the user of the network client.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Michael J. Andri
Original Assignee
Michael J. Andri
Inventors
ANDRI, MICHAEL J.

Application Number

US11/852,921
Publication Number

US 20080066167A1
Time in Patent Office

Days
Field of Search
US Class Current

726/5
CPC Class Codes

G06F 21/31   User authentication

G06F 21/46   by designing passwords or c...

G06F 2221/2105   Dual mode as a secondary as...

H04L 63/083   using passwords cryptograph...

PASSWORD BASED ACCESS INCLUDING ERROR ALLOWANCE

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

PASSWORD BASED ACCESS INCLUDING ERROR ALLOWANCE

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links