Method And System For Storing And Using A Plurality Of Passwords

US 20110047606A1
Filed: 09/17/2008
Published: 02/24/2011
Est. Priority Date: 09/17/2007
Status: Abandoned Application

First Claim

Patent Images

1. A method for authenticating an identity of a user, the method comprising:

initiating a webpage browser session at a user device;

prompting, the user to provide an at identifier and an authentication element via the user input device;

receiving the account identifier and the authentication element from the user input device;

authenticating the identity of the user based upon the account identifier and the authentication element received from the user input device and allowing the user access a secure database comprising a plurality of stored website account identifiers and stored website authentication elements;

the user device connecting to and displaying a website, the website comprising a prompt to authenticate a website identity of the user to the website; and

automatically retrieving and transmitting the stored webs to user account identifier and stored website authentication element from the secure database for the specific website displayed.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for managing a plurality of a user'"'"'s authentication elements. In a preferred embodiment a user initiates a webpage browser session at a user website access device and activates a password manager program. The user'"'"'s identity is authenticated to an authentication server and allowed to access a secure database comprising a plurality of website authentication elements. Thereafter, the user accesses a first secure website and the program determines the presence of a user authentication data field. When a user authentication data field is present the program instructs the authentication server to automatically transmit at least one of the authentication elements specific to the authentication data field of the first secure website to authenticate the user to the first website.

110 Citations

27 Claims

1. A method for authenticating an identity of a user, the method comprising:
- initiating a webpage browser session at a user device;
  
  prompting, the user to provide an at identifier and an authentication element via the user input device;
  
  receiving the account identifier and the authentication element from the user input device;
  
  authenticating the identity of the user based upon the account identifier and the authentication element received from the user input device and allowing the user access a secure database comprising a plurality of stored website account identifiers and stored website authentication elements;
  
  the user device connecting to and displaying a website, the website comprising a prompt to authenticate a website identity of the user to the website; and
  
  automatically retrieving and transmitting the stored webs to user account identifier and stored website authentication element from the secure database for the specific website displayed.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1 wherein the account identifier comprises a user identification name.
  - 3. The method of claim 1 wherein authenticating the user comprises:
    - receiving the account identifier;
      
      displaying randomly generated grid of randomly selected images, each image having at least one randomly generated unique authentication element comprising an image identifier associated therewith;
      
      wherein at least one of the images is from a pre-selected category corresponding to the account identifier;
      
      receiving at least one randomly generated unique image identifier associated with the image from the pre-selected image category; and
      
      authenticating identity based upon the received unique image identifier associated with the randomly selected image from the pre-selected category.
  - 4. The method of claim 1 wherein the user device comprises at least one of a personal computer, cellular telephone, a personal digital assistant or a Internet enabled game console.
  - 5. The method of claim 1 further comprising:
    - displaying a second website comprising a prompt to authenticate a second website identity of the user to the website;
      
      automatically retrieving and transmitting, to the second website, a stored user account identifier and a stored second website authentication element both specific to the user and the second website from the secure database for authentication of the user by the second website.
  - 6. The method of claim 5 wherein the stored account identifier and stored website authentication element comprise OpenID authentication credentials.
  - 7. The method of claim 1 wherein the secure database is stored at the user device.
  - 8. The method of claim 1 wherein the secure database is stored at an electronic storage device remote from the user device.
  - 9. The method of claim 1 wherein the secure database comprises an online component and an offline component, wherein the offline component is stored at the user device and the online component is stored at an electronic storage device for access from a plurality of user devices via a network connection.
  - 10. The method of claim 1 wherein displaying the website further comprises displaying an authentication notification icon, proximate to the prompt to authenticate the website identity, wherein the authentication notification icon communicates automatic retrieval and transmission of the stored website user account identifier and stored website authentication element further comprising displaying an authentication.
  - 11. The method of claim 1 further comprising displaying an authentication notification icon proximate to the prompt to authenticate the website identity subsequent to authenticating the identity of the user and allowing access the secure database.

