Method for protecting a user's password

US 7,444,517 B2
Filed: 06/03/2004
Issued: 10/28/2008
Est. Priority Date: 06/03/2004
Status: Active Grant

First Claim

Patent Images

1. A method for providing a protectable password comprising:

a) entering an apparent password into a computing system, wherein the apparent password is a string of characters and keystrokes including the protectable password and an arbitrary number of characters and keystrokes unrelated to the protectable password, entering the protectable password in any position within the string of characters and keystrokes of the apparent password;

b) analyzing the entered apparent password by the computing system to determine a presence or absence of the protectable password; and

c) validating the apparent password if the protectable password is determined to be present in any position in within the string of characters and keystrokes of the apparent password.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention relates to a method for protecting a password. In a first aspect, the method includes allowing a user to enter an apparent password into a computing system, wherein the apparent password is a string of characters and keystrokes including the password and an arbitrary number of non-password related characters and keystrokes. The method further includes analyzing the string of characters and keystrokes by the computing system to find the password, and validating the apparent password if the password is found in any position in the string of characters and keystrokes. In a second aspect, the method includes creating a random pattern in response to receiving a request from a user to access a protected resource in a computing system, wherein the random pattern is associated with the request, displaying the random pattern associated with the request to the user, and allowing the user to enter an apparent password into the computing system that controls access to the protected resource, wherein the apparent password is a string of characters and keystrokes including the password, the random pattern and an arbitrary number of non-password related characters and keystrokes. The method further includes analyzing the string of characters and keystrokes by the computing system to find the password and the random pattern associated with the request, and validating the apparent password if the password and the random pattern are found in any position in the string of characters and keystrokes.

Citations

8 Claims

1. A method for providing a protectable password comprising:
- a) entering an apparent password into a computing system, wherein the apparent password is a string of characters and keystrokes including the protectable password and an arbitrary number of characters and keystrokes unrelated to the protectable password, entering the protectable password in any position within the string of characters and keystrokes of the apparent password;
  
  b) analyzing the entered apparent password by the computing system to determine a presence or absence of the protectable password; and
  
  c) validating the apparent password if the protectable password is determined to be present in any position in within the string of characters and keystrokes of the apparent password.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, wherein step (a) includes:
    - (a1) fragmenting the protectable password into a plurality of segments;
      
      (a2) entering a first segment of the protectable password;
      
      (a3) entering a string of characters and keystrokes unrelated to the protectable password;
      
      (a4) entering a next segment of the protectable password; and
      
      (a5) repeating steps (a3) and (a4) until a last segment of the protectable password has been entered.
  - 3. The method of claim 1, wherein step (a) includes:
    - (a1) entering a first token delimiter immediately before the protectable password; and
      
      (a2) entering a second token delimiter immediately after the protectable password.
  - 4. The method of claim 3, wherein step (b) includes:
    - (b1) detecting the first token delimiter in the string of the apparent password;
      
      (b2) detecting the second token delimiter in the string of the apparent password; and
      
      (b3) comparing the characters in the string of the apparent password between the first and second token delimiters with the protectable password.
  - 5. The method of claim 3, wherein the first and second token delimiters are defined by a user.

6. A method for providing a protectable password comprising:
- a) creating a random pattern in response to receiving a request from a user to access a protected resource in a computing system, wherein the random pattern is associated with the request;
  
  b) displaying the random pattern associated with the request to the user;
  
  c) allowing the user to enter an apparent password into the computing system that controls access to the protected resource, wherein the apparent password is a string of characters and keystrokes including the password, the random pattern and an arbitrary number of characters and keystrokes unrelated to the protectable password, allowing the user to enter the protectable password and the random pattern in any position within the apparent password;
  
  d) analyzing the string of characters and keystrokes of the apparent password by the computing system to determine a presence or absence of the protectable password and the random pattern associated with the request; and
  
  e) validating the apparent password if the protectable password and the random pattern are determined to be present in any position within the string of characters and keystrokes of the apparent password.
- View Dependent Claims (7, 8)
- - 7. The method of claim 6, wherein step (C) includes:
    - (c1) allowing the user to fragment the protectable password into a plurality of segments;
      
      (c2) entering a first segment of the protectable password;
      
      (c3) entering a string of characters and keystrokes unrelated to the protectable password;
      
      (c4) entering a next segment of the protectable password; and
      
      (c5) repeating steps (c3) and (c4) until a last segment of the protectable password has been entered.
  - 8. The method of claim 6, wherein step (c) includes:
    - (c1) entering a first token delimiter immediately before the protectable password; and
      
      (c2) entering a second token delimiter immediately after the protectable password, wherein the first and second token delimiters are defined by the user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lenovo International Limited (Lenovo Group Ltd.)
Original Assignee
International Business Machines Corporation
Inventors
Dayan, Richard Alan, Jennings, Jeffery Bart
Primary Examiner(s)
Zand; Kambiz
Assistant Examiner(s)
Tolentino; Roderick

Application Number

US10/860,363
Publication Number

US 20050273625A1
Time in Patent Office

1,608 Days
Field of Search

None
US Class Current

713/184
CPC Class Codes

G06F 21/31 User authentication

Method for protecting a user's password

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

8 Claims

Specification

Solutions

Use Cases

Quick Links

Method for protecting a user's password

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

8 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links