TECHNIQUES FOR REAL-TIME ADAPTIVE PASSWORD POLICIES
First Claim
Patent Images
1. A machine-implemented method, comprising:
- enforcing a first password policy against users of a network service;
dynamically evaluating password patterns being used by the users; and
adapting in real-time to a second password policy in response to evaluation of the password patterns and enforcing the second password policy in place of the first password policy against the users.
11 Assignments
0 Petitions
Accused Products
Abstract
Techniques real-time adaptive password policies are presented. Patterns for passwords are regularly analyzed along with other factors associated with the patterns to dynamically determine password strength values. The strength values can change over time based on usage statistics. When a strength value falls below an acceptable threshold, passwords associated with that particular pattern can be downgraded or rejected in real-time and existing policy can be adapted to reflect the undesirability of that pattern.
-
Citations
24 Claims
-
1. A machine-implemented method, comprising:
-
enforcing a first password policy against users of a network service; dynamically evaluating password patterns being used by the users; and adapting in real-time to a second password policy in response to evaluation of the password patterns and enforcing the second password policy in place of the first password policy against the users. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A machine-implemented method, comprising:
-
prompting a user to change an existing password; receiving a new password from the user; analyzing past password patterns used by the user in view of a new pattern associated with the new password; dynamically adjusting password strength attributes for the past password patterns and the new pattern in response to a frequency of use for each past password pattern and the new pattern; and determining in real time whether the new password is to be accepted or denied in response to comparing the strength attribute associated with the new pattern against a threshold strength value. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A system, comprising:
-
a password pattern store residing in a machine-accessible and computer-readable medium and accessible to a password service that executes on a machine; the password service implemented in a machine-accessible and computer-readable medium and to process on the machine; wherein the password service stores password patterns received from users in the password pattern store and mines the password patterns to dynamically alter password strength attribute values associated with each particular password pattern, and wherein the password service dynamically and in real time adapts a password policy in response to changing password strength attribute values for the password patterns. - View Dependent Claims (16, 17, 18, 19, 20)
-
-
21. A system, comprising:
-
a password management service implemented in a machine-accessible and computer-readable medium and is to process on a machine; and an adaptive password policy service implemented in a machine-accessible and computer-readable medium and is to process on the machine or a different machine; wherein the password management service interacts with a user to receive a new password from the user when the user is newly registered or when the user is changing from an existing password to the new password, and wherein the password management service interacts with the adaptive password policy service to receive an indication as to whether the new password is permissible, and wherein the adaptive password policy service dynamically alters an existing policy in response to mining a history of passwords for the user and the new password and informs the password management service to reject the new password in response to the modified existing policy. - View Dependent Claims (22, 23, 24)
-
Specification