Methods of resetting passwords in network service systems including user redirection and related systems and computer-program products

US 7,353,536 B1
Filed: 09/23/2003
Issued: 04/01/2008
Est. Priority Date: 09/23/2003
Status: Active Grant

First Claim

Patent Images

1. A method of resetting a password for a network service account, the method comprising:

accepting entry of a password at a first server from an electronic device wherein the electronic device is remote from the first server;

comparing the entered password with a known password;

after comparing the entered password with the known password, redirecting a user of the electronic device from the first server to a second server providing a password reset tool if the entered password does not match the known password, wherein the user of the electronic device is blocked from network access other than the password reset tool while being redirected to the second server, wherein the second server is separate from the first server;

after redirecting the user of the electronic device to the second server providing the password reset tool, accepting user entry of verification information at the second server;

comparing the verification information from the user with known verification information for the user;

accepting user entry of a new password if the verification information accepted from the user matches the known verification information for the user; and

storing the new password as the known password for the user.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Resetting a password for a network service account may include redirecting the user to a password reset tool, wherein the user is blocked from network access other than the password reset tool while being redirected. After redirecting the user to the password reset tool, user entry of verification information may be accepted, and the verification information from the user may be compared with known verification information for the user. User entry of a new password may be accepted if the verification information accepted from the user matches the known verification information for the user; and the new password may be stored as the known password for the user. Related systems and computer-program products are also discussed.

68 Citations

View as Search Results

51 Claims

1. A method of resetting a password for a network service account, the method comprising:
- accepting entry of a password at a first server from an electronic device wherein the electronic device is remote from the first server;
  
  comparing the entered password with a known password;
  
  after comparing the entered password with the known password, redirecting a user of the electronic device from the first server to a second server providing a password reset tool if the entered password does not match the known password, wherein the user of the electronic device is blocked from network access other than the password reset tool while being redirected to the second server, wherein the second server is separate from the first server;
  
  after redirecting the user of the electronic device to the second server providing the password reset tool, accepting user entry of verification information at the second server;
  
  comparing the verification information from the user with known verification information for the user;
  
  accepting user entry of a new password if the verification information accepted from the user matches the known verification information for the user; and
  
  storing the new password as the known password for the user.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. A method according to claim 1 wherein accepting entry of the password from the electronic device comprises accepting entry of the password from the electronic device over a telephone line.
  - 3. A method according to claim 1 further comprising:
    - providing network service for the user without redirecting to the second server providing the password reset tool if the entered password matches the known password for the user.
  - 4. A method according to claim 1 wherein redirecting the user to the second server providing the password reset tool comprises redirecting the user to the second server providing the password reset tool if a predetermined number of passwords have been accepted from the user during a session without matching the known password.
  - 5. A method according to claim 1 wherein accepting entry of a password further comprises accepting user entry of a username and the password from the electronic device, and wherein redirecting the user of the electronic device to the password reset tool if the password from the electronic device does not match the known password further comprises redirecting the user of the electronic device to the second server providing the password reset tool only if the username from the electronic device is a valid username.
  - 6. A method according to claim 1 further comprising:
    - terminating redirecting of the user of the electronic device to the second server providing the password reset tool if the verification information entered by the user does not match the known verification information.
  - 7. A method according to claim 1 further comprising:
    - terminating redirecting of the user of the electronic device to the second server providing the password reset tool if user verification information is accepted a predetermined number of times without matching the known verification information.
  - 8. A method according to claim 1 further comprising:
    - terminating redirecting of the user of the electronic device to the second server providing the password reset tool if a predetermined period of time passes without accepting user verification information matching the known verification information.
  - 9. A method according to claim 1 further comprising:
    - after accepting entry of the new password, terminating redirecting of the user of the electronic device to the second server providing the password reset tool.
  - 10. A method according to claim 1 further comprising:
    - after accepting entry of the new password from the remote electronic device, transmitting instructions for the remote electronic device to automatically save the new password.
  - 11. A method according to claim 1 wherein redirecting the user of the electronic device to the second server providing the password reset tool comprises tunneling the user from the first server to the second server providing the password reset tool.
  - 12. A method according to claim 1 further comprising:
    - after redirecting the user of the electronic device to the second server providing the password reset tool, accepting a request for a network browser at the second server; and
      
      responsive to accepting the request for an network browser, providing a password reset window including prompts for entry of the verification information while the user of the electronic device is blocked from network access other than the password reset tool wherein the password reset window is provided from the second server at the electronic device remote from the second server.
  - 13. A method according to claim 1 further comprising:
    - after redirecting the user of the electronic device to the second server providing the password reset tool, accepting a request for e-mail service at the second server from the electronic device; and
      
      responsive to accepting the request for e-mail service, providing a password reset e-mail from the second server for the user including a link to a password reset window including prompts for entry of the verification information while the user of the electronic device is blocked from network access other than the password reset tool.
  - 14. A method according to claim 13 further comprising:
    - responsive to accepting the request for e-mail, blocking access of the user of the electronic device to all e-mails other than the password reset e-mail.
  - 15. A method according to claim 1 wherein the network service account comprises an Internet service account.
  - 16. A method according to claim 1 wherein the electronic device is remote from both of the first and second servers.
  - 17. A method according to claim 1 wherein the second server comprises an element of a sandbox network and wherein the first server is outside the sandbox network.

