PASSWORD EXPIRATION BASED ON VULNERABILITY DETECTION

US 20090126018A1
Filed: 11/14/2007
Published: 05/14/2009
Est. Priority Date: 11/14/2007
Status: Active Grant

First Claim

Patent Images

1. A computer implemented method for password expiration based on vulnerability detection, the computer implemented method comprising:

receiving a request for a password after re-activation of a user account;

generating a password to create a hashed password;

comparing the hashed password to a previously created password for a user to determine a match entry; and

responsive to determining a match entry, expiring an account of the user with respect to the match entry.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Illustrative embodiments provide a computer implemented method, a data processing system and a computer program product for password expiration based on vulnerability detection. The computer implemented method comprises receiving a request for a password after re-activating a user account and requesting a password generator, to create a hashed password. The method further comprises comparing the hashed password to a previously created password of a user, to determine a match entry. Responsive to determining a match entry, expiring an account of the user with respect to the match entry.

Citations

18 Claims

1. A computer implemented method for password expiration based on vulnerability detection, the computer implemented method comprising:
- receiving a request for a password after re-activation of a user account;
  
  generating a password to create a hashed password;
  
  comparing the hashed password to a previously created password for a user to determine a match entry; and
  
  responsive to determining a match entry, expiring an account of the user with respect to the match entry.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The computer implemented method of claim 1 wherein the generating a password further comprises:
    - forwarding the request to a password generator, including a raw character string of an old password.
  - 3. The computer implemented method of claim 1 wherein the generating a password further comprises:
    - addition of the user specific salt.
  - 4. The computer implemented method of claim 1 wherein the password generator is a password vulnerability central store.
  - 5. The computer implemented method of claim 1 wherein the match entry further comprises:
    - a resource identifier and respective location associated with the user account.
  - 6. The computer implemented method of claim 1 wherein expiring an account is performed by a host intrusion detection service.

7. A data processing system for password expiration based on vulnerability detection, the data processing system comprising:
- a bus;
  
  a memory connected to the bus;
  
  a display connected to the bus;
  
  a communications unit connected to the bus;
  
  a persistent storage connected to the bus, wherein the persistent storage contains computer usable program code;
  
  a processing unit connected to the bus;
  
  wherein the processing units executes the computer usable program code to;
  
  create a receiver capable of receiving a request for a password after re-activating a user account;
  
  create a generator capable of generating a password to create a hashed password;
  
  create a comparator capable of comparing the hashed password to a previously created password of a user to determine a match entry; and
  
  create an expiration component responsive to determining a match entry, capable of expiring an account of the user with respect to the match entry.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The data processing system of claim 7 wherein the generator capable of generating a password, further comprises:
    - a capability for forwarding the request to a password generator, including a raw character string of an old password.
  - 9. The data processing system of claim 7 wherein the generator capable of generating a password further comprises:
    - a capability for addition of a user specific salt.
  - 10. The data processing system of claim 7 wherein the generator is a password vulnerability central store.
  - 11. The data processing system of claim 7 wherein the match entry comprises a resource identifier and respective location associated with a user account.
  - 12. The data processing system of claim 7 wherein the expiration component capable of expiring an account is a host intrusion detection service.

13. A computer program product for password expiration based on vulnerability detection, the computer program product comprising computer executable program code tangibly embodied in a computer usable recordable medium, the computer executable program code comprising:
- computer executable program code for receiving a request for a password after re-activating a user account;
  
  computer executable program code for generating a password to create a hashed password;
  
  computer executable program code for comparing the hashed password to a previously created password of a user to determine a match entry; and
  
  computer executable program code responsive to determining a match entry, for expiring an account of the user with respect to the match entry.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The computer program product of claim 13 wherein the computer executable program code for generating a password further comprises:
    - computer executable program code for forwarding the request to a password generator, including a raw character string of an old password.
  - 15. The computer program product of claim 13 wherein the computer executable program code for generating further comprises:
    - computer executable program code for addition of a user specific salt.
  - 16. The computer program product of claim 13 wherein the computer executable program code for the password generator further comprises:
    - computer executable program code for a password vulnerability central store.
  - 17. The computer program product of claim 13 wherein the match entry comprises a resource identifier and respective location associated with the user account.
  - 18. The computer program product of claim 13 wherein computer executable program code for expiring an account further comprises:
    - computer executable program code for a host intrusion detection service.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Mullen, Patrick Shawn, Keohane, Susann Marie, McBrearty, Gerald Francis, Shieh, Johnny Meng-Han, Murillo, Jessica Carol

Granted Patent

US 8,375,425 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/23
CPC Class Codes

G06F 21/46 by designing passwords or c...

PASSWORD EXPIRATION BASED ON VULNERABILITY DETECTION

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

PASSWORD EXPIRATION BASED ON VULNERABILITY DETECTION

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links