Systems and methods for implementing device-specific passwords

US 8,276,196 B1
Filed: 08/18/2008
Issued: 09/25/2012
Est. Priority Date: 08/18/2008
Status: Active Grant

First Claim

Patent Images

1. A non-transitory computer-readable storage medium having computer-executable instructions thereon implementing a method for providing a user with access to a restricted service on a network, the user employing a particular computing device communicatively coupled to the network, the method comprising:

receiving credentials from the user upon the user requesting access to the restricted service, the credentials including a user identifier and a master password that is not specific to the computing device;

obtaining from the computing device identifying indicia thereof that at least nearly uniquely identifies the computing device;

determining from the received user identifier an entry for the user in a credentials database;

determining from the entry for the user that the computing device is not registered as having a device-specific password for use by the user with the restricted service inasmuch as the obtained identifying indicia of the computing device does not appear in the entry, but that information on the master password in the received credentials appears in the entry;

granting the user access to the restricted service based on the information on the master password in the received credentials appearing in the entry;

obtaining from the user a device-specific password for the computing device upon granting the user access to the restricted service;

storing the obtained identifying indicia of the computing device and information on the obtained device-specific password for the computing device in a sub-entry of the entry for the user in the credentials database such that the computing device of the user corresponding to the obtained identifying indicia is registered as having a device-specific password for use by the user with the restricted service;

wherein the user at a later time may employ the registered computing device to access the restricted service with the corresponding device-specific password; and

directing the computing device to an appropriate feature site representative of the restrictive service based on a determined type of the computing device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Each of multiple computing devices of a user is registered by obtaining therefrom identifying indicia, obtaining from the user a device-specific password for the computing device, and storing the obtained identifying indicia and device-specific password for the computing device in an entry for the user in a credentials database. The user requests access to a restricted service by way of a particular one of the multiple computing devices with credentials including the device-specific password for the particular computing device, and identifying indicia are obtained therefrom. The obtained identifying indicia and the device-specific password of the particular computing device appear in the entry, and the user is thus granted access to the restricted service.

Citations

21 Claims

1. A non-transitory computer-readable storage medium having computer-executable instructions thereon implementing a method for providing a user with access to a restricted service on a network, the user employing a particular computing device communicatively coupled to the network, the method comprising:
- receiving credentials from the user upon the user requesting access to the restricted service, the credentials including a user identifier and a master password that is not specific to the computing device;
  
  obtaining from the computing device identifying indicia thereof that at least nearly uniquely identifies the computing device;
  
  determining from the received user identifier an entry for the user in a credentials database;
  
  determining from the entry for the user that the computing device is not registered as having a device-specific password for use by the user with the restricted service inasmuch as the obtained identifying indicia of the computing device does not appear in the entry, but that information on the master password in the received credentials appears in the entry;
  
  granting the user access to the restricted service based on the information on the master password in the received credentials appearing in the entry;
  
  obtaining from the user a device-specific password for the computing device upon granting the user access to the restricted service;
  
  storing the obtained identifying indicia of the computing device and information on the obtained device-specific password for the computing device in a sub-entry of the entry for the user in the credentials database such that the computing device of the user corresponding to the obtained identifying indicia is registered as having a device-specific password for use by the user with the restricted service;
  
  wherein the user at a later time may employ the registered computing device to access the restricted service with the corresponding device-specific password; and
  
  directing the computing device to an appropriate feature site representative of the restrictive service based on a determined type of the computing device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 16)
- - 2. The medium of claim 1 wherein the master password is a relatively stronger password and the device-specific password is a relatively weaker password.
  - 3. The medium of claim 1 wherein the restricted service employs an access service to provide the user with access to the restricted service.
  - 4. The medium of claim 1 wherein the credentials are received from the user in a textual form by way of a keyboard or keypad of the computing device.
  - 5. The medium of claim 1 wherein the password as received from the user is thereafter obfuscated, and wherein the obfuscated password is matched to the password information in the credentials database.
  - 6. The medium of claim 1 wherein the identifying indicia of the computing device is based on at least a MAC (Media Access Control) address of the computing device.
  - 7. The medium of claim 1 wherein the credentials database includes an entry for the user including information on the master password of the user and a sub-entry for each of a plurality of registered computing devices of the user, each sub-entry including identifying indicia (ID) of the corresponding computing device and information on the device-specific password selected to be entered when employing such corresponding computing device.
  - 16. The medium of claim 1 wherein the restricted service employs an access service to provide the user with access to the restricted service.

