Authentication
First Claim
Patent Images
1. A method for authentication in a client computer, comprising:
- obtaining a client base value selected by a user of the client computer for at least a first usage purpose, the first usage purpose comprising generating a one-time password for accessing a web site on a remote computer;
incrementing a client integer originally selected by the user for at least a second usage purpose such that the client integer increases in value, the second usage purpose comprising limiting access to an email inbox for spam control;
combining the client base value with the client integer to obtain a client combination;
hashing the client combination to obtain a client password; and
maintaining a stored base value and a stored integer for the user on a remote computer, the stored integer being a previous value of the client integer prior to the client integer being incremented and increased in value;
transmitting to the remote computer a request comprising the client password and the client integer;
comparing the client integer to the stored integer;
if the client integer is lower than or equal to the stored integer, rejecting the request;
if the client integer is higher than the stored integer,combining the stored base value with the client integer to obtain a remote combination,hashing the remote combination to obtain a remote password, andif the remote password does not match the client password, rejecting the request;
if the remote password matches the client password,authorizing the request, and replacing the stored integer with the client integer, such that the stored integer after being replaced has a higher value than before.
2 Assignments
0 Petitions
Accused Products
Abstract
A method for authentication in a client computer and a remote computer is disclosed. A client base value is obtained, selected by a user of the client computer for at least a first usage purpose. A client integer is obtained, selected by the user for at least a second usage purpose. The client base value is combined with the client integer to obtain a client combination. The client combination is hashed to obtain a client password.
-
Citations
6 Claims
-
1. A method for authentication in a client computer, comprising:
-
obtaining a client base value selected by a user of the client computer for at least a first usage purpose, the first usage purpose comprising generating a one-time password for accessing a web site on a remote computer; incrementing a client integer originally selected by the user for at least a second usage purpose such that the client integer increases in value, the second usage purpose comprising limiting access to an email inbox for spam control; combining the client base value with the client integer to obtain a client combination; hashing the client combination to obtain a client password; and maintaining a stored base value and a stored integer for the user on a remote computer, the stored integer being a previous value of the client integer prior to the client integer being incremented and increased in value; transmitting to the remote computer a request comprising the client password and the client integer; comparing the client integer to the stored integer; if the client integer is lower than or equal to the stored integer, rejecting the request; if the client integer is higher than the stored integer, combining the stored base value with the client integer to obtain a remote combination, hashing the remote combination to obtain a remote password, and if the remote password does not match the client password, rejecting the request; if the remote password matches the client password, authorizing the request, and replacing the stored integer with the client integer, such that the stored integer after being replaced has a higher value than before. - View Dependent Claims (2, 3, 4)
-
-
5. A method for authentication in a client computer, comprising:
-
selecting a client base value for at least a first usage purpose of a user of the client computer, the first usage purpose comprising generating a one-time password for accessing a web site on a remote computer; incrementing a client integer originally selected for at least a second usage purpose of the user such that the client integer increases in value, the second usage purpose comprising limiting access to an email inbox for spam control; combining the client base value with the client integer to obtain a client combination; hashing the client combination to obtain a client password; transmitting a request to a remote computer, the request comprising the client password and the client integer; receiving the request at the remote computer;
maintaining on the remote computer a stored base value and a stored integer for the user, the stored integer being a previous value of the client integer prior to the client integer being incremented and increased in value;comparing the client integer to the stored integer; if the client integer is lower than or equal to the stored integer, rejecting the request; if the client integer is higher than the stored integer, combining the stored base value with the client integer to obtain a remote combination; hashing the remote combination to obtain a remote password; and if the remote password does not match the client password, rejecting the request; if the remote password matches the client password, authorizing the request, and replacing the stored integer with the client integer, such that the stored integer after being replaced has a higher value than before.
-
-
6. A system for authentication, comprising:
-
a client computer adapted to construct a client password by passing a client combination through a hash function, the client combination being formed from a client base value having a first usage purpose selected by a user of the client computer, and a client integer originally selected for a second usage purpose selected by the user, the first usage purpose comprising generating a one-time password for accessing a web site on a remote computer, and the second usage purpose comprising limiting access to an email inbox for spam control, the client integer being incremented by the client computer to increase in value; the client computer being further adapted to transmit to the remote computer a request comprising the client password and the client integer; a remote computer communicatively coupled to the client computer, and adapted to receive from the client computer a request comprising the client password and the client integer; and a remote data store communicatively coupled to the remote computer, comprising a stored base value and a stored integer; the remote computer being further adapted to; determine an authorization status of the request, and to construct a remote password by passing a remote combination through the hash function, the remote combination being formed from the stored base value and the client integer; maintain a stored base value and a stored integer for the user on a remote computer, the stored integer being a previous value of the client integer prior to the client integer being incremented and increased in value; comparing the client integer to the stored integer; if the client integer is lower than or equal to the stored integer, rejecting the request; if the client integer is higher than the stored integer, combine the stored base value with the client integer to obtain a remote combination; hash the remote combination to obtain a remote password; and if the remote password does not match the client password, rejecting the request; if the remote password matches the client password, authorize the request, and replace the stored integer with the client integer, such that the stored integer after being replaced has a higher value than before.
-
Specification