Updating stored passwords
First Claim
1. A system comprising:
- an authentication server device to;
receive a first form of a password from a client device according to an authentication protocol, andauthenticate the client device based on a comparison of the first form of the password to a value, derived from a second form of the password and stored in a password database, where the authentication server fails to authenticate the client device when the first form of the password is different than the value derived from the second form of the password; and
a server device to;
establish, when, based on the comparison, the authentication server device fails to authenticate the client device, a secure connection between a quarantine network and the client device,receive a plain-text password from the client device over the secure connection,authenticate the client device based on comparing a value derived from the plain-text password with the value derived from the second form of the password,update, when the client device is authenticated, the password database with a third form of the password that enables the authentication server device to successfully authenticate the client device based on the first form of the password,receive, after updating the password database with the third form of the password, a subsequent first form of the password, from the client device,retrieve the third form of the password from the password databasederive a second value from the third form of the password,compare the subsequent first form of the password to the second value, andauthenticate the client device based on comparing the subsequent first form of the password to the second value.
12 Assignments
0 Petitions
Accused Products
Abstract
A device may include an authentication server and a server. The authentication server may receive a first form of a password from a client device in accordance with an authentication protocol, and authenticate the client device based on a comparison of the first form to a value derived from a second form of the password stored in a password database, where the comparison fails when the first form is not comparable to a value derived from the second form. The server may establish a secure connection to the client, receive a plain-text password from the client device over the secure connection, authenticate the client device by comparing a value derived from the plain-text password with a value derived from the second form, and update the password database with a third form of the password that permits the authentication server to successfully authenticate the client device when the authentication server receives the first form.
-
Citations
18 Claims
-
1. A system comprising:
-
an authentication server device to; receive a first form of a password from a client device according to an authentication protocol, and authenticate the client device based on a comparison of the first form of the password to a value, derived from a second form of the password and stored in a password database, where the authentication server fails to authenticate the client device when the first form of the password is different than the value derived from the second form of the password; and a server device to; establish, when, based on the comparison, the authentication server device fails to authenticate the client device, a secure connection between a quarantine network and the client device, receive a plain-text password from the client device over the secure connection, authenticate the client device based on comparing a value derived from the plain-text password with the value derived from the second form of the password, update, when the client device is authenticated, the password database with a third form of the password that enables the authentication server device to successfully authenticate the client device based on the first form of the password, receive, after updating the password database with the third form of the password, a subsequent first form of the password, from the client device, retrieve the third form of the password from the password database derive a second value from the third form of the password, compare the subsequent first form of the password to the second value, and authenticate the client device based on comparing the subsequent first form of the password to the second value. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method comprising:
-
receiving a first form of a password from a client device; retrieving a second form of the password from a password database; deriving a value from the second form of the password; comparing the first form of the password to the derived value; establishing, when, based on the comparing, the first form of the password and the derived value are determined to be different, a secure connection between the client device and a quarantine network; receiving a plain-text password, from the client device, over the secure connection; authenticating the client device based on comparing a value derived from the plain-text password with the value derived from the second form of the password; replacing, when the client device is authenticated, the second form of the password in the password database with a third form of the password that enables the client device to be authenticated based on the first form of the password; receiving, after replacing the second form of the password with the third form of the password, a subsequent first form of the password, from the client device;
retrieving the third form of the password from the password database;deriving a second value from the third form of the password; comparing the subsequent first form of the password to the second value; and authenticating the client device based on comparing the subsequent first form of the password to the second value. - View Dependent Claims (12, 13, 14, 15, 16, 17)
-
-
18. A non-transitory computer-readable medium containing instructions executable by one or more devices, the computer-readable medium comprising:
-
one or more instructions to receive a first form of a password, one or more instructions to determine, based on comparing a value derived from the first form of the password with a value derived from a second form of the password, whether to authenticate the client device, where the second form is stored in a memory associated with the device, one or more instructions to establish a connection between the client device and a quarantine network when the client device is not authenticated based on comparing the first form of the password to the value derived from the second form of the password, one or more instructions to receive, in response to establishing the connection, a plain-text password from the client device over the connection, one or more instructions to authenticate the client device based on comparing a value derived from the plain-text password with the value derived from the second form of the password, one or more instructions to overwrite, when the client device is authenticated, the second form of the password, in the memory, with a third form of the password, one or more instructions to subsequently receive the first form of the password, one or more instructions to compare the subsequently received first form of the password to a value derived from the third form of the password, and one or more instructions to authenticate the client device based on comparing the subsequently received first form of the password to the value derived from the third form of the password.
-
Specification