CONDITIONAL SUPPLEMENTAL PASSWORD

US 20100146602A1
Filed: 12/10/2008
Published: 06/10/2010
Est. Priority Date: 12/10/2008
Status: Active Grant

First Claim

Patent Images

1. A method of password protecting access control, the method comprising the following steps:

(a) assigning a primary password to a user, with the primary password, when activated, being usable to gain access comprising access to at least a first access controlled module;

(b) subsequent to and/or contemporaneous with step (a), activating the primary password;

(c) prior to, subsequent to and/or contemporaneous with step (a), assigning to the user a secondary password, with the secondary password, when activated, being usable to gain access comprising access to at least the first access controlled module;

(d) subsequent to and/or contemporaneous with step (c), deactivating the secondary password;

(e) subsequent to steps (a), (b), (c) and (d), performing pre-expiration deactivation of the primary password; and

(f) subsequent to and/or contemporaneous with step (e), activating the secondary password.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A password protected machine where a primary alternative password and a secondary alternative password are assigned, but the secondary alternative password cannot be used to gain access unless and until the primary alternative password has been deactivated. Also, a password protected machine where a user is assigned at least two alternative passwords, and where the use of one alternative password will automatically deactivate the other password. Preferably, there is a primary password and a secondary password such that: (i) the use of the primary password does not deactivate the secondary password, but (ii) the use of the secondary password does deactivate the primary password.

25 Citations

View as Search Results

20 Claims

1. A method of password protecting access control, the method comprising the following steps:
- (a) assigning a primary password to a user, with the primary password, when activated, being usable to gain access comprising access to at least a first access controlled module;
  
  (b) subsequent to and/or contemporaneous with step (a), activating the primary password;
  
  (c) prior to, subsequent to and/or contemporaneous with step (a), assigning to the user a secondary password, with the secondary password, when activated, being usable to gain access comprising access to at least the first access controlled module;
  
  (d) subsequent to and/or contemporaneous with step (c), deactivating the secondary password;
  
  (e) subsequent to steps (a), (b), (c) and (d), performing pre-expiration deactivation of the primary password; and
  
  (f) subsequent to and/or contemporaneous with step (e), activating the secondary password.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1 wherein the pre-expiration deactivation performed at step (e) is due to suspension of the primary password.
  - 3. The method of claim 1 further comprising the step of:
    - subsequent to step (f), deactivating the secondary password upon at least one of the following conditions;
      
      (i) predetermined number of log on'"'"'s using the secondary password; and
      
      /or (ii) passage of a predetermined amount of time since the occurrence of step (f).
  - 4. The method of claim 1 further comprising the step of:
    - subsequent to step (f), changing/resetting, by the user, of the primary password.

5. A password protected machine comprising:
- a user input module structured and/or programmed to allow entry of passwords by a user;
  
  an access controlled module structured and/or programmed to be accessed by the user only upon receipt of an assigned and activated password from the user;
  
  a password database structured and/or programmed to store a plurality of passwords associated with the user and respective activation status of the plurality of passwords;
  
  a password control module structured and/or programmed to;
  
  (i) assign and store a primary password for the user in the password database, (ii) assign and store a secondary password for the user in the password database, (iii) on an ongoing basis, set the activation status of the primary password, and (iv) on an ongoing basis, set the activation status of the secondary password; and
  
  an access control module structured and/or programmed to control the password control module to activate the secondary password in response to pre-expiration deactivation of the primary password.
- View Dependent Claims (6, 7, 8)
- - 6. The machine of claim 5 wherein the access control module is further structured and/or programmed to deactivate the secondary password after a predetermined amount of time after its activation in response to deactivation of the primary password.
  - 7. The machine of claim 5 wherein the access controlled module is further structured and/or programmed to deactivate the secondary password after a predetermined number of log on'"'"'s using the secondary password.
  - 8. The machine of claim 5 wherein the access control module is further structured and/or programmed to notify a system administrator at least a first time the secondary password is used to log on subsequent to its activation in response to deactivation of the primary password.