18. A network service system that provides access to a data network for a user having a network service account therewith, the system comprising:
- an access control point implemented on a first server configured to accept entry of a password from an electronic device remote from the first server as a condition of providing access to the data network, to compare the entered password with a known password for the user using the electronic device, and to redirect the user of the electronic device if the entered password does not match the known password; and
  
  a password reset tool implemented on a second server separate from the first server, wherein the password reset tool is configured to accept redirection of the user of the electronic device from the access control point implemented at the first server to the password reset tool implemented at the second server, wherein the user of the electronic device is blocked from network access other than the password reset tool implemented at the second server while being redirected, the password reset tool implemented at the second server being further configured to accept user entry of verification information after redirecting the user of the electronic device to the password reset tool, to compare the verification information from the user of the electronic device with known verification information for the user of the electronic device, to accept user entry of a new password if the verification information accepted from the user of the electronic device matches the known verification information for the user of the electronic device, and to store the new password as the known password for the user of the electronic device.
- View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
- - 19. A network service system according to a claim 18 wherein the access control point is configured to accept entry of the password from the electronic device over a telephone line.
  - 20. A network service system according to claim 18 wherein the access control point is configured to provide network service for the user of the electronic device without redirecting to the password reset tool if the entered password matches the known password for the user.
  - 21. A network service system according to claim 18 wherein the access control point is configured to redirect the user to the password reset tool if a predetermined number of passwords have been accepted from the user during a session without matching the known password.
  - 22. A network service system according to claim 18 wherein the access control point is configured to accept user entry of a username and the password, and to redirect the user to the password reset tool only if the username entered by the user is a valid username.
  - 23. A network service system according to claim 18 wherein the password reset tool is configured to terminate redirection of the user to the password reset tool if the verification information entered by the user does not match the known verification information.
  - 24. A network service system according to claim 18 wherein the password reset tool is configured to terminate redirection of the user to the password reset tool if user verification information is accepted a predetermined number of times without matching the known verification information.
  - 25. A network service system according to claim 18 wherein the password reset tool is configured to terminate redirection of the user to the password reset tool if a predetermined period of time passes without accepting user verification information matching the known verification information.
  - 26. A network service system according to claim 18 wherein the password reset tool is configured to terminate redirection of the user to the password reset tool after accepting entry of the new password.
  - 27. A network service system according to claim 18 wherein the password reset tool is configured to transmit instructions for the remote electronic device to automatically save the new password after accepting entry of the new password from the remote electronic device.
  - 28. A network service system according to claim 18 wherein the access control point implemented at the first server is configured to redirect the user of the electronic device by tunneling the user of the electronic device to the password reset tool, and wherein the password reset tool implemented at the second server is configured to accept tunneling of the user of the electronic device from the access control point.
  - 29. A network service system according to claim 18 wherein the password reset tool implemented at the second server is configured to accept a request for a network browser after accepting redirection of the user of the electronic device, and to provide a password reset window including prompts for entry of the verification information responsive to accepting the request for an network browser while the user of the electronic device is blocked from network access other than the password reset tool wherein the password reset window is provided from the second server at the electronic device remote from the second server.
  - 30. A network service system according to claim 18 wherein the password reset tool is configured to accept a request for e-mail service after redirecting the user to the password reset tool implemented at the second server, and to provide a password reset e-mail for the user of the electronic device including a link to a password reset window including prompts for entry of the verification information responsive to accepting the request for e-mail service while the user of the electronic device is blocked from network access other than the password reset tool.
  - 31. A network service system according to claim 30 wherein the password reset tool is configured to block access of the user of the electronic device to all e-mails other than the password reset e-mail responsive to accepting the request for e-mail.
  - 32. A network service system according to claim 18 wherein the network service account comprises an Internet service account.
  - 33. A network service system according to claim 18 wherein the electronic device is remote from both of the first and second servers.
  - 34. A network service system method according to claim 18 wherein the second server comprises an element of a sandbox network and wherein the first server is outside the sandbox network.

