Secure authentication systems and methods
First Claim
Patent Images
1. A method for user authentication, the method comprising:
- receiving a username/password pair associated with a user;
determining whether the username/password pair is valid;
requesting one or more responses to a first Reverse Turing Test (RTT), regardless of whether the username/password pair is valid; and
selectively granting the user access to a resource only if the username/password pair is valid, and the one or more responses to the first RTT is valid.
3 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods are provided for authentication by combining a Reverse Turing Test (RTT) with password-based user authentication protocols to provide improved resistance to brute force attacks. In accordance with one embodiment of the invention, a method is provided for user authentication, the method including receiving a username/password pair associated with a user; requesting one or more responses to a first Reverse Turing Test (RTT); and granting access to the user if a valid response to the first RTT is received and the username/password pair is valid.
319 Citations
15 Claims
-
1. A method for user authentication, the method comprising:
-
receiving a username/password pair associated with a user; determining whether the username/password pair is valid; requesting one or more responses to a first Reverse Turing Test (RTT), regardless of whether the username/password pair is valid; and selectively granting the user access to a resource only if the username/password pair is valid, and the one or more responses to the first RTT is valid. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for user authentication, the method comprising:
-
sending to a user a request for a username/password pair; receiving a username/password pair from the user; determining whether the username/password pair is valid; receiving one or more responses to a first Reverse Turing Test (RTT), regardless of whether the username/password pair is valid; and selectively granting the user access to a resource only if the username/password pair is valid, and the one or more responses to the first RTT is valid. - View Dependent Claims (10, 11)
-
-
12. A computer-readable medium, the computer-readable medium storing programming instructions which, if executed by a computer system, are operable to cause the computer system to perform operations comprising:
-
determining whether a received username/password pair is valid; requesting one or more responses to a first Reverse Turing Test (RTT) regardless of whether the received username/password pair is valid; and selectively granting a user access to electronic goods and/or services if a valid response to the first RTT is received and the username/password pair is valid. - View Dependent Claims (13, 14, 15)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeIntertrust Technologies Corporation (Fidelio Acquisition Co LLC)
-
Original AssigneeIntertrust Technologies Corporation (Fidelio Acquisition Co LLC)
-
InventorsSander, Tomas, Pinkas, Binyamin
-
Primary Examiner(s)Kindred; Alford
-
Assistant Examiner(s)FRANKLIN, RICHARD B
-
Application NumberUS10/423,531Publication NumberTime in Patent Office1,866 DaysField of Search713/183, 713/184, 713/200, 713/202US Class Current726/2CPC Class CodesG06F 21/34 involving the use of extern...G06F 21/36 by graphic or iconic repres...G06F 21/6218 to a system of files or obj...H04L 63/0815 providing single-sign-on or...H04L 63/083 using passwords cryptograph...H04L 63/105 Multiple levels of securityH04L 63/12 Applying verification of th...H04L 63/1458 Denial of Service
