System and method for providing access to multiple user accounts via a common password
First Claim
1. A computer implemented method for providing access to multiple Web accounts via a universal password which is valid for the multiple Web accounts, the method comprising:
- providing a designated password for each of the multiple Web accounts, the designated password being calculated for each of the multiple Web accounts based on a hash function which incorporates the universal password, user ID, an account server name and a random number stored at the server as inputs to the hash function;
receiving the universal password for access to at least one of the multiple Web accounts;
determining if the universal password is valid based on the associated designated password for the at least one of the multiple Web accounts;
providing access to the at least one of the multiple Web accounts provided the universal password is valid; and
providing a new designated password for the at least one of the multiple Web accounts if requested, by generating a new random number and calculating the new designated password based on a hash function that incorporates the universal password, the user ID, the account server name, and the new random number.
1 Assignment
0 Petitions
Accused Products
Abstract
A common password method is disclosed which provides both convenience and security assurance for users who have multiple accounts protected by passwords. According to the present invention, a user only needs to remember a common password to access any of the user'"'"'s accounts. A designated password for each account is generated by a hash function of the common password and some account-dependent information. The hash value is calculated at the user'"'"'s computer, and then submitted as a designated password to a server. Thus, each account is protected by the distinct designated password, and the common password is never revealed in an unauthorized manner.
148 Citations
1 Claim
-
1. A computer implemented method for providing access to multiple Web accounts via a universal password which is valid for the multiple Web accounts, the method comprising:
-
providing a designated password for each of the multiple Web accounts, the designated password being calculated for each of the multiple Web accounts based on a hash function which incorporates the universal password, user ID, an account server name and a random number stored at the server as inputs to the hash function; receiving the universal password for access to at least one of the multiple Web accounts; determining if the universal password is valid based on the associated designated password for the at least one of the multiple Web accounts; providing access to the at least one of the multiple Web accounts provided the universal password is valid; and providing a new designated password for the at least one of the multiple Web accounts if requested, by generating a new random number and calculating the new designated password based on a hash function that incorporates the universal password, the user ID, the account server name, and the new random number.
-
Specification
-
- Resources
-
Current AssigneeAT&T Corporation (AT&T, Inc.)
-
Original AssigneeAT&T Corporation (AT&T, Inc.)
-
InventorsLuo, Hui, Henry, Paul S.
-
Primary Examiner(s)Revak, Christopher
-
Assistant Examiner(s)Sherkat, Arezoo
-
Application NumberUS09/637,409Time in Patent Office2,006 DaysField of Search713/202, 713/155, 713/170, 713182-186, 713/171, 713/156, 713/158, 713/187, 380/30, 380/277, 380/270, 380/29, 380/25, 380/49, 380/43, 380/44US Class Current713/182CPC Class CodesG06F 21/41 where a single sign-on prov...
