ONE-TIME PASSWORD ACCESS TO PASSWORD-PROTECTED ACCOUNTS
First Claim
1. A computer system that facilitates one-time password access to a password-protected remote login server, comprisinga component that receives a one-time password;
- andan encryption/decryption component that decrypts the one-time password, and a proxy component that replaces the one-time password with a true password that grants access to a remote server through use of the true password.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods facilitate secure one-time-password access to an account in a remote server from an untrusted client. The system consists of an intermediary component whose salient components are a proxy component, a webserver component, and an encryption/decryption component, and it preserves the characteristics of both the server and client. In a man-in-the-middle fashion, the proxy substitutes a one-time password entered at a login interface with a true password, and forwards it to the remote login server. True passwords are encrypted using a seed associated with user identifiers, and a list of one-time passwords is generated/updated and stored on media or transmitted to an electronic device. Substitution takes place by decrypting the one-time password with the seed used for encryption, ensuring the proxy avoids storing the true password.
-
Citations
20 Claims
-
1. A computer system that facilitates one-time password access to a password-protected remote login server, comprising
a component that receives a one-time password; - and
an encryption/decryption component that decrypts the one-time password, and a proxy component that replaces the one-time password with a true password that grants access to a remote server through use of the true password. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- and
-
11. A computer-implemented method that facilitates access to a password protected account on a remote server from an untrusted computer, comprising
receiving a temporary password; -
decrypting the temporary password; replacing the temporary password with the true password that grants access to the remote server; and employing the true password for login in to the remote server. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A computer-readable medium having stored thereon computer executable instructions for performing various acts, comprising:
-
receiving a one-time password; decrypting the one-time password; replacing the one-time password with a true password that grants access to the remote server; and employing the true password for login in to the remote server.
-
Specification