×

Authenticating user identity when resetting passwords

  • US 7,874,011 B2
  • Filed: 12/01/2006
  • Issued: 01/18/2011
  • Est. Priority Date: 12/01/2006
  • Status: Expired due to Fees
First Claim
Patent Images

1. An automated computer implemented process for authenticating a user'"'"'s identity before resetting a password, the computer implemented process comprising:

  • connecting a password reset program to an e-mail repository of a user, a network event log of the user located on a server, and a local event log saved on a workstation computer of the user;

    selecting a data source from at least one of the e-mail repository, the network event log located on the server, or the local event log saved on the workstation computer;

    receiving an identification of the user;

    responsive to receiving the identification of the user, accessing a record located in the data source containing an information related to a recent computer activity of the user recorded in the data source;

    generating an authentication question and a corresponding answer based on the record;

    asking the user the authentication question;

    comparing the reply to the corresponding answer; and

    responsive to the reply matching the corresponding answer, providing a new password to the user;

    wherein the data source is the e-mail repository and the record is an email message;

    wherein the network event log contains an information regarding at least one of how many times the user logged on to the network, how many times the user logged off the network, how many times a certain file was accessed on the network, a recent chat session, a recent instant messaging session, a recently accessed web site, or a computer application accessed by the user;

    wherein the local network log contains a record regarding at least one of how many times the user restarted the computer, how many times the user experienced a computer crash, how many times the user removed a CD, how many times the user removed a DVD, how many times the user connected a personal display assistant, how many times the user connected an MP3 player to the computer, or how many times the user connected the computer to a wireless network within a fixed period of time; and

    wherein a prompt provides a recipient, a date, and a time of the email message, and the authentication question asks for at least one of a set of non-trivial key words included in the email message, a name of a blind-copied recipient of the email message, whether the email message received a response, whether the email message was filed, whether the email message was deleted, whether the email message has any attachments or whether the email message has any reply messages.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×