Secure authentication systems and methods
First Claim
Patent Images
1. A method for user authentication, the method comprising:
- receiving a username/password pair associated with a user;
determining whether the username/password pair is valid;
requesting one or more responses to a first Reverse Turing Test (RTT), regardless of whether the username/password pair is valid; and
selectively granting the user access to a resource only if the username/password pair is valid, and the one or more responses to the first RTT is valid.
3 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods are provided for authentication by combining a Reverse Turing Test (RTT) with password-based user authentication protocols to provide improved resistance to brute force attacks. In accordance with one embodiment of the invention, a method is provided for user authentication, the method including receiving a username/password pair associated with a user; requesting one or more responses to a first Reverse Turing Test (RTT); and granting access to the user if a valid response to the first RTT is received and the username/password pair is valid.
-
Citations
15 Claims
-
1. A method for user authentication, the method comprising:
-
receiving a username/password pair associated with a user; determining whether the username/password pair is valid; requesting one or more responses to a first Reverse Turing Test (RTT), regardless of whether the username/password pair is valid; and selectively granting the user access to a resource only if the username/password pair is valid, and the one or more responses to the first RTT is valid. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for user authentication, the method comprising:
-
sending to a user a request for a username/password pair; receiving a username/password pair from the user; determining whether the username/password pair is valid; receiving one or more responses to a first Reverse Turing Test (RTT), regardless of whether the username/password pair is valid; and selectively granting the user access to a resource only if the username/password pair is valid, and the one or more responses to the first RTT is valid. - View Dependent Claims (10, 11)
-
-
12. A computer-readable medium, the computer-readable medium storing programming instructions which, if executed by a computer system, are operable to cause the computer system to perform operations comprising:
-
determining whether a received username/password pair is valid; requesting one or more responses to a first Reverse Turing Test (RTT) regardless of whether the received username/password pair is valid; and selectively granting a user access to electronic goods and/or services if a valid response to the first RTT is received and the username/password pair is valid. - View Dependent Claims (13, 14, 15)
-
Specification