Password input and verification method

US 7,735,124 B2
Filed: 03/24/2005
Issued: 06/08/2010
Est. Priority Date: 03/24/2005
Status: Expired due to Fees

First Claim

Patent Images

1. A password input and verification method of a financial transaction system for a user to enter a string of characters for authentication against a password pre-set in said financial transaction system, comprising the steps of:

prompting said user by an automatic teller machine to enter the string of characters for authentication against said password;

obtaining said string of characters entered by said user by automatic teller machine;

comparing said string of characters with said password, wherein comparing includes examining said string of characters for each of the following four conditions;

said password as a whole is a prefix of said string of characters;

said password as a whole is an infix of said string of characters;

said password as a whole is a suffix of said string of characters, andsaid password as a whole is an exact match to said string of characters; and

authenticating said user and permitting said user to conduct transaction through said automatic teller machine if said string of characters satisfies any of the four conditions.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A password input and verification method is provided to prevent the disclosing of the password from peeping. The method is easy to learn, transparent to the users, and requires no hardware change and only minor software modification. The method allows a user to enter a much longer string of characters when he or she is asked for the password. The user is then authenticated if the actual password is embedded as a whole anywhere within the input string. The method also provides a mechanism called prohibition key. A prohibition key is a predetermined character that, when present in the user input string, the user is not authenticated regardless of whether the actual password is contained in the input string or not.

Citations

14 Claims

1. A password input and verification method of a financial transaction system for a user to enter a string of characters for authentication against a password pre-set in said financial transaction system, comprising the steps of:
- prompting said user by an automatic teller machine to enter the string of characters for authentication against said password;
  
  obtaining said string of characters entered by said user by automatic teller machine;
  
  comparing said string of characters with said password, wherein comparing includes examining said string of characters for each of the following four conditions;
  
  said password as a whole is a prefix of said string of characters;
  
  said password as a whole is an infix of said string of characters;
  
  said password as a whole is a suffix of said string of characters, andsaid password as a whole is an exact match to said string of characters; and
  
  authenticating said user and permitting said user to conduct transaction through said automatic teller machine if said string of characters satisfies any of the four conditions.
- View Dependent Claims (2, 3, 4)
- - 2. The password input and verification method as claimed in claim 1, wherein said password and said string of characters are sequence of characters selected from a predetermined alphanumeric set.
  - 3. The password input and verification method as claimed in claim 1, wherein said method further comprises the following step before prompting said user to enter said string of characters:
    - obtaining another string of characters by said automatic teller machine as a User ID for retrieving said user'"'"'s said password from said financial transaction system.
  - 4. The password input and verification method as claimed in claim 3, wherein said User ID is stored in a card read by said automatic teller machine.

5. A password input and verification method of a financial transaction system for a user to enter a string of characters for authentication against a password and at least a prohibition key pre-set in said financial transaction system, comprising the steps of:
- prompting said user by an automatic teller machine to enter a string of characters for authentication against said password;
  
  obtaining said string of characters entered by said user by said automatic teller machine;
  
  comparing said string of characters with said password, wherein comparing includes examining said string of characters for each of the following four conditions;
  
  said password as a whole is a prefix of said string of characters, and said prohibition key is not contained in said string of characters;
  
  said password as a whole is an infix of said string of characters, and said prohibition key is not contained in said string of characters;
  
  said password as a whole is a suffix of said string of characters, and said prohibition key is not contained in said string of characters; and
  
  said password as a whole is an exact match to said string of characters, and said prohibition key is not contained in said string of characters; and
  
  authenticating said user and permitting said user to conduct transaction through said automatic teller machine if said string of characters satisfies any of the four conditions.
- View Dependent Claims (6, 7, 8)
- - 6. The password input and verification method as claimed in claim 5, wherein said password, said prohibition key, and said string of characters are sequence of characters selected from a predetermined alphanumeric set.
  - 7. The password input and verification method as claimed in claim 5, wherein said method further comprises the following step before prompting said user to enter said string of characters:
    - obtaining another string of characters by said automatic teller machine as a User ID for retrieving said user'"'"'s said password and said prohibition key from said financial transaction system.
  - 8. The password input and verification method as claimed in claim 7, wherein said User ID is stored in a card read by said automatic teller machine.

9. A password input and verification method of a software system for a user to enter a string of characters for authentication against a password pre-set in said software system, comprising the steps of:
- prompting said user on a display to enter a string of characters for authentication against said password;
  
  obtaining said string of characters entered by said user via a keyboard;
  
  comparing said string of characters with said password, wherein comparing includes examining said string of characters for each of the following four conditions;
  
  said password as a whole is a prefix of said string of characters;
  
  said password as a whole is an infix of said string of characters;
  
  said password as a whole is a suffix of said string of characters; and
  
  said password as a whole is an exact match to said string of characters; and
  
  authenticating said user and permitting said user to access said software system if said string of characters satisfies any of the four conditions.
- View Dependent Claims (10, 11)
- - 10. The password input and verification method as claimed in claim 9, wherein said method further comprises the following step:
    - obtaining another string of characters entered by said user via said keyboard as a User ID for retrieving said user'"'"'s said password from said software system.
  - 11. The password input and verification method as claimed in claim 10, wherein said method further comprises the following step:
    - prompting said user on said display to enter said another string of characters as said User ID.

12. A password input and verification method of a software system for a user to enter a string of characters for authentication against a password and at least a prohibition key pre-set in said software system, comprising the steps of:
- prompting said user on a display to enter a string of characters for authentication against said password;
  
  obtaining said string of characters entered by said user via a keyboard;
  
  comparing said string of characters with said password, wherein comparing includes examining said string of characters for each of the following four conditions;
  
  said password as a whole is a prefix of said string of characters, and said prohibition key is not contained in said string of characters;
  
  said password as a whole is an infix of said string of characters, and said prohibition key is not contained in said string of characters;
  
  said password as a whole is a suffix of said string of characters, and said prohibition key is not contained in said string of characters; and
  
  said password as a whole is an exact match to said string of characters, and said prohibition key is not contained in said string of characters; and
  
  authenticating said user and permitting said user to access said software system if said string of characters satisfies any of the four conditions.
- View Dependent Claims (13, 14)
- - 13. The password input and verification method as claimed in claim 12, wherein said method further comprises the following step:
    - obtaining another string of characters entered by said user via said keyboard as a User ID for retrieving said user'"'"'s said password and said prohibition key from said software system.
  - 14. The password input and verification method as claimed in claim 13, wherein said method further comprises the following step:
    - prompting said user on said display to enter said another string of characters as said User ID.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Chyi-Yeu Lin
Original Assignee
Chyi-Yeu Lin
Inventors
Hung, Tsung-Yu, Lee, Tsung-Han, Chen, Han-Tien, Ho, Chia-Hum, Chen, Huan-Wen, Lin, Chyi-Yeu
Primary Examiner(s)
Pyzocha; Michael
Assistant Examiner(s)
KYLE, TAMARA TESLOVICH

Application Number

US11/089,344
Publication Number

US 20060215360A1
Time in Patent Office

1,902 Days
Field of Search

726/3, 726/5, 726/7, 726/16
US Class Current

726/7
CPC Class Codes

G06F 21/31 User authentication

G07C 9/33 by means of a password

Password input and verification method

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Password input and verification method

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links