User authorization management system using a meta-password and method for same
First Claim
1. A method for management of user authentication information, comprising:
- providing a repository including a list of network addresses, each network address having an associated handle and each handle having an associated encoded password;
receiving a user authentication response sent by an associated user to a network, the user authentication response including a meta-password;
identifying, in said user authentication response, a first network address to which the user authentication response is directed, the first network address being associated in said repository with a first handle and with a first encoded password;
generating a modified authentication response by decoding the first encoded password using the meta-password as a decoding key and combining the decoded password with the user authentication response; and
transmitting the modified authentication response to the identified network address via the network.
1 Assignment
0 Petitions
Accused Products
Abstract
A user authentication information management method receives a meta-password from a user. A repository (34) lists network addresses (36) and associated handles (38), each handle having an associated encoded password. An authentication response from the user is intercepted. A modified authentication response is generated by identifying a network address to which the response is directed (208), searching for the identified network address (210) in the repository (34), identifying a handle (212) corresponding to the address based on the searching (210), decoding the password associated with the handle using the meta-password as a decoding key (214), and substituting the decoded password for the meta-password in the authentication response (216). The method also generates pseudo-random passwords (124) consistent with password rules (128). The repository (34) can reside on a client device (14), a proxy server, a local area network, or a security server having an Internet protocol (IP) address. The repository (34) can also be disposed at a database service.
79 Citations
39 Claims
-
1. A method for management of user authentication information, comprising:
-
providing a repository including a list of network addresses, each network address having an associated handle and each handle having an associated encoded password; receiving a user authentication response sent by an associated user to a network, the user authentication response including a meta-password; identifying, in said user authentication response, a first network address to which the user authentication response is directed, the first network address being associated in said repository with a first handle and with a first encoded password; generating a modified authentication response by decoding the first encoded password using the meta-password as a decoding key and combining the decoded password with the user authentication response; and transmitting the modified authentication response to the identified network address via the network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A system for managing user authentication information in an associated interfacing program which interfaces an associated user with a plurality of associated secure services, the system comprising:
-
a repository containing an address table storing addresses wherein each address has a handle associated therewith and each handle has an encoded password associated therewith; a software hook by which an authentication response including a meta-password sent by the interfacing program to a first address is intercepted; and a processor for processing the intercepted authentication response to form a modified authentication response by i) indexing said repository using said first address and extracting a first handle associated with the first address and a first encoded password associated with the first handle, ii) decoding the first encoded password extracted from the repository using said meta-password as a decoding key to generate a decoded first password, and iii) substituting said meta-password with said decoded first password to form said modified authentication response. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24)
-
-
25. An article of manufacture comprising a program storage medium readable by a computer and embodying one or more instructions executable by the computer for performing a method for management of user authentication information, comprising:
-
providing a repository including a list of network addresses, each network address having an associated handle and each handle having an associated encoded password; receiving a user authentication response sent by an associated user to a network, the user authentication response including a meta-password; identifying, in said user authentication response, a first network address to which the authentication response is directed, the first network address being associated in said repository with a first handle and with a first encoded password; generating a modified authentication response by decoding the first encoded password using the meta-password as a decoding key and substituting the decoded password for the meta-password in the user authentication response; and transmitting the modified authentication response to the identified network address via the network. - View Dependent Claims (26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39)
-
Specification