Automatic recovery of forgotten passwords
First Claim
Patent Images
1. A method of granting a user access to encrypted data stored on a user'"'"'s computer, said user and said user'"'"'s computer remote from an authenticating entity, comprising the steps of:
- automatically authenticating said user by an authenticating computer at said authenticating entity;
upon authentication, automatically providing an access key to said authenticated user, enabling said user to access said encrypted data stored on said user'"'"'s computer.
5 Assignments
0 Petitions
Accused Products
Abstract
In accordance with the invention a method of securely and automatically authenticating a user is disclosed. Bona fides are entered for a user, hashed, and stored at an authenticating entity, remote from the user'"'"'s computer. When a user forgets his/her password, the user enters his/her bona fides, which are again hashed on the user'"'"'s system, and then securely transmitted to the authenticating entity. The authenticating entity compares the received, hashed bona fides to those previously stored at the authenticating entity. If the comparison shows that the values match or otherwise appropriately correlate, the user will be authenticated. The user will then be provided with the means to access his/her encrypted data. In other words, once authenticated the authenticating entity will automatically provide the user and/or the user'"'"'s computer with an access key, in one embodiment, allowing the user to access his/her encrypted data.
-
Citations
12 Claims
-
1. A method of granting a user access to encrypted data stored on a user'"'"'s computer, said user and said user'"'"'s computer remote from an authenticating entity, comprising the steps of:
-
automatically authenticating said user by an authenticating computer at said authenticating entity;
upon authentication, automatically providing an access key to said authenticated user, enabling said user to access said encrypted data stored on said user'"'"'s computer.
-
-
2. The method of clam 1, wherein the step of automatically authenticating a user, comprises the steps of:
-
storing user-identifying information in said authenticating computer, resulting in stored user-identifying information;
receiving, by said authenticating computer from said user, second user-identifying information; and
comparing, by said authenticating computer, said second user-identifying information to said stored user-identifying information, wherein if said second user-identifying information correlates to said stored user-identifying information said user is authenticated. - View Dependent Claims (3)
-
-
4. A method of authenticating a user, comprising the steps of:
-
storing a bona-fide hash at an authenticating entity remote from said user, resulting in a stored bona-fide hash;
receiving, by said authenticating entity, a second bona fide hash from said user;
comparing, by said authenticating entity, said second bona-fide hash with said stored bona-fide hash; and
providing, by said authenticating entity, an access key for enabling said user to access encrypted data stored on said user'"'"'s computer if said second bona-fide hash correlates to said stored bona-fide hash, wherein said user'"'"'s computer is remote from said authenticating entity. - View Dependent Claims (5, 6, 7)
-
-
8. A method of authenticating a user, comprising the steps of:
-
(a) receiving, by a user'"'"'s computer, a set of bona fides from said user;
(b) hashing, by said user'"'"'s computer, said set of bona fides resulting in a set of bona-fides hashes;
(c) securely communicating said set of bona-fides hashes to an authenticating entity remote from said user'"'"'s computer;
(d) storing said set of bona-fides hashes at said authenticating entity resulting in a stored set of bona-fides hashes;
(e) receiving, by said user'"'"'s computer, at least a subset of said set of bona fides said user;
(f) hashing, by said user'"'"'s computer, said subset of bona fides resulting in a second set of bona-fides hashes;
(g) securely communicating said second set of bona-fides hashes to said authenticating entity;
(h) comparing, by said authenticating entity, said second set of bona-fides hashes with said stored set of bona-fides hashes, wherein if said second set of bona-fides hashes correlates to said stored set of bona-fides hashes the user is authenticated; and
(i) if said user is authenticated, communicating, by said authenticating entity to said user'"'"'s computer, an access key to allow said user to access encrypted data on said user'"'"'s computer. - View Dependent Claims (9, 10)
-
-
11. A system for granting a user access to encrypted data stored on a user'"'"'s computer when the user has forgotten his/her password, comprising:
-
a hash unit, located at said user'"'"'s computer and having an input for receiving a user bona fide and having an output for carrying a bona fide hash;
a storage record located at an authenticating entity, said storage record including a stored bona fides hash, said authenticating entity remote from said user'"'"'s computer and couplable to said user'"'"'s computer with a secure channel;
a comparison unit, located at said authenticating entity, said comparison unit having a first input coupled to receive said bona fides hash from said secure channel, having a second input coupled to receive said stored bona fides hash, and having an output for carrying a signal indicative of whether the user has been authenticated; and
an access key provider, located at said authenticating entity and activated by said comparison unit output, said user gaining access to said encrypted data upon receipt of an access key from said access key provider.
-
-
12. A system for granting a user access to encrypted data stored on a user'"'"'s computer when the user has forgotten his/her password, comprising:
-
an authenticating entity remotely located from said user'"'"'s computer, said authenticating entity comprising;
means for automatically and securely authenticating said user using user bona fides; and
means for automatically providing a user access to his/her encrypted data.
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeGen Digital Inc.
-
Original AssigneeSymantec Corporation (NortonLifeLock Inc.)
-
InventorsGrawrock, David
-
Primary Examiner(s)Peeso, Thomas R.
-
Application NumberUS09/162,102Time in Patent Office1,268 DaysField of Search380/255, 380/277, 380/283, 713/155, 713/168, 713/170, 713/171, 713/176, 713/180, 713/182US Class Current713/176CPC Class CodesG06F 21/31 User authenticationG06F 21/40 by quorum, i.e. whereby two...G06F 21/6209 to a single file or object,...G06F 2221/2131 Lost password, e.g. recover...
