ENTERPRISE PASSWORD RESET

US 20100122340A1
Filed: 11/13/2008
Published: 05/13/2010
Est. Priority Date: 11/13/2008
Status: Active Grant

First Claim

Patent Images

1. A method for authenticating a user, the method comprising:

receiving the user'"'"'s request for authentication;

extracting information associated with the user from user-specific information stored in an enterprise computer, wherein the extracted user information does not explicitly relate to a password;

generating one or more challenges based on the extracted user information;

receiving the user'"'"'s response to the challenges;

comparing the user'"'"'s response to the extracted user information; and

authenticating the user.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

One embodiment of the present invention provides a system for automatically authenticating a user. During operation, the system receives a user'"'"'s request for authentication. The system then extracts information associated with the user from user-specific information stored in an enterprise computer. The extracted user information does not explicitly relate to a password. The system further generates one or more challenges based on the extracted user information, and receives the user'"'"'s response to the challenges. Subsequently, the system compares the user'"'"'s response to the extracted user information, and authenticates the user.

116 Citations

24 Claims

1. A method for authenticating a user, the method comprising:
- receiving the user'"'"'s request for authentication;
  
  extracting information associated with the user from user-specific information stored in an enterprise computer, wherein the extracted user information does not explicitly relate to a password;
  
  generating one or more challenges based on the extracted user information;
  
  receiving the user'"'"'s response to the challenges;
  
  comparing the user'"'"'s response to the extracted user information; and
  
  authenticating the user.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the user is authenticated without inputting a password.
  - 3. The method of claim 1, further comprising identifying a risk indication.
  - 4. The method of claim 1, further comprising subsequently resetting a password of the authenticated user.
  - 5. The method of claim 1, wherein the user-specific information includes one or more of:
    - the user'"'"'s calendar entries;
      
      the user'"'"'s file usage history;
      
      the user'"'"'s email;
      
      the user'"'"'s contact list; and
      
      the user'"'"'s past activity.
  - 6. The method of claim 1, further comprising presenting the challenges to the user using a web-based application.
  - 7. The method of claim 1, wherein the user response is generated by human.
  - 8. The method of claim 1, wherein the user response is generated by a proxy for the user.

9. A computer-readable storage medium storing instructions which when executed by a computer cause the computer to perform a method for authenticating a user, the method comprising:
- receiving the user'"'"'s request for authentication;
  
  extracting information from the user based on user-specific information stored in an enterprise computer, wherein the extracted user information does not explicitly relate to a password;
  
  generating one or more challenges based on the extracted user information;
  
  receiving the user'"'"'s response to the challenges;
  
  comparing the user'"'"'s response to the extracted user information; and
  
  authenticating the user.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The computer-readable storage medium of claim 9, wherein the user is authenticated without inputting a password.
  - 11. The computer-readable storage medium of claim 9, wherein the method further comprises identifying a risk indication.
  - 12. The computer-readable storage medium of claim 9, wherein the method further comprises subsequently resetting a password of the authenticated user.
  - 13. The computer-readable storage medium of claim 9, wherein the user-specific information includes one or more of:
    - the user'"'"'s calendar entry;
      
      the user'"'"'s file usage history;
      
      the user'"'"'s email;
      
      the user'"'"'s contact list; and
      
      the user'"'"'s past activity.
  - 14. The computer-readable storage medium of claim 9, wherein the method further comprises presenting the challenges to the user using a web-based application.
  - 15. The computer-readable storage medium of claim 9, wherein the user response is generated by human.
  - 16. The computer-readable storage medium of claim 9, wherein the user response is generated by a proxy for the user.

17. A computer system for authenticating a user, comprising:
- a processor;
  
  a memory;
  
  a receiving mechanism configured to receive the user'"'"'s request for authentication;
  
  an extracting mechanism configured to extract information associated with the user based on user-specific information stored in an enterprise computer, wherein the extracted user information does not explicitly relate to a password;
  
  a generating mechanism configured to generate one or more challenges based on the identified user information;
  
  a receiving mechanism configured to receive the user'"'"'s response to the challenges;
  
  a comparing mechanism configured to compare the user'"'"'s response to the extracted user information; and
  
  an authenticating mechanism configured to authenticate the user.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
- - 18. The computer system of claim 17, wherein the user is authenticated without inputting a password.
  - 19. The computer system of claim 17, further comprising an identifying mechanism configured to identify a risk indication.
  - 20. The computer system of claim 17, further comprising a password resetting mechanism configured to subsequently reset a password of the authenticated user.
  - 21. The computer system of claim 17, wherein the user-specific information includes one or more of:
    - the user'"'"'s calendar entry;
      
      the user'"'"'s file usage history;
      
      the user'"'"'s email;
      
      the user'"'"'s contact list; and
      
      the user'"'"'s past activity.
  - 22. The computer system of claim 17, further comprising a presenting system configured to present the challenges to the user using a web-based application.
  - 23. The computer system of claim 17, wherein the user response is generated by human.
  - 24. The computer system of claim 17, wherein the user response is generated by a proxy for the user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Xerox Corporation (Xerox Holdings Corp.)
Original Assignee
Palo Alto Research Center, Inc. (Xerox Holdings Corp.)
Inventors
Staddon, Jessica N., Jakobsson, Bjorn Markus, Chow, Richard, Golle, Philippe J.P.

Granted Patent

US 8,881,266 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/18
CPC Class Codes

G06F 16/00   Information retrieval; Data...

G06F 21/31   User authentication

G06F 21/46   by designing passwords or c...

G06F 7/02   Comparing digital values G0...

H04L 63/083   using passwords cryptograph...

H04L 63/0846   using time-dependent-passwo...

ENTERPRISE PASSWORD RESET

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

116 Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

ENTERPRISE PASSWORD RESET

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

116 Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links