ONE-TIME PASSWORD ACCESS TO PASSWORD-PROTECTED ACCOUNTS

US 20080276098A1
Filed: 09/10/2007
Published: 11/06/2008
Est. Priority Date: 05/01/2007
Status: Active Grant

First Claim

Patent Images

1. A computer system that facilitates one-time password access to a password-protected remote login server, comprisinga component that receives a one-time password;

andan encryption/decryption component that decrypts the one-time password, and a proxy component that replaces the one-time password with a true password that grants access to a remote server through use of the true password.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods facilitate secure one-time-password access to an account in a remote server from an untrusted client. The system consists of an intermediary component whose salient components are a proxy component, a webserver component, and an encryption/decryption component, and it preserves the characteristics of both the server and client. In a man-in-the-middle fashion, the proxy substitutes a one-time password entered at a login interface with a true password, and forwards it to the remote login server. True passwords are encrypted using a seed associated with user identifiers, and a list of one-time passwords is generated/updated and stored on media or transmitted to an electronic device. Substitution takes place by decrypting the one-time password with the seed used for encryption, ensuring the proxy avoids storing the true password.

Citations

20 Claims

1. A computer system that facilitates one-time password access to a password-protected remote login server, comprisinga component that receives a one-time password;
- andan encryption/decryption component that decrypts the one-time password, and a proxy component that replaces the one-time password with a true password that grants access to a remote server through use of the true password.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The system of claim 1, the encryption/decryption component generates a list of one-time passwords, wherein each password in the generated list of one-time passwords results from an encryption of a true password that uses a specific encryption key or encryption method.
  - 3. The system of claim 2, the encryption method includes a mapping of the set of true password characters onto itself according to a pseudorandom permutation.
  - 4. The system of claim 2, the encryption/decryption component maps subsets of characters of the true password onto themselves.
  - 5. The system of claim 2, the encryption/decryption component maps each character of the true password into a K-digit number, with K being an integer greater than one.
  - 6. The system of claim 2, the encryption/decryption component transmits the list of one-time passwords to an electronic device.
  - 7. The system of claim 1, further comprising a one-time password generation component deployed on a trusted computer.
  - 8. The system of claim 7, the one-time password generation component includes a registration component that collects the true password, and remote server and login account identifiers.
  - 9. The system of claim 7, further comprising an encryption component that encrypts the true password according to a seed assigned to the remote server and login account identifiers.
  - 10. The system of claim 1, the true password is at least one of a credit card number, a social security number, or an alphanumeric password.

11. A computer-implemented method that facilitates access to a password protected account on a remote server from an untrusted computer, comprisingreceiving a temporary password;
- decrypting the temporary password;
  
  replacing the temporary password with the true password that grants access to the remote server; and
  
  employing the true password for login in to the remote server.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
- - 12. The method of claim 11, further comprising:
    - generating a list of temporary passwords from the true password by mapping characters of the true password by employing a pseudorandom permutation sequence; and
      
      storing the list of temporary passwords on media.
  - 13. The method of claim 12, generating a list of temporary passwords includes determining each of the generated temporary passwords is valid for U login instances, U being a natural number
  - 14. The method of claim 13, further comprising transmitting the list of temporary passwords to an electronic device.
  - 15. The method of claim 12, further comprising validating that the mapping satisfies Luhn algorithm when the true password is a credit card number.
  - 16. The method of claim 11, further comprising receiving remote server and login account identifiers.
  - 17. The method of claim 16, further comprising assigning an encryption key to the remote server and login account identifiers
  - 18. The method of claim 17, further comprising decrypting the one-time password according to the encryption key assigned to the remote server and login account identifiers.
  - 19. The method of claim 11, further comprising computer executable acts that facilitate maintaining an updated list of one-time passwords in an electronic portable device, the acts include:
    - encrypting a true password to generate an updated list of one-time passwords; and
      
      transmitting the updated list of one-time passwords to an electronic device.

20. A computer-readable medium having stored thereon computer executable instructions for performing various acts, comprising:
- receiving a one-time password;
  
  decrypting the one-time password;
  
  replacing the one-time password with a true password that grants access to the remote server; and
  
  employing the true password for login in to the remote server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Herley, Cormac E., Florencio, Dinei A.

Granted Patent

US 8,255,696 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/183
CPC Class Codes

G06F 21/46   by designing passwords or c...

H04L 63/0428   wherein the data content is...

H04L 63/0838   using one-time-passwords

ONE-TIME PASSWORD ACCESS TO PASSWORD-PROTECTED ACCOUNTS

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

ONE-TIME PASSWORD ACCESS TO PASSWORD-PROTECTED ACCOUNTS

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links