Method and system for password protection of a data processing system that permit a user-selected password to be recovered
First Claim
1. A method within a data processing system for providing password protection for a resource protected by a password that may be user selected, said method comprising:
- storing an access password and an encryption key unique to said resource in non-volatile storage at a data processing system, wherein said encryption key is at least partially derived from unique information associated with said resource;
in response to receipt of an attempted access password at said data processing system, allowing access to said resource if said attempted access password matches said stored access password;
in response to an indication that said access password has been forgotten, outputting an encrypted access password generated at said data processing system from said stored access password utilizing said encryption key; and
thereafter, recovering said access password from said encrypted access password and said unique information.
1 Assignment
0 Petitions
Accused Products
Abstract
A data processing system-based password protection system protects a resource with an access password that may be user selected. The access password and an encryption key unique to the resource are stored in non-volatile storage at a data processing system, where the encryption key is at least partially derived from unique information associated with the resource. In response to receipt of an attempted access password at the data processing system, access to the resource is permitted if the attempted access password matches the stored access password. However, in response to an indication that the access password has been forgotten, an encrypted access password generated at the data processing system from the stored access password utilizing the encryption key is output from the data processing system. The access password can thereafter be recovered from the encrypted access password and the unique information.
155 Citations
20 Claims
-
1. A method within a data processing system for providing password protection for a resource protected by a password that may be user selected, said method comprising:
-
storing an access password and an encryption key unique to said resource in non-volatile storage at a data processing system, wherein said encryption key is at least partially derived from unique information associated with said resource;
in response to receipt of an attempted access password at said data processing system, allowing access to said resource if said attempted access password matches said stored access password;
in response to an indication that said access password has been forgotten, outputting an encrypted access password generated at said data processing system from said stored access password utilizing said encryption key; and
thereafter, recovering said access password from said encrypted access password and said unique information. - View Dependent Claims (2, 3, 4, 5, 6, 17, 18)
again deriving said encryption key from said control password and said unique information; and
decrypting said encrypted access password provided by said data processing system to recover said access password.
-
-
4. The method of claim 1, wherein said unique information is a serial number of said data processing system.
-
5. The method of claim 1, wherein said data processing system is a first data processing system, and wherein said step of outputting an encrypted access password comprises outputting said encrypted access password to a second data processing system utilized to recover said access password.
-
6. The method of claim 1, and further comprising:
in response to entry of said recovered access password into said data processing system, requiring a user to change said access password stored within said non-volatile storage.
-
17. The method of claim 5, wherein said steps of storing and allowing access are performed by said first data processing system.
-
18. The method of claim 17, wherein said step of allowing access comprises allowing access in response to user entry of said access password.
-
7. A password protection system for a resource, said password protection system comprising:
a data processing system that protects access to said resource by requiring entry of an access password to obtain access to said resource, said data processing system including non-volatile storage that stores an access password and an encryption key unique to said resource, wherein said encryption key is at least partially derived from unique information associated with said resource, and wherein said data processing system outputs an encrypted access password generated at said data processing system from said stored access password utilizing said encryption key in response to an indication that said access password has been forgotten, such that said access password can be recovered from said encrypted access password and said unique information without advance knowledge of said access password. - View Dependent Claims (8, 9, 10, 11, 19)
-
12. A program product, comprising:
-
a data processing system usable medium; and
password protection software, embodied within said data processing system usable medium, that protects access to a resource by requiring entry of an access password into a data processing system to obtain access to said resource, wherein said password protection program derives an encryption key unique to said resource at least partially from unique information associated with said resource, said password protection program outputting an encrypted access password generated utilizing said encryption key in response to an indication that said access password has been forgotten, such that said access password can be recovered from said encrypted access password and said unique information without advance knowledge of said access password. - View Dependent Claims (13, 14, 15, 16, 20)
-
Specification