Two-factor anti-phishing authentication systems and methods

US 8,015,598 B2
Filed: 11/17/2008
Issued: 09/06/2011
Est. Priority Date: 11/16/2007
Status: Active Grant

First Claim

Patent Images

1. A computerized method of providing access to a secure resource, the method comprising:

to each of a plurality of authorized users, providing a link to the secure resource, wherein each link includes a unique password embedded therein and wherein each unique password relates to a particular user identification (userID) and personal identification number (PIN);

receiving a request to access the resource using a link having a password embedded therein, wherein the request originates at a web browser;

directing the browser to a login screen;

receiving via the login screen a userID and PIN;

determining whether the userID and PIN relate to one another and to the password; and

allowing or denying access to the resource in accordance with the determination.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computerized method of providing access to a secure resource includes, to each of a plurality of authorized users, providing a link to the secure resource. Each link includes a unique password embedded therein and each unique password relates to a particular user identification (userID) and personal identification number (PIN). The method also includes receiving a request to access the resource using a link having a password embedded therein, which request originates at a web browser. The method further includes directing the browser to a login screen and receiving via the login screen a userID and PIN. The method also includes determining whether the userID and PIN relate to one another and to the password and allowing or denying access to the resource in accordance with the determination.

Citations

5 Claims

1. A computerized method of providing access to a secure resource, the method comprising:
- to each of a plurality of authorized users, providing a link to the secure resource, wherein each link includes a unique password embedded therein and wherein each unique password relates to a particular user identification (userID) and personal identification number (PIN);
  
  receiving a request to access the resource using a link having a password embedded therein, wherein the request originates at a web browser;
  
  directing the browser to a login screen;
  
  receiving via the login screen a userID and PIN;
  
  determining whether the userID and PIN relate to one another and to the password; and
  
  allowing or denying access to the resource in accordance with the determination.
- View Dependent Claims (2, 3)
- - 2. The method of claim 1, wherein providing the link comprises sending the link as an email attachment.
  - 3. The method of claim 1, wherein providing the link comprises sending the link as a file stored on a USB drive.

4. A computerized method of providing access to a secure resource, the method comprising:
- to each of a plurality of authorized users, providing a link to the secure resource, wherein each link includes a unique password embedded therein and wherein each unique password relates to a particular user identification (userID) and personal identification number (PIN);
  
  receiving a request to access the resource using a link not having a password embedded therein, wherein the request originates at a web browser;
  
  directing the browser to a login screen;
  
  receiving via the login screen a userID and PIN;
  
  determining that the userID and PIN relate to a user also having a password;
  
  directing the user to login via a bookmark having the password;
  
  receiving a subsequent request to access the resource using a link having a password embedded therein;
  
  directing the browser to the login screen;
  
  receiving via the login screen the userID and PIN;
  
  determining whether the userID and PIN relate to one another and to the password; and
  
  allowing or denying access to the resource in accordance with the determination.

5. A computerized method of providing access to a secure resource, the method comprising:
- a custodian of the resource providing to each of a plurality of authorized users a link to the secure resource, wherein each link includes a unique password embedded therein and wherein each unique password relates to a particular user identification (userID) and personal identification number (PIN);
  
  an unauthorized user obtaining a userID and password from an authorized user;
  
  the unauthorized user attempting to access the resource without providing the embedded password; and
  
  the custodian directing the unauthorized user to attempt to access the resource using a link having the password.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CA, Inc. (d/b/a CA Technologies) (Broadcom, Inc.)
Original Assignee
Arcot Systems, Inc. (Broadcom, Inc.)
Inventors
Hird, Geoffrey
Primary Examiner(s)
Zand; Kambiz
Assistant Examiner(s)
Wyszynski; Aubrey H

Application Number

US12/272,489
Publication Number

US 20090138950A1
Time in Patent Office

1,023 Days
Field of Search

726/4, 726/5, 726/6, 726/7, 726/28
US Class Current

726/7
CPC Class Codes

G06F 21/31 User authentication

Two-factor anti-phishing authentication systems and methods

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

5 Claims

Specification

Solutions

Use Cases

Quick Links

Two-factor anti-phishing authentication systems and methods

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

5 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links