Systems and methods of securing resources through passwords

US 7,373,516 B2
Filed: 08/19/2004
Issued: 05/13/2008
Est. Priority Date: 08/19/2004
Status: Expired due to Fees

First Claim

Patent Images

1. A method of authorizing access to an item, said method comprising:

receiving a presented password from an entity desiring access to said item;

comparing said presented password with a stored password;

authorizing access if said presented password exactly matches said stored password;

denying access if said presented password fails to exactly match said stored password;

variably incrementing a lockout count if said presented password fails to exactly match said stored password; and

locking out access to said item if said lockout count exceeds a predetermined value,wherein said variably incrementing process increments said lockout count different amounts depending upon how closely said presented password matches said stored password.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed is a method of authorizing access to an item that maintains a lockout count and blocks access to the item if the lockout count exceeds a predetermined value. One feature is that the invention “variably” increments the lockout count if the presented password fails to exactly match the stored password. In this process the invention increments the lockout count different amounts depending upon how closely the presented password matches the stored password. The invention also provides a methodology that allocates a plurality of the same passwords to a plurality of users who share the same userid. The invention allows continuous operation of the item being accessed by providing that each of the passwords has a different expiration date. Also, when dealing with situations where a plurality of users who share the same userid also share the same password, the invention maps information associated with the users to the password in a data file and periodically updates the data file.

Citations

21 Claims

1. A method of authorizing access to an item, said method comprising:
- receiving a presented password from an entity desiring access to said item;
  
  comparing said presented password with a stored password;
  
  authorizing access if said presented password exactly matches said stored password;
  
  denying access if said presented password fails to exactly match said stored password;
  
  variably incrementing a lockout count if said presented password fails to exactly match said stored password; and
  
  locking out access to said item if said lockout count exceeds a predetermined value,wherein said variably incrementing process increments said lockout count different amounts depending upon how closely said presented password matches said stored password.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method in claim 1, all the limitations of which are incorporated herein by reference, wherein, in said variably incrementing process, said lockout count is incremented a lesser amount as said presented password matches said stored password more closely and is incremented a greater amount as said presented password matches said stored password less closely.
  - 3. The method in claim 1, all the limitations of which are incorporated herein by reference, further comprising determining how closely said presented password matches said stored password by evaluating whether the difference between said presented password and said stored password relates to typographical errors.
  - 4. The method in claim 1, all the limitations of which are incorporated herein by reference, further comprising determining how closely said presented password matches said stored password by classifying the difference between said presented password and said stored password into different types of password errors.
  - 5. The method in claim 4, all the limitations of which are incorporated herein by reference, wherein said different types of password errors cause said lockout count to be incremented by different values.
  - 6. The method in claim 4, all the limitations of which are incorporated herein by reference, wherein said types of password errors comprise missing characters, extra characters, transposed characters, and incorrect case usage.
  - 7. The method in claim 1, all the limitations of which are incorporated herein by reference, wherein said denying process allows additional passwords to be presented and said locking out process prevents additional passwords from being presented.

8. A method of authorizing access to an item, said method comprising:
- receiving a presented password from an entity desiring access to said item;
  
  comparing said presented password with a stored password;
  
  authorizing access if said presented password exactly matches said stored password;
  
  denying access if said presented password fails to exactly match said stored password;
  
  variably incrementing a lockout count if said presented password fails to exactly match said stored password; and
  
  locking out access to said item if said lockout count exceeds a predetermined value,wherein said variably incrementing process does not increment said lockout count if said presented password is the same as a previously presented password that was entered within a predetermined previous time period.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The method in claim 8, all the limitations of which are incorporated herein by reference, wherein, wherein said variably incrementing process increments said the lockout count different amounts depending upon how closely said presented password matches said stored password, such that said lockout count is incremented a lesser amount as said presented password matches said stored password more closely and is incremented a greater amount as said presented password matches said stored password less closely.
  - 10. The method in claim 9, all the limitations of which are incorporated herein by reference, further comprising determining how closely said presented password matches said stored password by evaluating whether the difference between said presented password and said stored password relates to typographical errors.
  - 11. The method in claim 9, all the limitations of which are incorporated herein by reference, further comprising determining how closely said presented password matches said stored password by classifying the difference between said presented password and said stored password into different types of password errors.
  - 12. The method in claim 11, all the limitations of which are incorporated herein by reference, wherein said different types of password errors cause said lockout count to be incremented by different values.
  - 13. The method in claim 11, all the limitations of which are incorporated herein by reference, wherein said types of password errors comprise missing characters, extra characters, transposed characters, and incorrect case usage.
  - 14. The method in claim 8, all the limitations of which are incorporated herein by reference, wherein said denying process allows additional passwords to be presented and said locking out process prevents additional password from being presented.

15. A program storage device readable by machine, tangibly embodying a program of instructions executable by said machine to perform a method of authorizing access to an item, said method comprising:
- receiving a presented password from an entity desiring access to said item;
  
  comparing said presented password with a stored password;
  
  authorizing access if said presented password exactly matches said stored password;
  
  denying access if said presented password fails to exactly match said stored password;
  
  variably incrementing a lockout count if said presented password fails to exactly match said stored password; and
  
  locking out access to said item if said lockout count exceeds a predetermined value,wherein said variably incrementing process increments said lockout count different amounts depending upon how closely said presented password matches said stored password.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The program storage device in claim 15, all the limitations of which are incorporated herein by reference, wherein, in said variably incrementing process, said lockout count is incremented a lesser amount as said presented password matches said stored password more closely and is incremented a greater amount as said presented password matches said stored password less closely.
  - 17. The program storage device in claim 15, all the limitations of which are incorporated herein by reference, wherein said method further comprises determining how closely said presented password matches said stored password by evaluating whether the difference between said presented password and said stored password relates to typographical errors.
  - 18. The program storage device in claim 15, all the limitations of which are incorporated herein by reference, wherein said method further comprises determining how closely said presented password matches said stored password by classifying the difference between said presented password and said stored password into different types of password errors.
  - 19. The program storage device in claim 18, all the limitations of which are incorporated herein by reference, wherein said different types of password errors cause said lockout count to be incremented by different values.
  - 20. The program storage device in claim 18, all the limitations of which are incorporated herein by reference, wherein said types of password errors comprise missing characters, extra characters, transposed characters, and incorrect case usage.
  - 21. The program storage device in claim 15, all the limitations of which are incorporated herein by reference, wherein said denying process allows additional passwords to be presented and said locking out process prevents additional passwords from being presented.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Milne, Robert J., Nahar, Rahul, Dunki-Jacobs, Raymond P., Ashok, Guru S., Tandel, Shreesh S., Shah, Ashit M., Venkatachalam, Muthuswamy
Primary Examiner(s)
Lanier; Benjamin E.

Application Number

US10/711,044
Publication Number

US 20060041756A1
Time in Patent Office

1,363 Days
Field of Search

713/183
US Class Current

713/183
CPC Class Codes

G06F 21/31 User authentication

Systems and methods of securing resources through passwords

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods of securing resources through passwords

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links