Password protection using personal information

US 8,539,599 B2
Filed: 12/28/2010
Issued: 09/17/2013
Est. Priority Date: 12/28/2010
Status: Active Grant

First Claim

Patent Images

1. A system including instructions recorded on a computer-readable storage medium and executable by at least one processor of at least one computing device, the system comprising:

a content inspector configured to cause the at least one processor to detect provided personal information from a single user and stored in a content repository, the provided personal information being associated with network publication thereof;

a password inspector configured to cause the at least one processor to detect password related information including a plurality of passwords of the single user, each password associated with at least one computing resource, the plurality of passwords stored in a password repository; and

a comparator configured to cause the at least one processor to perform, in response to a requested network publication of the provided personal information, a comparison of the provided personal information with the password-related information, and to determine, based on the comparison, that a risk level associated with the requested network publication relative to password security of at least one password of the plurality of passwords exceeds a predetermined risk level, and further configured to notify the user that the requested network publication of the provided personal information is associated with potential compromise of the password security of the at least one password of the plurality of passwords.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Provided personal information from a user may be determined, the provided personal information being associated with network publication thereof. A comparison of the provided personal information with password-related information may be performed. Based on the comparison, it may be determined that a risk level associated with the network publication relative to password security of at least one password associated with the password-related information exceeds a predetermined risk level. The user may be notified that the network publication of the provided personal information is associated with potential compromise of the password security of the at least one password.

Citations

17 Claims

1. A system including instructions recorded on a computer-readable storage medium and executable by at least one processor of at least one computing device, the system comprising:
- a content inspector configured to cause the at least one processor to detect provided personal information from a single user and stored in a content repository, the provided personal information being associated with network publication thereof;
  
  a password inspector configured to cause the at least one processor to detect password related information including a plurality of passwords of the single user, each password associated with at least one computing resource, the plurality of passwords stored in a password repository; and
  
  a comparator configured to cause the at least one processor to perform, in response to a requested network publication of the provided personal information, a comparison of the provided personal information with the password-related information, and to determine, based on the comparison, that a risk level associated with the requested network publication relative to password security of at least one password of the plurality of passwords exceeds a predetermined risk level, and further configured to notify the user that the requested network publication of the provided personal information is associated with potential compromise of the password security of the at least one password of the plurality of passwords.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The system of claim 1, wherein the content inspector is configured to scan identified information sources and to execute one or more algorithms for detecting the provided personal information therein.
  - 3. The system of claim 1, wherein the password inspector is configured to detect the password related information in conjunction with password creation or management by the user.
  - 4. The system of claim 1, wherein the requested network publication includes uploading of the provided personal information using an application.
  - 5. The system of claim 4, wherein the application includes a browser application.
  - 6. The system of claim 1, wherein the password-related information includes at least one of a secret question, secret answer, password hint, or username associated with at least one of the plurality of passwords.
  - 7. The system of claim 1, wherein the comparator is configured to determine the risk level based on a similarity analysis between the provided personal information and the password related information.
  - 8. The system of claim 1, wherein the comparator is configured to notify the user including issuing a warning identifying the requested network publication as potentially compromising the password security of the at least one password and requesting confirmation from the user to proceed with the network publication of the provided personal information.
  - 9. The system of claim 1, wherein the comparator is configured to notify the user including issuing a warning identifying the requested network publication as potentially compromising the password security of the at least one password and requesting confirmation from the user to proceed with an updating of the password related information.
  - 10. The system of claim 1, wherein the comparator is configured to perform the comparison including comparing hashed versions of the provided personal information and the password related information.

11. A computer-implemented method comprising:
- configuring at least one processor and/or circuit to perform the functions ofdetecting provided personal information from a single user and stored in a content repository, the provided personal information being associated with network publication thereof;
  
  detecting password related information including a plurality of passwords of the single user, each password associated with at least one computing resource, the plurality of passwords stored in a password repository;
  
  performing a comparison of the provided personal information with the password-related information;
  
  determining, based on the comparison, that a risk level associated with the requested network publication relative to password security of at least one password of the plurality of passwords exceeds a predetermined risk level; and
  
  notifying the user that the requested network publication of the provided personal information is associated with potential compromise of the password security of the at least one password of the plurality of passwords.
- View Dependent Claims (12, 13)
- - 12. The method of claim 11, wherein the password related information is detected in conjunction with password creation or management by the user.
  - 13. The method of claim 11, wherein the risk level is based on a similarity analysis between the provided personal information and the password related information.

14. A computer program product, the computer program product being tangibly embodied on a non-transitory computer-readable storage medium and comprising instructions that, when executed, are configured to:
- detect provided personal information from a single user and stored in a content repository, the provided personal information being associated with network publication thereof;
  
  detect password related information including a plurality of passwords of the single user, each password associated with at least one computing resource, the plurality of passwords stored in a password repository;
  
  perform a comparison of the provided personal information with the password-related information;
  
  determine, based on the comparison, that a risk level associated with the requested network publication relative to password security of at least one password of the plurality of passwords exceeds a predetermined risk level; and
  
  notify the user that the requested network publication of the provided personal information is associated with potential compromise of the password security of the at least one password of the plurality of passwords.
- View Dependent Claims (15, 16, 17)
- - 15. The computer program product of claim 14, wherein the password related information is detected in conjunction with password creation or management by the user.
  - 16. The computer program product of claim 14, wherein the notifying of the user includes issuing a warning identifying the requested network publication as potentially compromising the password security of the at least one password and requesting confirmation from the user to proceed with the requested network publication of the provided personal information.
  - 17. The computer program product of claim 14, wherein the notifying of the user includes issuing a warning identifying the requested network publication as potentially compromising the password security of the at least one password and requesting confirmation from the user to proceed with an updating of the password related information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
SAP SE
Original Assignee
SAP AG (SAP SE)
Inventors
Gomez, Laurent, Trabelsi, Slim, Mouelhi, Aymen
Primary Examiner(s)
Chai, Longbit

Application Number

US12/980,006
Publication Number

US 20120167225A1
Time in Patent Office

994 Days
Field of Search

726/26
US Class Current

726/26
CPC Class Codes

G06F 21/46   by designing passwords or c...

G06F 21/6245   Protecting personal data, e...

G06Q 50/01   Social networking

Password protection using personal information

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Password protection using personal information

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links