Techniques for user authentication
First Claim
1. A computer-implemented method comprising:
- receiving, by a configured computing system, an authentication request to access a network resource on behalf of an indicated user;
generating, by the configured computing system, an authorization code based on a security phrase associated with the indicated user, the generating including selecting a first subset of characters in the security phrase to use for the authorization code and including excluding a distinct second subset of the characters in the security phrase from use for the authorization code;
providing, by the configured computing system, instructions to the indicated user regarding obtaining the generated authorization code, the provided instructions including information related to the selected first subset without providing the characters in the selected first subset;
receiving, by the configured computing system, information from the indicated user that includes the generated authorization code, the received information not including the excluded second subset of characters; and
in response to the received information including the generated authorization code, authorizing the access to the network resource.
0 Assignments
0 Petitions
Accused Products
Abstract
Techniques for user authentication are disclosed. In some situations, the techniques include receiving, from a client device, an authentication request to access a network resource, the request including a user identifier, obtaining a security credential associated with the user identifier contained in the received request, generating an authorization code based on the obtained security credential, providing to the client device instructions to obtain first information corresponding to the generated authorization code, receiving, from the client device, the first information provided in response to the provided instructions, and, when the first information received from the client device corresponds to at least a portion of the generated authorization code, authorizing the client device to access the network resource.
-
Citations
19 Claims
-
1. A computer-implemented method comprising:
-
receiving, by a configured computing system, an authentication request to access a network resource on behalf of an indicated user; generating, by the configured computing system, an authorization code based on a security phrase associated with the indicated user, the generating including selecting a first subset of characters in the security phrase to use for the authorization code and including excluding a distinct second subset of the characters in the security phrase from use for the authorization code; providing, by the configured computing system, instructions to the indicated user regarding obtaining the generated authorization code, the provided instructions including information related to the selected first subset without providing the characters in the selected first subset; receiving, by the configured computing system, information from the indicated user that includes the generated authorization code, the received information not including the excluded second subset of characters; and in response to the received information including the generated authorization code, authorizing the access to the network resource. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A computer system comprising:
-
at least one processor; and at least one memory having computer-executable instructions that, when executed on the at least one processor, cause the at least one processor to; receive, from a client device of an indicated user, an authentication request to access a network resource on behalf of the indicated user; generate an authorization code based on obtained security information, the generating including selecting a first subset of the security information for the authorization code and including excluding a distinct second subset of the security information from use for the authorization code; provide, to the client device, instructions regarding obtaining the generated authorization code from the indicated user, the provided instructions including information related to the selected first subset; receive, from the client device, the generated authorization code; and in response to the received generated authorization code, authorize the access to the network resource. - View Dependent Claims (16, 17)
-
-
18. A non-transitory computer-readable medium having computer-executable instructions stored thereon that, when executed by a computer, configure the computer to:
-
receive, by the configured computer, an authentication request to access a network resource on behalf of a user; generate, by the configured computer, an authorization code based on an obtained security phrase having a plurality of characters, the generating including using only a selected subset of the characters for the authorization code and excluding a second subset of the characters; provide, by the configured computer, instructions to the user regarding obtaining the generated authorization code, the provided instructions including information related to the selected subset; receive, by the configured computer, the generated authorization code from the user; determine, by the configured computer, that the generated authorization code received from the user does not include the characters of the excluded second subset; and in response to the received generated authorization code, authorize the access to the network resource, and provide the user with access to the network resource. - View Dependent Claims (19)
-
Specification