Single use web based passwords for network login
First Claim
1. A network device, comprising:
- a transceiver to send and receive data over a network; and
a processor that is operative to perform actions, including;
sending an ordered plurality of single use passwords to a requestor;
receiving a request to access secured content or a secured service from the requestor;
receiving from the requestor one password from the ordered plurality of single use passwords, wherein the requestor is instructed which one password of the ordered plurality of single use passwords based on a position in the ordered plurality of single use passwords;
validating the received one password;
based on the validation, displaying to the requestor a first portion of another password from the ordered plurality of single use passwords and requesting that the requestor provide a second portion of the other password, and further requesting that the requestor provide still another password from the ordered plurality of single use passwords, wherein the still other password is specified to the requestor based on a position within the ordered plurality of single use passwords; and
if the requestor provides a correct second portion of the other password and still other password, enabling access to the secured content or service.
10 Assignments
0 Petitions
Accused Products
Abstract
Embodiments are directed towards employing a plurality of single use passwords to provide phishing detection and user authentication. A user receives a plurality of single use passwords that expire within a defined time period after having been sent to a registered device. During a login attempt, the user enters a user name and a requested one of the passwords, which once entered expires. If valid, the user then enters a portion of another password to complete a displayed portion of a password, and a specified other one of passwords. If the displayed portion of the other passwords does not match any portion of one of passwords, then the user may detect a phishing attempt and terminate the login. If the user correctly the password data, the user may then access secured data. Each new login request requires a different set of passwords to be used.
-
Citations
20 Claims
-
1. A network device, comprising:
-
a transceiver to send and receive data over a network; and a processor that is operative to perform actions, including; sending an ordered plurality of single use passwords to a requestor; receiving a request to access secured content or a secured service from the requestor; receiving from the requestor one password from the ordered plurality of single use passwords, wherein the requestor is instructed which one password of the ordered plurality of single use passwords based on a position in the ordered plurality of single use passwords; validating the received one password; based on the validation, displaying to the requestor a first portion of another password from the ordered plurality of single use passwords and requesting that the requestor provide a second portion of the other password, and further requesting that the requestor provide still another password from the ordered plurality of single use passwords, wherein the still other password is specified to the requestor based on a position within the ordered plurality of single use passwords; and if the requestor provides a correct second portion of the other password and still other password, enabling access to the secured content or service. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system that is operative to manage a secured access over a network, comprising:
-
a password component within a first network device configured to provide an ordered plurality of single use passwords to a computing device, the ordered plurality of single use passwords being configured to expire after a defined time period; and a login service component within a second network device configured to perform actions, including; receiving a request from a requester for access to secured content or service; receiving a password from the ordered plurality of single use passwords, the password being requested from the requestor based on a position within the ordered plurality of single use passwords; determining that the received password is valid for the requestor; requesting another password to be provided, wherein the other password is identified to the requestor based on another position within the ordered plurality of single use passwords; requesting the requester provide a missing portion of yet another password from the ordered plurality of single use passwords by providing to the requestor a first portion of the yet another password; receiving the missing portion of the yet another password, and the other password; if the missing portion and other password are determined to be valid, enabling access to the secured content or service by the requester. - View Dependent Claims (8, 9, 10, 11)
-
-
12. A non-transitory computer-readable storage medium having computer-executable instructions, the computer-executable instructions when installed onto a computing device enable the computing device to perform actions, comprising:
-
receiving a request from a requestor for access to secured content or service; receiving a password from an ordered plurality of single use passwords, the password being requested from the requestor based on a position within the ordered plurality of single use passwords; determining that the received password is valid for the requestor; requesting another password to be provided, wherein the other password to be provided is identified to the requestor based on another position within the ordered plurality of single use passwords; requesting the requestor provide a missing portion of yet another password from the ordered plurality of single use passwords by providing to the requestor a first portion of the yet another password; receiving the missing portion of the yet another password, and the other password; if the missing portion and other password are determined to be valid, enabling access to the secured content or service by the requestor. - View Dependent Claims (13, 14, 15, 16)
-
-
17. A method of performing secure access over a network using a network device that is operative to perform actions, comprising:
-
sending an ordered plurality of single use passwords to a requestor, wherein the passwords expire upon first use or after a defined time period; receiving from the requestor one password from the ordered plurality of single use passwords, wherein the requester is directed which one password of the ordered plurality of single use passwords to provide based indicating to the requestor a position in the ordered plurality of single use passwords from which to select the one password; validating the received one password; based on a result of the validation, displaying to the requestor a first portion of another password from the ordered plurality of single use passwords and requesting that the requestor provide a second portion of the other password, and further requesting that the requestor provide still another password from the ordered plurality of single use passwords, wherein the still other password is specified to the requestor based on a position within the ordered plurality of single use passwords; and if the requestor provides a correct second portion of the other password and the still other password, enabling access to secured content or service. - View Dependent Claims (18, 19, 20)
-
Specification