Techniques for user authentication
First Claim
1. A computer-implemented method comprising:
- receiving, by a configured computing system, an authentication request to access a network resource on behalf of an indicated user;
determining, by the configured computing system, whether an attribute associated with the authentication request matches stored information previously associated with the indicated user;
generating, by the configured computing system and based at least in part on the determining, an authorization code that is based on a defined security credential for the indicated user, wherein the generating includes determining to use a higher level of strength for the generated authorization code if the attribute does not match the stored information and otherwise to use a lower level of strength for the generated authorization code by selecting a subset of the security credential that is less than all of the security credential to use as the generated authorization code;
providing, by the configured computing system, instructions to the indicated user regarding supplying the generated authorization code to obtain access to the network resource;
receiving, by the configured computing system, the generated authorization code from the indicated user in response to the provided instructions; and
authorizing the access to the network resource based at least in part on the received generated authorization code.
0 Assignments
0 Petitions
Accused Products
Abstract
Techniques for user authentication are disclosed. In some situations, the techniques include receiving, from a client device, an authentication request to access a network resource, the request including a user identifier, obtaining a security credential associated with the user identifier contained in the received request, generating an authorization code based on the obtained security credential, providing to the client device instructions to obtain first information corresponding to the generated authorization code, receiving, from the client device, the first information provided in response to the provided instructions, and, when the first information received from the client device corresponds to at least a portion of the generated authorization code, authorizing the client device to access the network resource.
-
Citations
22 Claims
-
1. A computer-implemented method comprising:
-
receiving, by a configured computing system, an authentication request to access a network resource on behalf of an indicated user; determining, by the configured computing system, whether an attribute associated with the authentication request matches stored information previously associated with the indicated user; generating, by the configured computing system and based at least in part on the determining, an authorization code that is based on a defined security credential for the indicated user, wherein the generating includes determining to use a higher level of strength for the generated authorization code if the attribute does not match the stored information and otherwise to use a lower level of strength for the generated authorization code by selecting a subset of the security credential that is less than all of the security credential to use as the generated authorization code; providing, by the configured computing system, instructions to the indicated user regarding supplying the generated authorization code to obtain access to the network resource; receiving, by the configured computing system, the generated authorization code from the indicated user in response to the provided instructions; and authorizing the access to the network resource based at least in part on the received generated authorization code. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A computer system comprising:
-
at least one processor; and at least one memory having computer-executable instructions that, when executed on the at least one processor, cause the at least one processor to; receive, from a client device of a user, an authentication request to access a network resource on behalf of the user; determine that an attribute associated with the authentication request matches information associated with the user; generate, based at least in part on the determining, an authorization code for the user using a security credential, wherein the generating includes selecting one of multiple levels of strength to use for the generated authorization code based on the attribute being determined to match the information and further includes selecting, based on the selected one level of strength, a subset of the security credential that is less than all of the security credential to use for the generated authorization code; provide, to the client device, instructions regarding the user supplying the generated authorization code; receive, from the client device, the generated authorization code; and authorize the access to the network resource based at least in part on the received generated authorization code. - View Dependent Claims (20)
-
-
21. A non-transitory computer-readable medium having computer-executable instructions stored thereon that, when executed by a computer, configure the computer to:
-
determine, by the configured computer and for a request for a user to access a network resource, that an attribute associated with the request matches information associated with the user; generate, by the configured computer and based at least in part on the determining, an authorization code for the user using a security credential, wherein the generating includes selecting one of multiple levels of strength to use for the generated authorization code based on the attribute being determined to match the information and further includes selecting, based on the selected one level of strength, a subset of the security credential that is less than all of the security credential to use for the generated authorization code; provide, by the configured computer, instructions to the user regarding supplying the generated authorization code; receive, by the configured computer, the generated authorization code from the user; and authorize the access to the network resource based at least in part on the received generated authorization code. - View Dependent Claims (22)
-
Specification