9. A machine readable medium for use with a password protected machine that includes a user input module structured and/or programmed to allow entry of passwords by a user, an access controlled module structured and/or programmed to be accessed by the user only upon receipt of an assigned and activated password from the user, and a password database structured and/or programmed to store a plurality of passwords associated with the user and respective activation status of the plurality of passwords, the machine readable medium being programmed with the following code:
- password control software programmed to;
  
  (i) assign and store a primary password for the user in the password database, (ii) assign and store a secondary password for the user in the password database, (iii) on an ongoing basis, set the activation status of the primary password, and (iv) on an ongoing basis, set the activation status of the secondary password; and
  
  access control software programmed to control the password control software to activate the secondary password in response to pre-expiration deactivation of the primary password.
- View Dependent Claims (10, 11, 12)
- - 10. The medium of claim 9 wherein the access control software is further to deactivate the secondary password after a predetermined amount of time after its activation in response to deactivation of the primary password.
  - 11. The medium of claim 9 wherein the access control software is further programmed to deactivate the secondary password after a predetermined number of log on'"'"'s using the secondary password.
  - 12. The medium of claim 9 further comprising at least a portion of the password database.

13. A method of password protecting access control, the method comprising the following steps:
- (a) assigning a primary alternative password to a user, with the primary password, when activated, being usable to gain access comprising access to at least a first access controlled module;
  
  (b) prior to, subsequent to and/or contemporaneous with step (a), assigning to the user a secondary alternative password, with the secondary alternative password, when activated, being usable to gain access comprising access to at least the first access controlled module;
  
  (c) subsequent to and/or contemporaneous with steps (a) and (b), receiving an entered password from the user;
  
  (d) subsequent to step (c), determining that the entered password sufficiently matches the secondary alternative password; and
  
  (e) subsequent to step (d), deactivating the primary alternative password in response to a determination that the secondary alternative password has been received at step (d).
- View Dependent Claims (14, 15, 16)
- - 14. The method of claim 13 further comprising the step of:
    - (f) subsequent to step (d), allowing the user to gain access to the first access controlled module in response to a determination that the secondary alternative password has been received at step (d).
  - 15. The method according to claim 13 further comprising the steps of:
    - (g) subsequent to step (c) and prior to step (d), determining that the entered password sufficiently matches the primary alternative password; and
      
      (h) subsequent to step (g) and prior to step (d), allowing the user to gain access to the first access controlled module in response to a determination that the secondary alternative password has been received at step (g) without deactivating the secondary alternative password.
  - 16. The method of claim 13 further comprising the step of:
    - (f) subsequent to step (d), reassigning the secondary alternative password to be the primary alternative password in response to a determination that the secondary alternative password has been received at step (d).

17. A password protected machine comprising:
- a user input module structured and/or programmed to allow entry of passwords by a user;
  
  an access controlled module structured and/or programmed to be accessed by the user only upon receipt of an assigned and activated password from the user;
  
  a password database structured and/or programmed to store a plurality of passwords associated with the user and respective activation status of the plurality of passwords;
  
  a password control module structured and/or programmed to;
  
  (i) assign and store a primary alternative password for the user in the password database, (ii) assign and store a secondary alternative password for the user in the password database, (iii) on an ongoing basis, set the activation status of the primary alternative password, and (iv) on an ongoing basis, set the activation status of the secondary alternative password; and
  
  an access control module structured and/or programmed to;
  
  (i) allow a user to access the access controlled module when the primary alternative password is received through the user input module and has activated status;
  
  (ii) allow a user to access the access controlled module when the secondary alternative password is received through the user input module and has activated status; and
  
  (iii) deactivate the primary password when the secondary alternative password is received through the user input module and has activated status.
- View Dependent Claims (18, 19, 20)
- - 18. The machine of claim 17 wherein:
    - the primary alternative password is alphanumeric; and
      
      the secondary alternative password is alphanumeric.
  - 19. The machine of claim 17 further comprising a communication network structured, connected and/or programmed to allow communication of passwords from the user input module to the access control module.
  - 20. The machine of claim 17 wherein the access control module is further structured and/or programmed to control the password control module to reassign the secondary alternative password to be the primary alternative password in the password database in response to a determination that the secondary alternative password has been received through the user input module.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Kelley, Edward E., Motika, Franco, Delia, Wayne M.

Granted Patent

US 8,291,470 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/6
CPC Class Codes

G06F 21/31 User authentication

CONDITIONAL SUPPLEMENTAL PASSWORD

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

25 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

CONDITIONAL SUPPLEMENTAL PASSWORD

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

25 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links