Password input and verification method
First Claim
1. A password input and verification method of a financial transaction system for a user to enter a string of characters for authentication against a password pre-set in said financial transaction system, comprising the steps of:
- prompting said user by an automatic teller machine to enter the string of characters for authentication against said password;
obtaining said string of characters entered by said user by automatic teller machine;
comparing said string of characters with said password, wherein comparing includes examining said string of characters for each of the following four conditions;
said password as a whole is a prefix of said string of characters;
said password as a whole is an infix of said string of characters;
said password as a whole is a suffix of said string of characters, andsaid password as a whole is an exact match to said string of characters; and
authenticating said user and permitting said user to conduct transaction through said automatic teller machine if said string of characters satisfies any of the four conditions.
1 Assignment
0 Petitions
Accused Products
Abstract
A password input and verification method is provided to prevent the disclosing of the password from peeping. The method is easy to learn, transparent to the users, and requires no hardware change and only minor software modification. The method allows a user to enter a much longer string of characters when he or she is asked for the password. The user is then authenticated if the actual password is embedded as a whole anywhere within the input string. The method also provides a mechanism called prohibition key. A prohibition key is a predetermined character that, when present in the user input string, the user is not authenticated regardless of whether the actual password is contained in the input string or not.
-
Citations
14 Claims
-
1. A password input and verification method of a financial transaction system for a user to enter a string of characters for authentication against a password pre-set in said financial transaction system, comprising the steps of:
-
prompting said user by an automatic teller machine to enter the string of characters for authentication against said password; obtaining said string of characters entered by said user by automatic teller machine; comparing said string of characters with said password, wherein comparing includes examining said string of characters for each of the following four conditions; said password as a whole is a prefix of said string of characters; said password as a whole is an infix of said string of characters; said password as a whole is a suffix of said string of characters, and said password as a whole is an exact match to said string of characters; and authenticating said user and permitting said user to conduct transaction through said automatic teller machine if said string of characters satisfies any of the four conditions. - View Dependent Claims (2, 3, 4)
-
-
5. A password input and verification method of a financial transaction system for a user to enter a string of characters for authentication against a password and at least a prohibition key pre-set in said financial transaction system, comprising the steps of:
-
prompting said user by an automatic teller machine to enter a string of characters for authentication against said password; obtaining said string of characters entered by said user by said automatic teller machine; comparing said string of characters with said password, wherein comparing includes examining said string of characters for each of the following four conditions; said password as a whole is a prefix of said string of characters, and said prohibition key is not contained in said string of characters; said password as a whole is an infix of said string of characters, and said prohibition key is not contained in said string of characters; said password as a whole is a suffix of said string of characters, and said prohibition key is not contained in said string of characters; and said password as a whole is an exact match to said string of characters, and said prohibition key is not contained in said string of characters; and authenticating said user and permitting said user to conduct transaction through said automatic teller machine if said string of characters satisfies any of the four conditions. - View Dependent Claims (6, 7, 8)
-
-
9. A password input and verification method of a software system for a user to enter a string of characters for authentication against a password pre-set in said software system, comprising the steps of:
-
prompting said user on a display to enter a string of characters for authentication against said password; obtaining said string of characters entered by said user via a keyboard; comparing said string of characters with said password, wherein comparing includes examining said string of characters for each of the following four conditions; said password as a whole is a prefix of said string of characters; said password as a whole is an infix of said string of characters; said password as a whole is a suffix of said string of characters; and said password as a whole is an exact match to said string of characters; and authenticating said user and permitting said user to access said software system if said string of characters satisfies any of the four conditions. - View Dependent Claims (10, 11)
-
-
12. A password input and verification method of a software system for a user to enter a string of characters for authentication against a password and at least a prohibition key pre-set in said software system, comprising the steps of:
-
prompting said user on a display to enter a string of characters for authentication against said password; obtaining said string of characters entered by said user via a keyboard; comparing said string of characters with said password, wherein comparing includes examining said string of characters for each of the following four conditions; said password as a whole is a prefix of said string of characters, and said prohibition key is not contained in said string of characters; said password as a whole is an infix of said string of characters, and said prohibition key is not contained in said string of characters; said password as a whole is a suffix of said string of characters, and said prohibition key is not contained in said string of characters; and said password as a whole is an exact match to said string of characters, and said prohibition key is not contained in said string of characters; and authenticating said user and permitting said user to access said software system if said string of characters satisfies any of the four conditions. - View Dependent Claims (13, 14)
-
Specification