Password helper using a client-side master password which automatically presents the appropriate server-side password in a particular remote server
First Claim
1. In a network including a client system and a group of at least one remote server, a method for authenticating a user operating said client system to said group of remote servers comprising the steps of:
- storing a plurality of entries corresponding to each remote server of said group in a database, each said entry comprising a password of the user registered at the corresponding remote server, said password being encrypted using a master password;
receiving, at said client systems, an authentication request message from a first selected remote server of said group;
inhibiting said client system from displaying an authentication form;
prompting the user for said master password;
searching said database for an entry corresponding to said authentication request message;
decrypting, at said client system, said password registered at said first selected remoter server using the master password as a key; and
sending, responsive to said authentication request message, said password form said client system to said first selected remote server.
0 Assignments
0 Petitions
Accused Products
Abstract
A user operating a client system may access a plurality of remote servers requiring passwords for access by employing a master password. The master password is used to decrypt a stored password for a particular remote server to which the client desires access. The client system maintains a database of encrypted passwords and user IDs for remote servers to which the user is registered. Although each remote server is accessed using a different password, the user need only remember one master password. Since only the master password need be remembered, the passwords particular to specific remote sites may be made more random and thus more secure. Implementation of the password management system need not require modification of any remote servers.
-
Citations
17 Claims
-
1. In a network including a client system and a group of at least one remote server, a method for authenticating a user operating said client system to said group of remote servers comprising the steps of:
-
storing a plurality of entries corresponding to each remote server of said group in a database, each said entry comprising a password of the user registered at the corresponding remote server, said password being encrypted using a master password;
receiving, at said client systems, an authentication request message from a first selected remote server of said group;
inhibiting said client system from displaying an authentication form;
prompting the user for said master password;
searching said database for an entry corresponding to said authentication request message;
decrypting, at said client system, said password registered at said first selected remoter server using the master password as a key; and
sending, responsive to said authentication request message, said password form said client system to said first selected remote server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
prompting the user for said master password.
-
-
3. The method of claim 2 further comprising the step of:
storing said master password at said client system.
-
4. The method of claim 3 further comprising the steps of:
-
receiving, at said client system, a further authentication request message from a second selected one of said remote servers;
retrieving, at said client system, said master password;
decrypting, at said client system, said password registered at said second selected remote server using said master password as a key; and
sending, responsive to said authentication message, said password and said user ID from said client system to said second selected remote server.
-
-
5. The method of claim 1 wherein said authentication request message is a WWW authentication request message.
-
6. The method of claim 1 wherein each said entry further comprises a network address of the corresponding remote server.
-
7. The method of claim 6 wherein said network address is a URL.
-
8. The method of claim 1 further comprising the step of inhibiting display of said authentication request message.
-
9. The method of claim 1 further comprising the step of:
searching for said an encrypted version of said password registered at said first selected remote server in said plurality of entries.
-
10. A client computer system adapted to couple to remote server via a network, said client computer system comprising:
-
a network interface system that receives an authentication request message from said remote server;
a data storage device that stores a password information database;
a processing unit that responsive to said authentication request message performs the steps of;
inhibiting said client system from displaying an authentication form;
prompting the user for a master password;
searching, at said client system, a password database for password information for said selected remoter server; and
if said password information is found in said searching step, decrypting said password information using said master password; and
transmitting said decrypted password information to said remote server. - View Dependent Claims (11)
if said password information is not found in said searching step, receiving user input specifying a password used to register to said remote server; and
storing password information responsive to said user input in said password information database on said data storage device.
-
-
12. Software on a storage medium for use with a database of passwords and network addresses for a plurality of limited access remote servers, said passwords being encrypted with a master password key, said software comprising:
-
code for receiving an authentication request message from a remote server having a selected network address;
code for inhibiting the display of an authentication form;
code for prompting a user for said master password key;
code for searching for an encrypted password of said remote server; and
code for decrypting an encrypted password retrieved by said searching software using said master password key. - View Dependent Claims (13, 14, 15, 16, 17)
software, adapted to operate in conjunction with browser software operating on a client system, for intercepting an authentication request message from a selected one of said limited access remote servers to said browser software;
software for invoking said searching software and said decrypting software responsive to said authentication request message to find a decrypted password of said remote server; and
software for transmitting said decrypted password to said remote server responsive to said authentication request message.
-
-
14. The software of claim 12 wherein said network addresses are URLs.
-
15. The software of claim 12 implemented as a Java applet.
-
16. The software of claim 12 further comprising:
software for maintaining said database.
-
17. The software of claim 12 further comprising software for:
prompting the user for said master password.
Specification