System and method for generating and managing administrator passwords
First Claim
1. A system comprising:
- a user computer configured to;
generate a random string of characters representative of a first administrator-level password, wherein said first administrator-level password is unique to said user computer,encrypt said first administrator-level password using a symmetric key, wherein said encrypted first administrator-level password generates a first breakglass string,store said first breakglass string in association with said user computer for which said encrypted first administrator-level password was created, andupon decryption of said first breakglass string, generate a second administrator-level password for encryption into a second breakglass string.
1 Assignment
0 Petitions
Accused Products
Abstract
A password management system and method for securing networked client terminals and mobile devices is provided. More specifically, the present invention provides a system and method for encrypting randomly generated administrator-level passwords and providing a means for decrypting the randomly generated passwords for single-use unrestricted access to a designated terminal or mobile device. When unrestricted access to the terminal or mobile device is required, the encrypted administrator-level password is decrypted using a shared symmetric key, which is generated during encryption of the administrator password, to reveal the administrator-level password for the terminal or mobile device. The administrator-level password is a single-use password, wherein upon use of the administrator-level password a new administrator-level password may be automatically generated for the corresponding terminal or mobile device.
662 Citations
17 Claims
-
1. A system comprising:
-
a user computer configured to; generate a random string of characters representative of a first administrator-level password, wherein said first administrator-level password is unique to said user computer, encrypt said first administrator-level password using a symmetric key, wherein said encrypted first administrator-level password generates a first breakglass string, store said first breakglass string in association with said user computer for which said encrypted first administrator-level password was created, and upon decryption of said first breakglass string, generate a second administrator-level password for encryption into a second breakglass string. - View Dependent Claims (2, 3)
-
-
4. A system comprising:
-
a controller computer configured to; retrieve an encrypted first administrator-level password, wherein said encrypted administrator-level password is represented by a first breakglass string unique to a user computer, decrypt said first breakglass string using a symmetric key, and reveal said first administrator-level password for obtaining unrestricted access to said user computer, wherein upon decryption of said first administrator-level password, a second administrator-level password for encryption into a second breakglass string is generated. - View Dependent Claims (5, 6, 7, 8)
-
-
9. A system comprising:
-
a client terminal comprising a random password management agent configured to generate a random string of characters representative of a first administrator-level password, and encrypt said first administrator-level password using a shared symmetric key to generate a first breakglass string of characters; a database server configured to connect to the client terminal and store said first breakglass string of characters in association with the client terminal; and a controller computer comprising a random password recovery system application configured to retrieve said first breakglass string of characters and derive said symmetric key to decrypt said first breakglass string of characters and reveal said first administrator-level password, wherein upon decryption of said first administrator-level password, said random password management agent employed by said client terminal is configured to generate a second administrator-level password for encryption into a second breakglass string of characters and render said first administrator-level password obsolete.
-
-
10. A non-transitory computer-readable storage medium including instructions that, when executed by a computer, cause the computer to perform a method comprising:
-
generating a random string of characters representative of a first administrator-level password, wherein said first administrator-level password is unique to said user computer; encrypting said first administrator-level password using a symmetric key, wherein said encrypted first administrator-level password generates a first breakglass string; storing said first breakglass string in association with said user computer for which said encrypted first administrator-level password was created; and upon decryption of said first breakglass string, generating a second administrator-level password for encryption into a second breakglass string of characters. - View Dependent Claims (11, 12)
-
-
13. A non-transitory computer-readable storage medium including instructions that, when executed by a computer, cause the computer to perform a method comprising:
-
retrieving an encrypted first administrator-level password, wherein said encrypted administrator-level password is represented by a first breakglass string unique to a user computer; decrypting said first breakglass string using a symmetric key; and revealing said first administrator-level password for obtaining unrestricted access to said user computer, wherein upon decryption of said first administrator-level password, a second administrator-level password for encryption into a second breakglass string is generated. - View Dependent Claims (14, 15, 16, 17)
-
Specification