PASSWORD MANAGEMENT AND VERIFICATION WITH A BLOCKCHAIN

US 20190036696A1
Filed: 07/27/2017
Published: 01/31/2019
Est. Priority Date: 07/27/2017
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

determining whether one or more password strings are related to a password, wherein the password strings are transmitted from a user device;

hashing the one or more password strings to create one or more password hash values;

determining whether the one or more password hash values match any internal password hash values of an internal password history chain stored in an internal blockchain;

determining whether the one or more password hash values match any external password hash values of an external password history chain stored in an external blockchain; and

responsive to determining the one or more password hash values do not match any internal password hash value and any external password hash values, storing a new password in one or more of the internal blockchain and the external blockchain.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An example operation may include one or more of determining whether one or more password strings are related to a password, the password strings are transmitted from a user device, hashing the one or more password strings to create one or more password hash values, determining whether the one or more password hash values match any internal password hash values of an internal password history chain stored in an internal blockchain, determining whether the one or more password hash values match any external password hash values of an external password history chain stored in an external blockchain, and responsive to determining the one or more password hash values do not match any internal password hash value and any external password hash values, storing a new password in one or more of the internal blockchain and the external blockchain.

Citations

20 Claims

1. A method, comprising:
- determining whether one or more password strings are related to a password, wherein the password strings are transmitted from a user device;
  
  hashing the one or more password strings to create one or more password hash values;
  
  determining whether the one or more password hash values match any internal password hash values of an internal password history chain stored in an internal blockchain;
  
  determining whether the one or more password hash values match any external password hash values of an external password history chain stored in an external blockchain; and
  
  responsive to determining the one or more password hash values do not match any internal password hash value and any external password hash values, storing a new password in one or more of the internal blockchain and the external blockchain.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the one or more password hash values are created using a hash value function that was used to create the password.
  - 3. The method of claim 1, further comprising:
    - identifying an account associated with one or more password strings; and
      
      retrieving the internal password hash values from the password history chain of the internal blockchain based on the account.
  - 4. The method of claim 1, further comprising:
    - identifying all managed passwords stored in the internal blockchain; and
      
      transmitting a warning message to the user device when the one or more password hash values match a previously stored password hash value stored in one or more of the internal blockchain and the external blockchain.
  - 5. The method of claim 1, further comprising:
    - monitoring for the password sent from the user device, wherein the monitoring comprises monitoring for a plurality of passwords associated with a plurality of accounts associated with the user device.
  - 6. The method of claim 1, further comprising:
    - monitoring a password application programming interface (API) for one or more password values.
  - 7. The method of claim 1, further comprising:
    - storing a new block comprising the one or more password hash values in the internal blockchain.

8. An apparatus, comprising:
- a processor configured to;
  
  determine whether one or more password strings are related to a password, wherein the password strings are transmitted from a user device;
  
  hash the one or more password strings to create one or more password hash values;
  
  determine whether the one or more password hash values match any internal password hash values of an internal password history chain stored in an internal blockchain;
  
  determine whether the one or more password hash values match any external password hash values of an external password history chain stored in an external blockchain; and
  
  responsive to determining the one or more password hash values do not match any internal password hash value and any external password hash values, store a new password in one or more of the internal blockchain and the external blockchain.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The apparatus of claim 8, wherein the one or more password hash values are created using a hash value function that was used to create the password.
  - 10. The apparatus of claim 8, wherein the processor is further configured to:
    - identify an account associated with one or more password strings; and
      
      retrieve the internal password hash values from the password history chain of the internal blockchain based on the account.
  - 11. The apparatus of claim 8, wherein the processor is further configured to:
    - identify all managed passwords stored in the internal blockchain; and
      
      wherein the apparatus further comprises a transmitter configured to transmit a warning message to the user device when the one or more password hash values match a previously stored password hash value stored in one or more of the internal blockchain and the external blockchain.
  - 12. The apparatus of claim 8, wherein the processor is further configured to:
    - monitor for the password sent from the user device, and monitor for a plurality of passwords associated with a plurality of accounts associated with the user device.
  - 13. The apparatus of claim 8, wherein the processor is further configured to:
    - monitor a password application programming interface (API) for one or more password values.
  - 14. The apparatus of claim 8, wherein the processor is further configured to:
    - store a new block comprising the one or more password hash values in the internal blockchain.

15. A non-transitory computer readable storage medium configured to store instructions that when executed cause a processor to perform:
- determining whether one or more password strings are related to a password, wherein the password strings are transmitted from a user device;
  
  hashing the one or more password strings to create one or more password hash values;
  
  determining whether the one or more password hash values match any internal password hash values of an internal password history chain stored in an internal blockchain;
  
  determining whether the one or more password hash values match any external password hash values of an external password history chain stored in an external blockchain, andresponsive to determining the one or more password hash values do not match any internal password hash value and any external password hash values, storing a new password in one or more of the internal blockchain and the external blockchain.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The non-transitory computer readable storage medium of claim 15, wherein the one or more password hash values are created using a hash value function that was used to create the password.
  - 17. The non-transitory computer readable storage medium of claim 15, wherein the processor is further configured to perform:
    - identifying an account associated with one or more password strings; and
      
      retrieving the internal password hash values from the password history chain of the internal blockchain based on the account.
  - 18. The non-transitory computer readable storage medium of claim 15, wherein the processor is further configured to perform:
    - identifying all managed passwords stored in the internal blockchain; and
      
      transmitting a warning message to the user device when the one or more password hash values match a previously stored password hash value stored in one or more of the internal blockchain and the external blockchain.
  - 19. The non-transitory computer readable storage medium of claim 15, wherein the processor is further configured to perform:
    - monitoring for the password sent from the user device, wherein the monitoring comprises monitoring for a plurality of passwords associated with a plurality of accounts associated with the user device.
  - 20. The non-transitory computer readable storage medium of claim 15, wherein the processor is further configured to perform:
    - monitoring a password application programming interface (API) for one or more password values; and
      
      storing a new block comprising the one or more password hash values in the internal blockchain.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Workday Incorporated
Original Assignee
International Business Machines Corporation
Inventors
Anglin, Debbie, Anglin, Howard, Liu, Su, Liu, Yu

Granted Patent

US 10,594,487 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 9/54   Interprogram communication

H04L 9/3226   using a predetermined code,...

H04L 9/3236   using cryptographic hash fu...

H04L 9/3242   involving keyed hash functi...

H04L 9/50   using hash chains, e.g. blo...

PASSWORD MANAGEMENT AND VERIFICATION WITH A BLOCKCHAIN

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

PASSWORD MANAGEMENT AND VERIFICATION WITH A BLOCKCHAIN

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links