Two-factor graphical password for text password and encryption key generation
First Claim
1. A device for providing access to a restricted resource, the device comprising:
- storage means for storing at least one user selected imageprocessor means for deriving at least one access provision means from a plurality of user selected inputs based on said at least one user selected image, said access provision means being for provision to an access restriction system, said access restriction system providing access to said restricted resource when a correct access provision means is provided to said access restriction systemwherein said access restriction system receives said access provision means through an application interface means for interfacing between said device to said access restriction system.
2 Assignments
0 Petitions
Accused Products
Abstract
This invention details systems, methods, and devices for providing a two-factor graphical password system to a user so that the user may obtain access to a restricted resource. A first previously selected image (previously selected by the user) is presented to the user to enter his password by sequentially selecting predetermined areas on the first image. The user'"'"'s input is used to create an encryption/decryption key which is used for communicating between a user application and a device. If the user has entered the correct password, then the device can communicate with the user application. Once the device can communicate with the user application, a second previously selected image (previously selected by the user) is presented to the user from the device. The user enters his second password and the user'"'"'s input is sent to the device. The device then creates the user'"'"'s alphanumeric password or another encryption key from the user'"'"'s input and sends this to the user application. The user application then transmits the password or key to the system which restricts access to the restricted resource.
-
Citations
20 Claims
-
1. A device for providing access to a restricted resource, the device comprising:
-
storage means for storing at least one user selected image processor means for deriving at least one access provision means from a plurality of user selected inputs based on said at least one user selected image, said access provision means being for provision to an access restriction system, said access restriction system providing access to said restricted resource when a correct access provision means is provided to said access restriction system wherein said access restriction system receives said access provision means through an application interface means for interfacing between said device to said access restriction system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. An access provision system for providing an access provision means to an access restriction system, said access restriction system being for controlling access to a restricted resource, the access provision system comprising:
-
a storage means for storing at least two user selected images and a stored key an initial image provision means for providing to a user application an initial image from said at least two user selected images a decryption means for decrypting incoming data transmissions from said user application using said stored key, said incoming data transmissions being encrypted using a key derived from first user input based on said initial user selected image encryption means for encrypting outgoing data transmissions for transmittal to said user application, said outgoing data transmissions being encrypted using said stored key subsequent image provision means for providing to said user application at least one subsequent image from said at least two user selected images derivation means for deriving said access provision means from subsequent user input received from said user application, said subsequent user input being based on said at least one subsequent image coupling means for coupling said access provision means to said access restriction system through said user application. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A method for providing an access provision means to an access restriction system, the method comprising:
-
a) receiving a request for at least one initial user selected image from a user application b) transmitting said at least one initial user selected image to said user application c) receiving at least one encrypted communication from said user application, said at least one encrypted communication being encrypted using an encryption key derived from user input based on said at least one initial user selected image d) decrypting said at least one encrypted communication from said user application using a stored encryption key and determining if said at least one encrypted communication is properly encrypted e) in the event said at least one encrypted communication is not properly encrypted, preventing access by said user application to at least one subsequent user selected image f) in the event said at least one encrypted communication is properly encrypted, encrypting subsequent transmissions to said user application using said stored transmission key decrypting subsequent transmissions from said user application using said stored encryption key, and receiving a request from said user application for said at least one subsequent user selected image g) transmitting said at least one subsequent user selected image to said user application h) receiving user input from said user application, said user input being based on said at least one subsequent user selected image. i) deriving said access provision means from said user input j) transmitting said access provision means to said user application.
-
Specification