Authenticating user identity when resetting passwords
First Claim
1. An automated computer implemented process for authenticating a user'"'"'s identity before resetting a password, the computer implemented process comprising:
- connecting a password reset program to an e-mail repository of a user, a network event log of the user located on a server, and a local event log saved on a workstation computer of the user;
selecting a data source from at least one of the e-mail repository, the network event log located on the server, or the local event log saved on the workstation computer;
receiving an identification of the user;
responsive to receiving the identification of the user, accessing a record located in the data source containing an information related to a recent computer activity of the user recorded in the data source;
generating an authentication question and a corresponding answer based on the record;
asking the user the authentication question;
comparing the reply to the corresponding answer; and
responsive to the reply matching the corresponding answer, providing a new password to the user;
wherein the data source is the e-mail repository and the record is an email message;
wherein the network event log contains an information regarding at least one of how many times the user logged on to the network, how many times the user logged off the network, how many times a certain file was accessed on the network, a recent chat session, a recent instant messaging session, a recently accessed web site, or a computer application accessed by the user;
wherein the local network log contains a record regarding at least one of how many times the user restarted the computer, how many times the user experienced a computer crash, how many times the user removed a CD, how many times the user removed a DVD, how many times the user connected a personal display assistant, how many times the user connected an MP3 player to the computer, or how many times the user connected the computer to a wireless network within a fixed period of time; and
wherein a prompt provides a recipient, a date, and a time of the email message, and the authentication question asks for at least one of a set of non-trivial key words included in the email message, a name of a blind-copied recipient of the email message, whether the email message received a response, whether the email message was filed, whether the email message was deleted, whether the email message has any attachments or whether the email message has any reply messages.
1 Assignment
0 Petitions
Accused Products
Abstract
The “identity authentication program” (IAP) creates a custom set of authentication questions in response to a user request to have a user password reset. The IAP accesses a record located in a data source containing information related to the user'"'"'s recent computer activity and generates an authentication question and a corresponding answer based on the record. In order to reset a user password, the user must correctly answer a designated number of questions from the custom set of authentication questions. In a preferred embodiment, the IAP bases authentication questions on recent e-mail messages sent by the user. Because the questions are generated at the time of the user'"'"'s request, the answers are unique and can not be memorized. Because the questions are based on recent activities of the user, the questions are hard to guess by an unauthorized person.
-
Citations
15 Claims
-
1. An automated computer implemented process for authenticating a user'"'"'s identity before resetting a password, the computer implemented process comprising:
-
connecting a password reset program to an e-mail repository of a user, a network event log of the user located on a server, and a local event log saved on a workstation computer of the user; selecting a data source from at least one of the e-mail repository, the network event log located on the server, or the local event log saved on the workstation computer; receiving an identification of the user; responsive to receiving the identification of the user, accessing a record located in the data source containing an information related to a recent computer activity of the user recorded in the data source; generating an authentication question and a corresponding answer based on the record; asking the user the authentication question; comparing the reply to the corresponding answer; and responsive to the reply matching the corresponding answer, providing a new password to the user; wherein the data source is the e-mail repository and the record is an email message; wherein the network event log contains an information regarding at least one of how many times the user logged on to the network, how many times the user logged off the network, how many times a certain file was accessed on the network, a recent chat session, a recent instant messaging session, a recently accessed web site, or a computer application accessed by the user; wherein the local network log contains a record regarding at least one of how many times the user restarted the computer, how many times the user experienced a computer crash, how many times the user removed a CD, how many times the user removed a DVD, how many times the user connected a personal display assistant, how many times the user connected an MP3 player to the computer, or how many times the user connected the computer to a wireless network within a fixed period of time; and wherein a prompt provides a recipient, a date, and a time of the email message, and the authentication question asks for at least one of a set of non-trivial key words included in the email message, a name of a blind-copied recipient of the email message, whether the email message received a response, whether the email message was filed, whether the email message was deleted, whether the email message has any attachments or whether the email message has any reply messages. - View Dependent Claims (2, 3, 4, 5)
