Techniques for user authentication
First Claim
1. A computer-implemented method for user authentication, comprising:
- under control of one or more computer systems configured with executable instructions,receiving, from a computing device, a first request to access a network resource, the first request including information indicating an identity of a user;
identifying the user based on the identity information received with the first request;
selecting a portion of a credential string associated with the identified user, wherein the credential string includes a sequence of at least one of a numerical digit, a letter or a word;
generating instructions for delivery to the computing device, the instructions causing the computing device to instruct the user to verbally provide the selected portion of the credential string;
receiving, from the computing device, information associated with a verbal communication of the selected portion of the credential string; and
providing the computing device access to the network resource if the information associated with the verbal communication received from the computing device indicates that the verbal communication includes the portion of the credential string that the user was instructed to provide.
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques for user authentication are disclosed. In some situations, the techniques include receiving, from a client device, an authentication request to access a network resource, the request including a user identifier, obtaining a security credential associated with the user identifier contained in the received request, generating an authorization code based on the obtained security credential, providing to the client device instructions to obtain first information corresponding to the generated authorization code, receiving, from the client device, the first information provided in response to the provided instructions, and, when the first information received from the client device corresponds to at least a portion of the generated authorization code, authorizing the client device to access the network resource.
377 Citations
25 Claims
-
1. A computer-implemented method for user authentication, comprising:
under control of one or more computer systems configured with executable instructions, receiving, from a computing device, a first request to access a network resource, the first request including information indicating an identity of a user; identifying the user based on the identity information received with the first request; selecting a portion of a credential string associated with the identified user, wherein the credential string includes a sequence of at least one of a numerical digit, a letter or a word; generating instructions for delivery to the computing device, the instructions causing the computing device to instruct the user to verbally provide the selected portion of the credential string; receiving, from the computing device, information associated with a verbal communication of the selected portion of the credential string; and providing the computing device access to the network resource if the information associated with the verbal communication received from the computing device indicates that the verbal communication includes the portion of the credential string that the user was instructed to provide. - View Dependent Claims (2, 3, 4)
-
5. A computer-implemented method for user authentication, comprising:
-
under control of one or more computer systems configured with executable instructions, receiving, from a client device, an authentication request to access a network resource on behalf of a user, the request including a user identifier for the user; obtaining, based on the user identifier in the received authentication request, a security phrase previously specified by the user that includes a plurality of characters; generating an authorization code based on the obtained security phrase, the generating including selecting a first subset of the characters in the security phrase to use for the authorization code and excluding a distinct second subset of the characters in the security phrase from use for the authorization code; providing, to the client device, instructions to obtain first information from the user corresponding to the generated authorization code; receiving, from the client device, the first information provided by the user in response to the provided instructions, the first information not including the second subset of characters; and if the first information matches the generated authorization code, authorizing the access to the network resource, and otherwise not authorizing the access to the network resource. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A computer system comprising:
-
at least one processor; and at least one memory having computer-executable instructions that, when executed on the at least one processor, cause the at least one processor to; receive, from a client device, an authentication request to access a network resource on behalf of a user, the request including a user identifier for the user; obtain, based on the user identifier in the received authentication request, security information previously specified by the user; generate an authorization code based on the obtained security information, the generating including using a first subset of the security information for the authorization code and excluding a distinct second subset of the security information from use for the authorization code; provide, to the client device, instructions to obtain first information from the user corresponding to the generated authorization code; receive, from the client device, the first information provided by the user in response to the provided instructions, the first information not including the second subset of the security information; and if the first information corresponds to the generated authorization code, authorize the access to the network resource. - View Dependent Claims (16, 17, 18, 19)
-
-
20. A non-transitory computer-readable medium having computer-executable instructions stored thereon that, when executed by a computer, cause the computer to:
-
receive, from a client device, an authentication request to access a network resource on behalf of a user, the request including a user identifier for the user; obtain, based on the user identifier in the received authentication request, a previously specified security phrase having a plurality of characters; generate an authorization code based on the obtained security phrase, the generating including using a first subset of the characters in the security phrase for the authorization code; provide, to the client device, instructions to obtain first information corresponding to the generated authorization code; receive, from the client device, the first information provided in response to the provided instructions, the first information not including a second subset of the characters that is distinct from the first subset; and if the first information corresponds to the generated authorization code, authorize the access to the network resource. - View Dependent Claims (21, 22, 23, 24, 25)
-
Specification