METHOD FOR RENDERING PASSWORD THEFT INEFFECTIVE

US 20090007243A1
Filed: 06/27/2007
Published: 01/01/2009
Est. Priority Date: 06/27/2007
Status: Abandoned Application

First Claim

Patent Images

1. A method for rendering a login theft ineffective comprising the steps of:

a. detecting a submission of a first login request from the user'"'"'s client to a Web site;

b. redirecting said first login request to the traffic processor for copying at least one of the user supplied login fields;

c. forwarding said first login request from said traffic processor to said site;

d. requesting replacements of at least one of said user supplied login fields from said site; and

e. replacing said at least one of user supplied login fields with at least one new corresponding login field(s) in said site.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for rendering a login theft ineffective includes detecting a submission of a first login request from the user'"'"'s client to a Web site; redirecting the first login request to the traffic processor for copying at least one of the user supplied login fields; forwarding the first login request from the traffic processor to the site; requesting replacements of at least one of the user supplied login fields from the site; and replacing the at least one of user supplied login fields with at least one new corresponding login field(s) in the site.

Citations

10 Claims

1. A method for rendering a login theft ineffective comprising the steps of:
- a. detecting a submission of a first login request from the user'"'"'s client to a Web site;
  
  b. redirecting said first login request to the traffic processor for copying at least one of the user supplied login fields;
  
  c. forwarding said first login request from said traffic processor to said site;
  
  d. requesting replacements of at least one of said user supplied login fields from said site; and
  
  e. replacing said at least one of user supplied login fields with at least one new corresponding login field(s) in said site.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. A method according to claim 1, further comprising the steps of:
    - f. detecting a second login request intended for the Web site;
      
      g. redirecting said second request to the traffic processor by the redirector;
      
      h. replacing the user supplied login field(s) with the new corresponding login field(s); and
      
      i. forwarding the modified second login request to said site.
  - 3. A method according to claim 1 where the user supplied login fields and new corresponding login fields are stored in a table.
  - 4. A method according to claim 1 where the forwarding of the request(s) by the traffic processor and the receiving of response(s) from the site is done using a secure path.
  - 5. A method according to claim 1 where the user is notified before the user supplied login fields are replaced with new corresponding login fields.
  - 6. A method according to claim 5 where permission is requested from the user prior to replacing the user supplied login fields with new corresponding login fields.
  - 7. A method according to claim 1 where the new corresponding login fields are produced by applying a deterministic function to the original login fields.
  - 8. A method according to claim 3 where the new corresponding login fields are produced by applying a non-algorithmic function.
  - 9. A method according to claim 1, where the user may obtain the new corresponding login fields.

10. A method for rendering a login theft ineffective comprising the steps of:
- a. detecting a submission of a first login request from a client to a Server;
  
  b. redirecting said first login request to the traffic processor for copying at least one of the user supplied login fields;
  
  c. forwarding said first login request from said traffic processor to said Server;
  
  d. requesting replacements of at least one of said user supplied login fields from said Server; and
  
  e. replacing said at least one of user supplied login fields with at least one new corresponding login field(s) in said Server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Trusteer Ltd (International Business Machines Corporation)
Original Assignee
Trusteer Ltd (International Business Machines Corporation)
Inventors
Klein, Amit, Boodaei, Michael

Application Number

US11/769,361
Publication Number

US 20090007243A1
Time in Patent Office

Days
Field of Search
US Class Current

726/5
CPC Class Codes

H04L 9/3226 using a predetermined code,...

METHOD FOR RENDERING PASSWORD THEFT INEFFECTIVE

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

10 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD FOR RENDERING PASSWORD THEFT INEFFECTIVE

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

10 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links