-
-
6. An apparatus for authenticating a user'"'"'s identity before resetting a password, the apparatus comprising:
-
a processor; a memory connected to the processor; a remotely accessible user interface running in the memory; program instructions to connect a password reset program to an e-mail repository of a user, a network event log of the user located on a server, and a local event log saved on a workstation computer of the user, to select a data source from at least one of the e-mail repository, the network event log located on the server, or the local event log saved on the workstation computer, receive an identification of the user, responsive to receiving the identification of the user access a record located in the data source containing an information related to a recent computer activity of the user recorded in the data source, generate an authentication question and corresponding answer based on the record, ask the user the authentication question, receive a reply to the authentication question, compare the reply to the corresponding answer, and responsive to the reply matching the corresponding answer, provide a new password to the user; wherein the data source is the e-mail repository and the record is an email message, wherein the network event log contains an information regarding at least one of how many times the user logged on to the network, how many times the user logged off the network, how many times a certain file was accessed on the network, a recent chat session, a recent instant messaging session, a recently accessed web site, or a computer application accessed by the user; wherein the local network log contains a record regarding at least one of how many times the user restarted the computer, how many times the user experienced a computer crash, how many times the user removed a CD, how many times the user removed a DVD, how many times the user connected a personal display assistant, how many times the user connected an MP3 player to the computer, or how many times the user connected the computer to a wireless network within a fixed period of time; and wherein a prompt provides a recipient, a date, and a time of the email message and the authentication question asks for at least one of a set of non-trivial key words included in the email message, a name of a blind-copied recipient of the email message, whether the email message received a response, whether the email message was filed, whether the email message was deleted, whether the email message has any attachments or whether the email message has any reply messages; wherein the program instructions are stored on a non-transitory computer readable medium for running on the processor via the memory. - View Dependent Claims (7, 8, 9, 10, 11)
-
-
12. A computer program product for authenticating a user'"'"'s identity before resetting a password, comprising:
-
a non-transitory computer readable storage medium; first program instructions for connecting a password reset program to an e-mail repository of a user, a network event log of the user located on a server, and a local event log saved on a workstation computer of the user; second program instructions for selecting a data source from at least one of the e-mail repository, the network event log located on the server, and the local event log saved on the workstation computer; third program instructions for receiving a user identification; fourth program instructions for accessing, responsive to receiving the identification of the user, a record located in the data source containing an information related to a recent computer activity of the user recorded in the data source; fifth program instructions for generating an authentication question and corresponding answer based on the accessed record; sixth program instructions for asking a user the authentication question; seventh program instructions for receiving a reply to the authentication question; eighth program instructions for comparing the reply to the corresponding answer; and ninth program instructions for providing, responsive to the reply matching the corresponding answer, a new password to the user; wherein the data source is an e-mail repository and the record is an e-mail message; wherein the network event log contains an information regarding at least one of how many times the user logged on to the network, how many times the user logged off the network, how many times a certain file was accessed on the network, a recent chat session, a recent instant messaging session, a recently accessed web site, and a computer application accessed by the user; wherein the local network log contains a record regarding at least one of how many times the user restarted the computer, how many times the user experienced a computer crash, how many times the user removed a CD, how many times the user removed a DVD, how many times the user connected a personal display assistant, how many times the user connected an MP3 player to the computer, and how many times the user connected the computer to a wireless network within a fixed period of time; and wherein a prompt provides a recipient, a data, and a time of the email message and the authentication question asks for at least one of a set of non-trivial key words included in the email message, a name of a blind-copied recipient of the email message, whether the email message received a response, whether the email message was filed, whether the email message was deleted, whether the email message has any attachments and whether the email message has any reply messages; wherein the first through the ninth program instructions are stored on the non-transitory computer readable storage medium. - View Dependent Claims (13, 14, 15)
-
Specification