12. A system for authorizing a user to a website, the system comprising:
- a memory unit for storing a plurality of website account identifiers and a plurality of website authentication elements for a single user, wherein each of the plurality of secure website account identifiers are associated with only one of the plurality of the website authentication elements;
  
  a means for controlling access to the memory unit based upon authentication of an identity of the user to the memory unit; and
  
  website access device comprising a means for accessing the memory unit and a communications link between the memory unit and the website;
  
  wherein the memory unit is adapted to automatically select a website account identifier and website authentication element specific to the website and transmit the website account identifier and website authentication element to the secure website to authenticate the identity of the user to the secure website.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 13. The system of claim 12 wherein the memory unit comprises a secure file stored on a electronic file storage device at the website access device.
  - 14. The system of claim 12 wherein the memory unit comprises a secure file stored on a electronic file storage device at a third-party computer system in communication with the website and the website access device.
  - 15. The system of claim 12 wherein the means for controlling access to the memory unit comprises an authentication server adapted to receive an account identifier and authentication element from the website access device and to authenticate the user upon validation the account identifier and authentication element.
  - 16. The system of claim 15 wherein the authentication server comprises:
    - a processor adapted to generate a grid of randomly selected images for display on the website access device and to assign a different randomly selected authentication element comprising a unique image identifier to each of the randomly selected images for display with the image on the website access device; and
      
      wherein the processor is adapted to receive at least one alphanumeric character from a user input device corresponding to the unique image identifier to authenticate the user.
  - 17. The system of claim 16 wherein the randomly selected images are selected from a plurality of image categories, at least one category comprising an authenticating category, and wherein the user input the image identifier assigned to the randomly selected image from the authenticating category.
  - 18. The system of claim 16 wherein the grid of randomly selected images comprise at least one image from a pre-selected image category.
  - 19. The system of claim 12 wherein the memory unit comprises a portable read/write memory device.
  - 20. The system of claim 12 wherein the website access device is selected from the group comprising a personal computer, a personal digital assistant, a cellular telephone, or a gaming console.
  - 21. The system of claim 12 wherein the memory unit comprises an online component and an offline component, wherein the offline component comprises a secure database of high priority set of website account identifiers and website authentication elements stored at the user device and wherein the online component comprises a secure stored at an electronic storage device for access from a plurality of user devices via an network connection.

22. A computer implemented authentication protocol comprising:
- initiating a webpage browser session at a user website access device;
  
  authenticating a user identity to an authentication server;
  
  accessing a secure database comprising a plurality of website authentication elements;
  
  accessing a first secure website and determining the presence of a user authentication data field; and
  
  the authentication server thereafter automatically transmitting at least one of the plurality of authentication elements specific to the authentication data field of the first secure website to authenticate the user to the first website.
- View Dependent Claims (23, 24, 25, 26, 27)
- - 23. The computer implemented authentication protocol of claim 22 further comprising:
    - accessing a second secure website and determining the presence of a user authentication data field; and
      
      the authentication server thereafter automatically transmitting at least one of the plurality of authentication elements specific to the authentication data field of the second secure website to authenticate the user to the second secure website.
  - 24. The computer implemented authentication protocol of claim 22 wherein the secure database is stored at the user web access device.
  - 25. The computer implemented authentication protocol of claim 22 wherein the secure database is stored by the authentication server.
  - 26. The computer implements authentication protocol of claim 23 further comprising displaying an authentication notification icon proximate to the authentication data fields of the first secure website and the second secure website subsequent to authenticating the user identity to the authentication server.
  - 27. The computer implements authentication protocol of claim 22 further comprising displaying an authentication notification icon proximate to the any authentication data field of any secure website subsequent to authenticating the user identity to the authentication server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Benjamin Stover, Chad Blomquist, Jason Allyn Grlicky, Jim Zhen Luo, Samuel Wayne Alexander, Scott A. Blomquist
Original Assignee
Benjamin Stover, Chad Blomquist, Jason Allyn Grlicky, Jim Zhen Luo, Samuel Wayne Alexander, Scott A. Blomquist
Inventors
Stover, Benjamin, Alexander, Samuel Wayne, Blomquist, Scott A., Luo, Jim Zhen, Grlicky, Jason Allyn, Blomquist, Chad

Application Number

US12/678,585
Publication Number

US 20110047606A1
Time in Patent Office

Days
Field of Search
US Class Current

726/7
CPC Class Codes

G06F 21/41 where a single sign-on prov...

H04L 63/0815 providing single-sign-on or...

Method And System For Storing And Using A Plurality Of Passwords

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

110 Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

Method And System For Storing And Using A Plurality Of Passwords

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

110 Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links