×

Methods and apparatus for obscuring a valid password in a set of passwords in a password-hardening system

  • US 9,230,092 B1
  • Filed: 09/25/2013
  • Issued: 01/05/2016
  • Est. Priority Date: 09/25/2013
  • Status: Active Grant
First Claim
Patent Images

1. A method comprising:

  • storing in a first server a plurality of sets of passwords for respective users with each such set comprising at least one valid password for the corresponding user and a plurality of chaff passwords for that user; and

    generating in a second server valid password indication information indicating for each of the sets which of the passwords in that set is a valid password;

    wherein the valid password indication information comprises index values that are computed for respective ones of the password sets by the second server and that identify respective valid passwords in the respective password sets;

    wherein the second server conditions release of a given one of the index values to the first server on a result of a comparison of a user identifier with a value of a user number counter maintained in the second server;

    wherein the given one of the index values is computed using the value of the user number counter;

    wherein the user number counter indicates a current number of said users for which corresponding index values have been computed by the second server;

    wherein, in conjunction with the conditioned release of the given one of the index values to the first server, the second server increments the user number counter; and

    wherein the storing and generating are performed by at least one processing device.

View all claims
  • 9 Assignments
Timeline View
Assignment View
    ×
    ×