Password-less login

US 9,213,853 B2
Filed: 03/09/2013
Issued: 12/15/2015
Est. Priority Date: 12/20/2011
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for providing access control to user profiles without a password, comprising:

detecting an attempt to access a user profile, wherein the user profile has been functionally handicapped to prevent normal use, whether the use is authorized or not, wherein the user profile has been functionally handicapped by an enabling device that encrypted the digital data portion with at least data related to unique human input;

in response to the detection, displaying information that uniquely identifies the user profile;

receiving a digital data portion from an enabling device that has read the information that uniquely identifies the user profile and decrypted the digital data portion with data from a unique human input received from the user attempting to access the user profile; and

reconstituting the user profile using the digital data portion to functionally enable the user profile for normal use.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

User profiles stored on a server control access to private data. Access control to the user profiles themselves is provided without a password. In more detail, the user profile is functionally handicapped by at least a portion of digital data (or a cryptographic key) associated with the user profile being removed and discarded after being sent to an enabling device. A human gesture from the user first provides a key to reconstitute the key or restore the missing data portion in the enabling device which is then transmitted to the server to reconstitute the key or restore the missing data portion in order to reconstitute the user profile for access.

33 Citations

View as Search Results

18 Claims

1. A computer-implemented method for providing access control to user profiles without a password, comprising:
- detecting an attempt to access a user profile, wherein the user profile has been functionally handicapped to prevent normal use, whether the use is authorized or not, wherein the user profile has been functionally handicapped by an enabling device that encrypted the digital data portion with at least data related to unique human input;
  
  in response to the detection, displaying information that uniquely identifies the user profile;
  
  receiving a digital data portion from an enabling device that has read the information that uniquely identifies the user profile and decrypted the digital data portion with data from a unique human input received from the user attempting to access the user profile; and
  
  reconstituting the user profile using the digital data portion to functionally enable the user profile for normal use.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, further comprising:
    - functionally handicapping the user profile by removing the digital data portion associated with the user profile; and
      
      discarding the digital data portion from a server storing user profiles.
  - 3. The method of claim 1, wherein substantially functionally handicapping comprises at least one of:
    - substantially functionally handicapping the user profile with a cryptographic key to prevent normal use, andsubstantially functionally handicapping the user profile by removing a portion of bits from the user profile itself to prevent normal use of the user profile.
  - 4. The method of claim 1, wherein unique human input comprises a two-dimensional or a three-dimensional human gesture.
  - 5. The method of claim 1, wherein unique human input comprises at least one of:
    - an alphanumeric string, a retina scan, a facial scan, a fingerprint scan, and a voice sample.
  - 6. The method of claim 1, wherein the enabling device substantially functionally handicapping the digital data portion comprises:
    - the enabling device encrypting the digital data portion with a unique identifier associated with the enabling device.
  - 7. The method of claim 1, further comprising:
    - receiving a request to access the user profile; and
      
      in response, sending a notification to the enabling device to send the digital data portion for reconstitution.
  - 8. The method of claim 1, further comprising:
    - logging each access to the user profile, regardless of whether the user profile is stored at a secure web site server.
  - 9. The method of claim 1, wherein reconstituting the user profile comprises:
    - reconstituting the user profile in a volatile memory while the user profile remains functionally handicapped in a non-volatile memory.
  - 10. The method of claim 1, wherein the enabling device comprises a wireless mobile device.
  - 11. The method of claim 1, further comprising:
    - allowing access to the user profile in a volatile memory responsive to the reconstitution for normal use;
      
      detecting an indication of a successful logon or logoff by the user; and
      
      discarding the user profile from the volatile memory.
  - 12. The method of claim 1, wherein the machine-readable code comprises at least one of:
    - a QR (Quick Response)-code, a UPC (Universal Product Code) label, a barcode, a serial number.

13. A computer-implemented method for providing access control to user profiles without a password, comprising:
- detecting an attempt to access a user profile, wherein the user profile has been functionally handicapped to prevent normal use, whether the use is authorized or not, wherein the user profile has been functionally handicapped by;
  
  generating at least two derivative sub-portions of the digital data portion, the two derivative sub-portion corresponding to two keys; and
  
  sending one of the at least two keys to an enabling device;
  
  in response to the detection, displaying machine-readable information that is unique;
  
  receiving a digital data portion from the enabling device that has read the machine-readable information along with an indication of the machine-readable information, the digital data portion being specific to the user attempting to access the user profile; and
  
  reconstituting the user profile using the digital data portion to functionally enable the user profile for normal use.
- View Dependent Claims (14, 15)
- - 14. The method of claim 13, wherein generating the at least two derivative sub-potions corresponding to two keys comprises:
    - using a polynomial of a Shamir-type secret splitting algorithm to derive at least two data points which correspond to at least two keys.
  - 15. The method of claim 13, further comprising:
    - storing one of the at least two keys on a server apart from the user profile.

16. A computer-implemented method for protecting a digital asset, comprising:
- receiving at least a portion of digital data associated with the digital asset that has been substantially functionally handicapped by removal of the digital data portion, from an secure web site server;
  
  receiving a unique human input from an owner of the digital asset;
  
  substantially functionally handicapping the digital data portion with data from the unique human input;
  
  responsive to receiving a notification for a request for access to the digital asset, requesting the unique human input from the owner of the digital asset;
  
  reconstituting the digital data portion with the unique human input; and
  
  sending the digital data portion to the secure web site server to reconstitute the digital asset for normal use.

17. A non-transitory computer-readable medium storing executable code that, when executed by a processor, performs a method in a secure web site server for providing access control to user profiles without a password, the method comprising:
- detecting an attempt to access a user profile, wherein the user profile has been functionally handicapped to prevent normal use, whether the use is authorized or not, wherein the user profile has been functionally handicapped by an enabling device that encrypted the digital data portion with at least data related to unique human input;
  
  in response to the detection, displaying information that uniquely identifies the user profile;
  
  receiving a digital data portion from an enabling device that has read the information that uniquely identifies the user profile and decrypted the digital data portion with data from a unique human input received from the user attempting to access the user profile; and
  
  reconstituting the user profile using the digital data portion to functionally enable the user profile for normal use.

18. A system to protect a digital asset, comprising:
- a processor; and
  
  a memory, storing;
  
  a login SODA agent detecting an attempt to access a user profile, wherein the user profile has been functionally handicapped to prevent normal use, whether the use is authorized or not, wherein the user profile has been functionally handicapped by an enabling device that encrypted the digital data portion with at least data related to unique human input, in response to the detection, displaying information that uniquely identifies the user profile, and receiving a digital data portion from an enabling device that has read the information that uniquely identifies the user profile and decrypted the digital data portion with data from a unique human input received from the user attempting to access the user profile; and
  
  a SODA engine reconstituting the user profile using the digital data portion to functionally enable the user profile for normal use.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nicolas Leoutsarakos
Original Assignee
Nicolas Leoutsarakos
Inventors
Leoutsarakos, Nicolas
Primary Examiner(s)
NGUYEN, TU T

Application Number

US13/791,996
Publication Number

US 20130185815A1
Time in Patent Office

1,011 Days
Field of Search

713/193
US Class Current

1/1
CPC Class Codes

G06F 21/36 by graphic or iconic repres...

G06F 21/62 Protecting access to data v...

Password-less login

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

33 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Password-less login

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

33 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links