8. A non-transitory computer-readable storage medium having computer-executable instructions thereon implementing a method for providing a user with access to a restricted service on a network, the user employing a particular computing device communicatively coupled to the network, the method comprising:
- receiving credentials from the user upon the user requesting access to the restricted service, the credentials including a user identifier and a device-specific password specific to the computing device;
  
  obtaining from the computing device identifying indicia thereof that at least nearly uniquely identifies the computing device;
  
  determining from the received user identifier an entry for the user in a credentials database;
  
  determining from the entry for the user that the computing device is registered as having a device-specific password for use by the user with the restricted service inasmuch as the obtained identifying indicia of the computing device appears in a sub-entry of the entry, and that information on the device-specific password in the received credentials also appears in the sub-entry of the entry;
  
  granting the user access to the restricted service based on the obtained identifying indicia of the computing device appearing in the sub-entry of the entry and also on the information on the device-specific password in the received credentials appearing the sub-entry of the entry; and
  
  directing the computing device to an appropriate feature site representative of the restrictive service based on a determined type of the computing device.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The medium of claim 8 wherein the restricted service employs an access service to provide the user with access to the restricted service.
  - 10. The medium of claim 8 wherein the restricted service is a banking or financial service provided by a bank or other financial institution, and wherein the user is a holder of an account as provided by the bank or other financial institution.
  - 11. The medium of claim 8 wherein the credentials are received from the user in a textual form by way of a keyboard or keypad of the computing device.
  - 12. The medium of claim 8 wherein the password as received from the user is thereafter obfuscated, and wherein the obfuscated password is matched to the password information in the credentials database.
  - 13. The medium of claim 8 wherein the identifying indicia of the computing device is based on at least a MAC (Media Access Control) address of the computing device.
  - 14. The medium of claim 8 wherein the credentials database includes an entry for the user including information on a master password of the user and a subentry for each of a plurality of registered computing devices of the user, each sub-entry including identifying indicia (ID) of the corresponding computing device and information on the device-specific password selected to be entered when employing such corresponding computing device.

15. A non-transitory computer-readable storage medium having computer-executable instructions thereon implementing a method for providing a user with access to a restricted service on a network, the method comprising:
- registering each of a plurality of computing devices of the user by;
  
  obtaining from the computing device identifying indicia thereof that at least nearly uniquely identifies the computing device;
  
  obtaining from the user a device-specific password to the computing device;
  
  storing the obtained identifying indicia of the computing device and information on the obtained device-specific password for the computing device in a sub-entry of an entry for the user in a credentials database;
  
  receiving credentials from the user upon the user requesting access to the restricted service by way of a particular one of the plurality of computing devices communicatively coupled to the network, the credentials including the device-specific password specific to the particular computing device;
  
  obtaining from the particular computing device identifying indicia thereof that at least nearly uniquely identifies the computing device;
  
  determining from the entry for the user that the particular computing device is registered inasmuch as the obtained identifying indicia of the computing device appears in a sub-entry of the entry, and that information on the device-specific password in the received credentials also appears in the sub-entry of the entry;
  
  granting the user access to the restricted service based on the obtained identifying indicia of the computing device appearing in the sub-entry of the entry and also on the information on the device-specific password in the received credentials appearing in the sub-entry of the entry; and
  
  directing the computing device to an appropriate feature site representative of the restrictive service based on a determined type of the computing device.
- View Dependent Claims (17, 18, 19, 20, 21)
- - 17. The medium of claim 15 wherein the restricted service is a banking or financial service provided by a bank or other financial institution, and wherein the user is a holder of an account as provided by the bank or other financial institution.
  - 18. The medium of claim 15 wherein the credentials are received from the user in a textual form by way of a keyboard or keypad of the computing device.
  - 19. The medium of claim 15 wherein the password as received from the user is thereafter obfuscated, and wherein the obfuscated password is matched to the password information in the credentials database.
  - 20. The medium of claim 15 wherein the identifying indicia of the computing device is based on at least a MAC (Media Access Control) address of the computing device.
  - 21. The medium of claim 15 wherein the credentials database includes an entry for the user including information on the master password of the user and a sub-entry for each of a plurality of registered computing devices of the user, each subentry including identifying indicia (ID) of the corresponding computing device and information on the device-specific password selected to be entered when employing such corresponding computing device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
United Services Automobile Association
Original Assignee
United Services Automobile Association
Inventors
Shipley, Brian Francisco
Primary Examiner(s)
Smithers, Matthew
Assistant Examiner(s)
FIELDS, COURTNEY D

Application Number

US12/193,111
Time in Patent Office

1,499 Days
Field of Search

726/6, 726/8, 726/19
US Class Current

726/6
CPC Class Codes

G06F 21/31   User authentication

G06F 21/34   involving the use of extern...

G06F 21/44   Program or device authentic...

G06F 21/45   Structures or tools for the...

G06F 2221/2113   Multi-level security, e.g. ...

G06Q 20/4014   Identity check for transact...

H04L 63/083   using passwords cryptograph...

H04L 63/102   Entity profiles

H04L 9/3226   using a predetermined code,...

Systems and methods for implementing device-specific passwords

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for implementing device-specific passwords

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links