Secure password entry

US 7,539,874 B2
Filed: 05/20/2004
Issued: 05/26/2009
Est. Priority Date: 05/20/2004
Status: Expired due to Fees

First Claim

Patent Images

1. A computer-implemented method for secure password entry, comprising:

displaying a password prompt comprising a changing stream of random characters, wherein a particular character within said changing stream of random characters is displayed at a visibly detectable higher frequency; and

receiving input to increment or decrement said particular character to reach a password character of a password.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method, system, and program defeating unauthorized keystroke logging during password entry are provided. Secure password entry is facilitated by displaying a password prompt comprising a changing stream of random characters, where a particular character within the stream of random characters is displayed at a visibly detectable higher frequency. A user selects a password character by entering input to increment or decrement the particular high frequency character to reach the password character, such that any unauthorized keystroke logging to detect said password is ineffective. Once the user reaches the password character, the user provides another input indicating a selection of the current high frequency character as the password character. Once the user has selected all the characters of the password, the user enters an input indicating the password is complete and the password entry controller then passes the password to the calling layer.

23 Citations

View as Search Results

9 Claims

1. A computer-implemented method for secure password entry, comprising:
- displaying a password prompt comprising a changing stream of random characters, wherein a particular character within said changing stream of random characters is displayed at a visibly detectable higher frequency; and
  
  receiving input to increment or decrement said particular character to reach a password character of a password.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method according to claim 1 for secure password entry, further comprising:
    - displaying a plurality of character positions, wherein a stream of random characters is displayed in each of said plurality of character positions, wherein a particular position from among said plurality of character positions provides said password prompt.
  - 3. The method according to claim 2 for secure password entry, further comprising:
    - adjusting which character position from among said plurality of character positions provides said password prompt.
  - 4. The method according to claim 2 for secure password entry, further comprising:
    - adjusting a number of said plurality of character positions.
  - 5. The method according to claim 1 for secure password entry, further comprising:
    - responsive to receiving input of a character selection input for selecting said particular character, selecting said particular character as said password character from among a plurality of separately selectable password characters of said password; and
      
      responsive to receiving input of a password completion character indicating that said password is complete, securely passing each separately selected password character of said password to a requesting software layer.
  - 6. The method according to claim 1 for secure password entry, further comprising:
    - responsive to receiving a request for a password from a software layer within a data processing system, invoking a password entry controller from within said data processing system, wherein said password entry controller controls said displaying said password prompt and said receiving input to increment or decrement said particular character.
  - 7. The method according to claim 1 for secure password entry, further comprising:
    - responsive to receiving, at a client system, a request for a password entry from a server system from which said client system is attempting to access a resource, invoking a password entry controller from within said data processing system, wherein said password entry controller controls said displaying said password prompt and said receiving input to increment or decrement said particular character.
  - 8. The method according to claim 1 for secure password entry, further comprising:
    - generating said stream of random characters, wherein said particular character is randomly selected.
  - 9. The method according to claim 1 for secure password entry, further comprising:
    - adjusting a frequency percentage at which said particular character is displayed in said stream of random characters.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Waterland, Amos P.
Primary Examiner(s)
Zand; Kambiz
Assistant Examiner(s)
TABOR, AMARE F

Application Number

US10/849,610
Publication Number

US 20050262555A1
Time in Patent Office

1,832 Days
Field of Search

380/4, 713/180, 713/182, 713/184, 713/202, 726/5, 726/19, 726/21
US Class Current

713/183
CPC Class Codes

G06F 21/36 by graphic or iconic repres...

Secure password entry

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

23 Citations

9 Claims

Specification

Solutions

Use Cases

Quick Links

Secure password entry

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

23 Citations

9 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links