SECURING PASSWORDS WITH HASH VALUE
First Claim
1. A method comprising:
- receiving, by a server computer system, a client hash value from a client, the client hash value computed by hashing a password to generate a first hash value, and hashing the first hash value combined with a user input of an answer to a challenge to generate the client hash value;
computing, by the server computer system, a server hash value using password data for the user that is stored in a data store coupled to the server and a server-side answer that is stored in the data store;
determining, by the server computer system, whether the server hash value matches the client hash value; and
granting, by the server computer system, data access to the user in view of a determination that the server hash value matches the client hash value and denying data access to the user in view of a determination that the server hash value does not match the client hash value.
1 Assignment
0 Petitions
Accused Products
Abstract
A password security system, hosted by a server, whose method of operation may include receiving a client hash value from a client where the client hash value is computed by hashing a password to generate a first hash value, and hashing the first hash value combined with a user input of an answer to a challenge to generate the client hash value. A server hash value is computed using password data for the user that is stored in a data store coupled to the server and a server-side answer that is stored in the data store. A determination is made whether the server hash value matches the client hash value and data access is granted to the user in view of a determination that the server hash value matches the client hash value, and data access is denied to the user in view of a determination that the server hash value does not match the client hash value.
19 Citations
11 Claims
-
1. A method comprising:
-
receiving, by a server computer system, a client hash value from a client, the client hash value computed by hashing a password to generate a first hash value, and hashing the first hash value combined with a user input of an answer to a challenge to generate the client hash value; computing, by the server computer system, a server hash value using password data for the user that is stored in a data store coupled to the server and a server-side answer that is stored in the data store; determining, by the server computer system, whether the server hash value matches the client hash value; and granting, by the server computer system, data access to the user in view of a determination that the server hash value matches the client hash value and denying data access to the user in view of a determination that the server hash value does not match the client hash value. - View Dependent Claims (2, 3, 4)
-
-
5. A server computer system comprising:
-
a data store to store password data for a user and a server-side answer; and a processing device coupled to the data store, the processing device to; receive a client hash value from a client, the client hash value computed by hashing a password to generate a first hash value, and hashing the first hash value combined with a user input of an answer to a challenge to generate the client hash value; compute a server hash value using the password data and the server-side answer; determine whether the server hash value matches the client hash value; and grant data access to the client in view of a determination that the server hash value matches the client hash value and denying data access to the client in view of a determination that the server hash value does not match the client hash value - View Dependent Claims (6, 7, 8)
-
-
9. A non-transitory computer-readable storage medium including instructions that, when executed by a processing device, cause the processing device to perform operations comprising:
-
receiving, by the processing device, a client hash value from a client, the client hash value computed by hashing a password to generate a first hash value, and hashing the first hash value combined with a user input of an answer to a challenge to generate the client hash value; computing, by the processing device, a server hash value using password data for the user that is stored in a data store coupled to the server and a server-side answer that is stored in the data store; determining, by the processing device, whether the server hash value matches the client hash value; and granting, by the processing device, data access to the user in view of a determination that the server hash value matches the client hash value and denying data access to the user in view of a determination that the server hash value does not match the client hash value. - View Dependent Claims (10, 11)
-
Specification