PASSWORD RETRIEVAL SYSTEM AND METHOD INVOLVING TOKEN USAGE WITHOUT PRIOR KNOWLEDGE OF THE PASSWORD
First Claim
1. A method for managing a master password on a network device, the method stored as a set of instructions executable by a computer processor to:
- store the master password in a first file in a memory of the network device;
store the master password in a second file in the memory of the network device;
encrypt access to the first file using a first password;
encrypt access to the second file using a second password;
send the second password and an identifier associated with the network device over a communications network to a registration server, the registration server configured for storing the second password for subsequent retrieval by the network device;
when the first password is unavailable, send a password retrieval request including the identifier;
receive the second password configured as a one-time use password;
decrypt access to the second file to retrieve the master password; and
,initiate a reset process for subsequent storage of the master password in the memory of the network device.
6 Assignments
0 Petitions
Accused Products
Abstract
A method for managing a master password on a network device, the method stored as a set of instructions executable by a computer processor to: store the master password in a first file in a memory of the network device; store the master password in a second file in the memory of the network device; encrypt access to the first file using a first password; encrypt access to the second file using a second password; send the second password and an identifier associated with the network device over a communications network to a registration server, the registration server configured for storing the second password for subsequent retrieval by the network device; when the first password is unavailable, send a password retrieval request including the identifier; receive the second password configured as a one-time use password; decrypt access to the second file to retrieve the master password; and, initiate a reset process for subsequent storage of the master password in the memory of the network device.
16 Citations
22 Claims
-
1. A method for managing a master password on a network device, the method stored as a set of instructions executable by a computer processor to:
-
store the master password in a first file in a memory of the network device; store the master password in a second file in the memory of the network device; encrypt access to the first file using a first password; encrypt access to the second file using a second password; send the second password and an identifier associated with the network device over a communications network to a registration server, the registration server configured for storing the second password for subsequent retrieval by the network device; when the first password is unavailable, send a password retrieval request including the identifier; receive the second password configured as a one-time use password; decrypt access to the second file to retrieve the master password; and
,initiate a reset process for subsequent storage of the master password in the memory of the network device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method of a registration server for coordinating storage of a master password on a network device, the method stored as a set of instructions executable by a computer processor to:
-
implement a password policy for the network device requiring storage of the master password in a first file encrypted by a first password in a memory of the network device and storage of the master password in a second file encrypted by a second password in the memory of the network device; receive over a communications network from the network device the second password and an identifier associated with the network device; store in a memory the second password associated with the identifier for subsequent retrieval by the network device; when the first password is unavailable, receive a password retrieval request including the identifier; send the second password configured as a one-time use password in response to the password retrieval request; and
,initiate a reset process for subsequent storage of the master password in the memory of the network device. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A network device for managing a master password, comprising:
-
a processor coupled to memory and a communications network; and
,one or more modules within the memory and executable by the processor to; store the master password in a first file in the memory of the network device; store the master password in a second file in the memory of the network device; encrypt access to the first file using a first password; encrypt access to the second file using a second password; send the second password and an identifier associated with the network device over the communications network to a registration server, the registration server configured for storing the second password for subsequent retrieval by the network device; when the first password is unavailable, send a password retrieval request including the identifier; receive the second password configured as a one-time use password; decrypt access to the second file to retrieve the master password; and
,initiate a reset process for subsequent storage of the master password in the memory of the network device.
-
-
22. A registration server for coordinating storage of a master password on a network device, comprising:
-
a processor coupled to server memory and a communications network; and
,one or more modules within the server memory and executable by the processor to; implement a password policy for the network device requiring storage of the master password in a first file encrypted by a first password in a memory of the network device and storage of the master password in a second file encrypted by a second password in the memory of the network device; receive over the communications network from the network device the second password and an identifier associated with the network device; store in a memory the second password associated with the identifier for subsequent retrieval by the network device; when the first password is unavailable, receive a password retrieval request including the identifier; send the second password configured as a one-time use password in response to the password retrieval request; and
,initiate a reset process for subsequent storage of the master password in the memory of the network device.
-
Specification