35. A computer program product configured to reset a password for a network service account, the computer program product comprising a computer useable storage medium having computer-readable program code embodied in the medium, the computer-readable program code comprising:
- computer-readable program code that is configured to accept entry of a password at a first server from an electronic device wherein the electronic device is remote from the first server; and
  
  computer-readable program code that is configured to compare the entered password with a known password, wherein redirecting the user to the password reset tool comprises redirecting the user to the password reset tool if the entered password does not match the known password;
  
  computer-readable program code that is configured to redirect a user of the electronic device from the first server to a second server providing a password reset tool if the entered password does not match the known password after comparing the entered password with the known password, and to block the user of the electronic device from network access other than the password reset tool while being redirected to the second server, wherein the second server is separate from the first server;
  
  computer-readable program code that is configured to accept user entry of verification information at the second server after redirecting the user of the electronic device to the second server providing the password reset tool;
  
  computer-readable program code that is configured to compare the verification information from the user with known verification information for the user;
  
  computer-readable program code that is configured to accept user entry of a new password if the verification information accepted from the user matches the known verification information for the user; and
  
  computer-readable program code that is configured to store the new password as the known password for the user.
- View Dependent Claims (36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51)
- - 36. A computer program product according to claim 35 wherein accepting user entry of the password from the electronic device comprises accepting entry of the password from the electronic device over a telephone line.
  - 37. A computer program product according to claim 35 further comprising:
    - computer-readable program code that is configured to provide network service for the user without redirecting to the second server providing password reset tool if the entered password matches the known password for the user.
  - 38. A computer program product according to claim 35 wherein redirecting the user to the second server providing the password reset tool comprises redirecting the user to the second server providing the password reset tool if a predetermined number of passwords have been accepted from the user during a session without matching the known password.
  - 39. A computer program product according to claim 35 wherein accepting entry of a password further comprises accepting entry of a username and the password from the electronic device, and wherein redirecting the user of the electronic device to the password reset tool if the password from the electronic device does not match the known password further comprises redirecting the user of the electronic device to the second server providing the password reset tool only if the username from the electronic device is a valid username.
  - 40. A computer program product according to claim 35 further comprising:
    - computer-readable program code that is configured to terminate redirecting of the user of the electronic device to the second server providing the password reset tool if the verification information entered by the user does not match the known verification information.
  - 41. A computer program product according to claim 35 further comprising:
    - computer-readable program code that is configured to terminate redirecting of the user of the electronic device to the second server providing the password reset tool if user verification information is accepted a predetermined number of times without matching the known verification information.
  - 42. A computer program product according to claim 35 further comprising:
    - computer-readable program code that is configured to terminate redirecting of the user of the electronic device to the second server providing the password reset tool if a predetermined period of time passes without accepting user verification information matching the known verification information.
  - 43. A computer program product according to claim 35 further comprising:
    - computer-readable program code that is configured to terminate redirecting of the user of the electronic device to the second server providing the password reset tool after accepting entry of the new password.
  - 44. A computer program product according to claim 35 further comprising:
    - computer-readable program code that is configured to transmit instructions for the remote electronic device to automatically save the new password after accepting entry of the new password from the remote electronic device.
  - 45. A computer program product according to claim 35 wherein redirecting the user of the electronic device to the second server providing the password reset tool comprises tunneling the user from the first server to the second server providing the password reset tool.
  - 46. A computer program product according to claim 35 further comprising:
    - computer-readable program code that is configured to accept a request for a network browser at the second server after redirecting the user of the electronic device to the second server providing the password reset tool; and
      
      computer-readable program code that is configured to provide a password reset window including prompts for entry of the verification information responsive to accepting the request for a network browser while the user of the electronic device is blocked from network access other than the password reset tool wherein the password reset window is provided from the second server at the electronic device remote from the second server.
  - 47. A computer program product according to claim 35 further comprising:
    - computer-readable program code that is configured to accept a request for e-mail service at the second server from the electronic device after redirecting the user of the electronic device to the second server providing the password reset tool; and
      
      computer-readable program code that is configured to provide a password reset e-mail from the second server for the user including a link to a password reset window including prompts for entry of the verification information responsive to accepting the request for e-mail service while the user of the electronic device is blocked from network access other than the password reset tool.
  - 48. A computer program product according to claim 47 further comprising:
    - computer-readable program code that is configured to block access of the user of the electronic device to all e-mails other than the password reset e-mail responsive to accepting the request for e-mail.
  - 49. A computer program product according to claim 35 wherein the network service account comprises an Internet service account.
  - 50. A computer program product according to claim 35 wherein the electronic device is remote from both of the first and second servers.
  - 51. A computer program product according to claim 35 wherein the second server comprises an element of a sandbox network and wherein the first server is outside the sandbox network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
ServiceNow Incorporated
Original Assignee
At&T Delaware Intellectual Property, Inc. (AT&T, Inc.)
Inventors
Conner, William, Morris, Scott
Primary Examiner(s)
Moazzami, Nasser
Assistant Examiner(s)
Baum, Ronald

Application Number

US10/669,399
Time in Patent Office

1,652 Days
Field of Search

None
US Class Current

726/6
CPC Class Codes

G06F 21/31   User authentication

G06F 21/604   Tools and structures for ma...

G06F 2221/2131   Lost password, e.g. recover...

H04L 63/083   using passwords cryptograph...

Methods of resetting passwords in network service systems including user redirection and related systems and computer-program products

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

68 Citations

51 Claims

Specification

Solutions

Use Cases

Quick Links

Methods of resetting passwords in network service systems including user redirection and related systems and computer-program products

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

68 Citations

51 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links