Pass-sequences
First Claim
Patent Images
1. A system, comprising:
- a set of one or more interfaces configured to receive, from a device operated by a user, input provided by the user comprising;
a user identifier;
and a credential comprising a plurality of separately parseable words;
a set of one or more processors configured to;
parse the credential into a set of constituent words;
perform one or more of the following checks on the set of constituent words;
that each of the constituent words in the set is present in a dictionary;
that none of the constituent words in the set is a proper noun;
that none of the constituent words in the set is present in a blacklist;
that the credential includes at least a threshold number of constituent words;
that each individual word in the set is of at least a first threshold length;
that the set of constituent words are collectively of at least a second threshold length;
that the set of constituent words have at least a threshold entropy; and
that a measure of strength determined for the set of constituent words meets a minimum threshold;
in response to determining that the set of constituent words satisfy the one or more checks, generate at least one of;
a normalized credential at least in part by normalizing one or more of the set of constituent words, wherein normalizing comprises mapping the one or more constituent words to one or more equivalence classes, and wherein equivalence classes are defined such that deviations from constituent words will also be considered acceptable in the event that the deviations are provided by the user in a subsequent authentication process; and
a set of acceptable variants of the normalized credential that will also be considered acceptable in the event that an acceptable variant in the set of acceptable variants is provided by the user in a subsequent authentication process, wherein generating the set of acceptable variants comprises determining a plurality of different combinations of subsets of the constituent words of the normalized credential; and
store, in a credential set associated with the user identifier, a set of representations corresponding to at least some of the normalized credential and the set acceptable variants as stored enrolled credentials; and
a memory coupled to the set of one or more processors and configured to provide the set of one or more processors with instructions.
6 Assignments
0 Petitions
Accused Products
Abstract
Authentication techniques, and in particular, authentication techniques which can be used in conjunction with input constrained devices are described herein. A plurality of words is received. The received words are parsed. A credential is authenticated by determining a match based on information associated with at least one of the received words in the plurality.
-
Citations
24 Claims
-
1. A system, comprising:
-
a set of one or more interfaces configured to receive, from a device operated by a user, input provided by the user comprising; a user identifier; and a credential comprising a plurality of separately parseable words; a set of one or more processors configured to; parse the credential into a set of constituent words; perform one or more of the following checks on the set of constituent words; that each of the constituent words in the set is present in a dictionary; that none of the constituent words in the set is a proper noun; that none of the constituent words in the set is present in a blacklist; that the credential includes at least a threshold number of constituent words; that each individual word in the set is of at least a first threshold length; that the set of constituent words are collectively of at least a second threshold length; that the set of constituent words have at least a threshold entropy; and that a measure of strength determined for the set of constituent words meets a minimum threshold; in response to determining that the set of constituent words satisfy the one or more checks, generate at least one of; a normalized credential at least in part by normalizing one or more of the set of constituent words, wherein normalizing comprises mapping the one or more constituent words to one or more equivalence classes, and wherein equivalence classes are defined such that deviations from constituent words will also be considered acceptable in the event that the deviations are provided by the user in a subsequent authentication process; and a set of acceptable variants of the normalized credential that will also be considered acceptable in the event that an acceptable variant in the set of acceptable variants is provided by the user in a subsequent authentication process, wherein generating the set of acceptable variants comprises determining a plurality of different combinations of subsets of the constituent words of the normalized credential; and store, in a credential set associated with the user identifier, a set of representations corresponding to at least some of the normalized credential and the set acceptable variants as stored enrolled credentials; and a memory coupled to the set of one or more processors and configured to provide the set of one or more processors with instructions. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system, comprising:
-
a set of one or more interfaces configured to receive, from a device operated by a user, input provided by the user comprising; a user identifier; and a credential comprising a plurality of separately parseable words; a set of one or more processors configured to; parse the credential into a set of constituent words; access a credential set associated with the user identifier, stored during a previous enrollment process, comprising a set of representations corresponding to a set of stored enrolled credentials including at least some of a normalized credential and a set of acceptable variants of the normalized credential, wherein the set of acceptable variants comprise different combinations of subsets of the constituent words in the normalized credential; and authenticate the received credential by performing a match, wherein performing the match comprises; normalizing one or more of the set of constituent words to generate a normalized received credential to be verified, wherein normalizing comprises mapping the one or more constituent words to one or more equivalence classes, and wherein equivalence classes are defined such that deviations from constituent words previously provided by the user during the previous enrollment process will also be considered acceptable; comparing one or more representations corresponding to the normalized received credential to be verified to the set of representations corresponding to the set of stored enrolled credentials; determining whether one of the one or more representations corresponding to the normalized received credential to be verified matches one of the set of representations corresponding to the set of stored enrolled credentials based on information associated with the constituent words; and grant the user access to a resource in the event that the match is determined to be successful; and a memory coupled to the set of one or more processors and configured to provide the set of one or more processors with instructions. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A method, comprising:
-
receiving, from a device operated by a user, input provided by the user comprising; a user identifier; and a credential comprising a plurality of separately parseable words; parsing the credential into a set of constituent words; performing one or more of the following checks on the set of constituent words; that each of the constituent words in the set is present in a dictionary, that none of the constituent words in the set is a proper noun; that none of the constituent words in the set is present in a blacklist; that the credential includes at least a threshold number of constituent words; that each individual word in the set meets is of a first threshold length; that the set of constituent words are collectively of a second threshold length; that the set of constituent words have at least a threshold entropy; and that a measure of strength determined for the constituent words meets a minimum threshold; in response to determining that the set of constituent words satisfy the one or more checks, generating, using a set of one or more processors, at least one of; a normalized credential at least in part by normalizing one or more of the set of constituent words, wherein normalizing comprises mapping the one or more constituent words to one or more equivalence classes, and wherein equivalence classes are defined such that deviations from constituent words will also be considered acceptable in the event that the deviations are provided by the user in a subsequent authentication process; and a set of acceptable variants of the normalized credential that will also be considered acceptable in the event that an acceptable variant in the set of acceptable variants is provided by the user in a subsequent authentication process, wherein generating the set of acceptable variants comprises determining a plurality of different combinations of subsets of the constituent words of the normalized credential; and storing, in a credential set associated with the user identifier, a set of representations corresponding to at least some of the normalized credential and the set acceptable variants as stored enrolled credentials.
-
-
24. A method, comprising:
-
receiving, from a device operated by a user, input provided by the user comprising; a user identifier; and a credential comprising a plurality of separately parseable words; parsing the credential into a set of constituent words; accessing a credential set associated with the user identifier, stored during a previous enrollment process, comprising a set of representations corresponding to a set of stored enrolled credentials including at least some of a normalized credential and a set of acceptable variants of the normalized credential, wherein the set of acceptable variants comprise different combinations of subsets of the constituent words in the normalized credential; and authenticating, using a set of one or more processors, the received credential by performing a match, wherein performing the match comprises; normalizing one or more of the set of constituent words to generate a normalized received credential to be verified, wherein normalizing comprises mapping the one or more constituent words to one or more equivalence classes, and wherein equivalence classes are defined such that deviations from constituent words previously provided by the user during the previous enrollment process will also be considered acceptable; comparing one or more representations corresponding to the normalized received credential to be verified to the set of representations corresponding to the set of stored enrolled credentials; and determining whether one of the one or more representations corresponding to the normalized received credential to be verified matches one of the set of representations corresponding to the set of stored enrolled credentials based on information associated with the constituent words; and granting the user access to a resource in the event that the match is determined to be successful.
-
Specification