Challenge/response security architecture with fuzzy recognition of long passwords
First Claim
Patent Images
1. A security method for controlling user access to a complex electronic system, comprising the actions of:
- (a.) when a user requests access, prompting the user with a customized challenge string which is specific to that user, and waiting for the user to input a user password;
(b.) checking said user password for similarity to a pre-defined response string which includes more than 20 alphanumeric characters; and
(c.) allowing access to said system if said user password is substantially similar to said pre-defined password, even if said user password is not identical to said pre-defined password.
3 Assignments
0 Petitions
Accused Products
Abstract
A password-phrasing security mechanism utilizing personalized challenge phrasing to prompt the user into remembering a pre-defined personalized coded phrase to gain access to a secured system.
-
Citations
48 Claims
-
1. A security method for controlling user access to a complex electronic system, comprising the actions of:
-
(a.) when a user requests access, prompting the user with a customized challenge string which is specific to that user, and waiting for the user to input a user password; (b.) checking said user password for similarity to a pre-defined response string which includes more than 20 alphanumeric characters; and (c.) allowing access to said system if said user password is substantially similar to said pre-defined password, even if said user password is not identical to said pre-defined password. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A security method for controlling user access to a computer system, comprising the actions of:
-
(a.) when said system is powered up, automatically executing a start-up procedure stored in a non-volatile memory; (b.) during execution of said start-up procedure, prompting a user with a customized challenge phrase which is specific to that user, and waiting for the user to input a user password; (c.) checking said user password for similarity to a pre-defined password which includes more than 20 alphanumeric characters; and (d.) allowing access to said system if said user password is substantially similar to said pre-defined password, even if said user password is not identical to said pre-defined password. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A method for starting up a computer system, comprising the actions of:
-
(a.) when said system is powered up, automatically executing a start-up procedure stored in a non-volatile memory; (b.) during execution of said start-up procedure, waiting for a user identification, and accordingly displaying a customized challenge phrase, which is specific to that user, on a video display with and waiting for the user to input a user password; (c.) checking said user password for similarity to a pre-defined password which includes more than 30 alphanumeric characters; (d.) continuing the start-up procedure if said user password is substantially similar to said pre-defined password, even if said user password is not identical to said pre-defined password; and (e.) otherwise halting the start-up procedure. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
-
-
25. A computer system, comprising:
-
memory, and a microprocessor operatively connected to read and write said memory; one or more non-volatile memories storing a start-up procedure, at least one stored user-specific challenge string, and at least one stored user-specific response string which includes more than 20 alphanumeric characters; wherein, when a user attempts to log in, said start-up procedure presents said challenge string, and checks a user response string against said stored response string, and permits access to the computer if the user response substantially matches said stored response string, even if the user response is not identical to said stored response string; and a graphics controller connected to said microprocessor; and a video display connected to said graphics controller. - View Dependent Claims (26, 27, 28, 29, 30, 31, 32)
-
-
33. A computer system, comprising:
-
memory, and a microprocessor operatively connected to read and write said memory; a graphics controller connected to said microprocessor; a video display connected to said graphics controller; a user input device connected to said microprocessor; wherein, when a user requests access, said microprocessor prompts the user with a customized challenge string which is specific to that user, waits for the user to input a user password, checks said user password for similarity to a pre-defined response string which includes more than 20 alphanumeric characters, and allows access to said system if said user password is substantially similar to said pre-defined response string, even if said user password is not identical to said pre-defined response string. - View Dependent Claims (34, 35, 36, 37, 38, 39, 40)
-
-
41. A computer system, comprising:
-
memory, and a microprocessor operatively connected to read and write said memory; a graphics controller connected to said microprocessor; a video display connected to said graphics controller; one or more non-volatile memories storing a start-up procedure, at least one stored user-specific challenge string, and at least one stored user-specific response string which includes more than 20 alphanumeric characters; wherein, when a user submits identification, said microprocessor displays a customized challenge string, which is specific to that user, on said video display, waits for the user to input a user password, checks said user password for similarity to a pre-defined response string which includes more than 20 alphanumeric characters, and continues said start-up procedure if said user password is substantially similar to said pre-defined password, even if said user password is not identical to said pre-defined password, and otherwise halts the start-up procedure. - View Dependent Claims (42, 43, 44, 45, 46, 47, 48)
-
Specification