Security system providing lockout for invalid access attempts
First Claim
1. A system for controlling access of a user to a resource comprisingmeans for determining the validity of a user-entered password,means for allowing access to the resource if the password is valid,means for allowing the same user to re-attempt access to said resource after a time interval "t", andmeans for repeatedly increasing the value of "t" as a function of the number of invalid access attempts by the user.
3 Assignments
0 Petitions
Accused Products
Abstract
A security system controlling access to a resource is arranged to operate such that when an attempt to access a resource using a password or PIN fails, the time interval "t" that must elapse before a subsequent attempt at access can be successful, is incremented. By making the increments increasingly large (illustratively, an exponential function of the number "n" of unsuccessful attempts), repeated access attempts by hackers or other unauthorized users is discouraged, because they simply cannot wait the time needed to make a large number of trial and error attempts. On the other hand, valid users, while experiencing a delay prior to access, are nevertheless able to gain access, rather than being completely "lockedout". This approach is a better compromise between access control and denial.
271 Citations
17 Claims
-
1. A system for controlling access of a user to a resource comprising
means for determining the validity of a user-entered password, means for allowing access to the resource if the password is valid, means for allowing the same user to re-attempt access to said resource after a time interval "t", and means for repeatedly increasing the value of "t" as a function of the number of invalid access attempts by the user.
-
3. A system for controlling access to a resource comprising
means responsive to an access request for permitting access to said resource upon entry of a valid password assigned to a user of said system and for denying access to said resource upon entry of an invalid password, and means for applying successive requests to said first means after a variable time interval "t", the value of said time interval being increased as a function of the number of entries of invalid passwords.
-
5. A system for controlling access to a resource comprising
means responsive to an access request for permitting access to said resource upon entry of a valid password assigned to a user of said system and for denying access to said resource upon entry of an invalid password, and means for applying successive requests to said first means after a variable time interval "t", the value of said time interval being increased upon each unsuccessful access attempt, said applying means being arranged to decrement, up to a predetermined minimum, the value of said time interval upon each of "m" successful access attempts.
-
8. Apparatus for permitting access by a user to a resource upon entry of a valid password, including means for storing a list of valid passwords corresponding to each user of said resource,
means for comparing the password presented by a user with the corresponding stored password to determine its validity, means for permitting access upon a positive comparison, means for denying access upon a negative comparison, and means for permitting a repeated attempt at access after a time period "t", wherein the value of "t" is repeatedly increased as a function of the number of unsuccessful access attempts by said user.
-
10. A method for controlling access of a user to a resource comprising the steps of
determining the validity or invalidity of a user entered password allowing access if the password is valid, allowing the same user to re-attempt access to said resource after a time interval "t", and repeatedly increasing the value of "t" as a function of the number of invalid access attempts by the user.
-
12. A method for controlling access to a resource comprising the steps of
responsive to an access request, permitting access to said resource upon entry of a valid password assigned to a person authorized to access said resource and for denying access to said resource upon entry of an invalid password, and applying successive access requests to said first means after a variable time interval, the value of said time interval being repeatedly increased as a function of the number of access requests in which an invalid password is entered.
-
15. A method for permitting access by a user to a resource upon entry of a valid password, including the steps of storing a list of valid passwords corresponding to each user of said resource,
comparing the password presented by a user with the corresponding stored password to determine its validity, permitting access upon a positive comparison, denying access upon a negative comparison, and permitting a repeated attempt at access after a time period "t", wherein the value of "t" is repeatedly increased as a function of the number of unsuccessful access attempts by the user.
Specification