Method and system for authentication over a distributed service to limit password compromise
First Claim
Patent Images
1. A method of controlling access to a distributed service to one user at any one time with a same password, comprising the steps of:
- allowing a user initial access to the distributed service with a user identification, a password and an additional initial random factor created by said user for a unique record registration in a user record;
creating a user record containing the user identification, the password and the initial random factor;
receiving a subsequent request to access the distributed service utilizing the user identification, the password and a subsequent random factor;
accessing the user record corresponding to the user identification of the subsequent request; and
restricting use of the distributed service to said user during a subsequent request to access the distributed service with said user identification based on the accessed user identification, the password and said initial random factor contained in the user record.
2 Assignments
0 Petitions
Accused Products
Abstract
No more than one user at any one time is allowed to access a distributed service for each User ID and password. A user is allowed initial access to the distributed service with a password. The use of the distributed service is then restricted to the user upon entering the password plus a random factor created by the user. A user record is created as a unique recorded registration.
108 Citations
27 Claims
-
1. A method of controlling access to a distributed service to one user at any one time with a same password, comprising the steps of:
-
allowing a user initial access to the distributed service with a user identification, a password and an additional initial random factor created by said user for a unique record registration in a user record; creating a user record containing the user identification, the password and the initial random factor; receiving a subsequent request to access the distributed service utilizing the user identification, the password and a subsequent random factor; accessing the user record corresponding to the user identification of the subsequent request; and restricting use of the distributed service to said user during a subsequent request to access the distributed service with said user identification based on the accessed user identification, the password and said initial random factor contained in the user record. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system for controlling access to a distributed service to one user at any one time with a same password, comprising:
-
means for allowing a user initial access to the distributed service with a user identification, a password and an additional initial random factor created by said user for a unique record registration in a user record; means for creating a user record containing the user identification, the password and the initial random factor; means for receiving a subsequent request to access the distributed service utilizing the user identification, the password and a subsequent random factor; means for accessing the user record corresponding to the user identification of the subsequent request; and means for restricting use of the distributed service to said user during a subsequent request to access the distributed service with said user identification based on the accessed user identification, the password and said initial random factor contained in the user record. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A computer program product recorded on computer readable medium for controlling access to a distributed service to one user at any one time with a same password, comprising:
-
computer readable means for allowing a user initial access to the distributed service with a user identification a password and an additional initial random factor created by said user for a unique record registration in a user record; computer readable means for creating a user record containing the user identification, the password and the initial random factor; computer readable means for receiving a subsequent request to access the distributed service utilizing the user identification, the password and a subsequent random factor; computer readable means for accessing the user record corresponding to the user identification of the subsequent request; and computer readable means for restricting use of the distributed service to said user during a subsequent request to access the distributed service with said user identification based on the accessed user identification, the password and said initial random factor contained in the user record. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27)
-
Specification