UPDATING STORED PASSWORDS
First Claim
1. A client device comprising:
- a processor and a memory associated with the processor;
an input/output device;
a processor communicatively coupled to the input/output device;
a memory storing executable instructions that, when executed by the processor,instantiate an authentication client module and a re-authentication client module,the authentication client module configured to;
generate a plain-text password;
generate a first hash based on the plain-text password, the first hash is generated according to a first hash generating scheme;
request, via the input/output device, access to a network comprising a network access device according to an authentication protocol;
send, via the input/output device, the first hash to the network access device;
modify the first hash generating scheme; and
generate a second hash based on the plain-text password according to a second hash generating scheme; and
the re-authentication client module configured to;
in response to a policy server operating on the network failing to authenticate the client device, establish, via the input/output device, a secure HTTP connection between the client device and the policy server; and
transmit, via the input/output device, the plain-text password from the client device to the policy server over the secure HTTP connection.
10 Assignments
0 Petitions
Accused Products
Abstract
A device may include an authentication server and a server. The authentication server may receive a first form of a password from a client device in accordance with an authentication protocol, and authenticate the client device based on a comparison of the first form to a value derived from a second form of the password stored in a password database, where the comparison fails when the first form is not comparable to a value derived from the second form. The server may establish a secure connection to the client, receive a plain-text password from the client device over the secure connection, authenticate the client device by comparing a value derived from the plain-text password with a value derived from the second form, and update the password database with a third form of the password that permits the authentication server to successfully authenticate the client device when the authentication server receives the first form.
20 Citations
20 Claims
-
1. A client device comprising:
-
a processor and a memory associated with the processor; an input/output device; a processor communicatively coupled to the input/output device; a memory storing executable instructions that, when executed by the processor, instantiate an authentication client module and a re-authentication client module, the authentication client module configured to; generate a plain-text password; generate a first hash based on the plain-text password, the first hash is generated according to a first hash generating scheme; request, via the input/output device, access to a network comprising a network access device according to an authentication protocol; send, via the input/output device, the first hash to the network access device; modify the first hash generating scheme; and generate a second hash based on the plain-text password according to a second hash generating scheme; and the re-authentication client module configured to; in response to a policy server operating on the network failing to authenticate the client device, establish, via the input/output device, a secure HTTP connection between the client device and the policy server; and transmit, via the input/output device, the plain-text password from the client device to the policy server over the secure HTTP connection. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method comprising:
-
generating, by an authentication client module of a client device comprising at least one hardware processor, a plain-text password; generating, by the authentication client module, a first hash based on the plain-text password according to a first hash generating scheme; requesting, via an input/output device of the client device, access to a network comprising a network access device according to an authentication protocol; sending, via the input/output device, the first hash to the network access device; modifying, by the authentication client module, the first hash generating scheme; generating, by the authentication client module, a second hash based on the plain-text password according to a second hash generating scheme; establishing, by a re-authentication client module of the client device, a secure HTTP connection between the client device and a policy server operating on the network in response to the policy server failing to authenticate the client device; and transmitting, by the re-authentication client module via the input/output device, the plain-text password from the client device to the policy server over the secure HTTP connection. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification