Systems and methods for providing a covert password manager
First Claim
1. A system configured to provide secured access to password information, comprising:
- a computing device having a processor and physical memory, the physical memory storing instructions that cause the processor to;
provide an application that is configured to protect password information, wherein the application comprises;
a password manager module configured to perform password management functions associated with accessing and managing password information; and
a decoy module configured to disguise the password management functions of the application by providing a decoy function and one or more associated interfaces that are unrelated to managing the password information;
in response to receiving a request from a user to access the application, provide instructions for rendering an interface associated with the decoy function that includes an input form;
store data that associates an expected data type with at least one input field of the input form;
evaluate input received via the input form to determine whether or not the user is attempting to access the password information by comparing the data type of the input received via the at least one input field with the expected data type that is associated with the at least one input field;
determine that the user is attempting to access the password information in response to determining that the data type of the input received via the at least one input field is not the expected data type;
analyze the input to determine whether the user has submitted valid login credentials; and
provide access to the password information in response to determining that the user has submitted valid login credentials;
wherein the application permits an authorized user to access a configuration interface that allows the authorized user to specify the login credentials by selecting keyboard events, click events and data form entry events, and by associating expected data types with input fields associated with the data form entry events.
0 Assignments
0 Petitions
Accused Products
Abstract
The present invention relates to an application that is configured to provide secure access to confidential information. To protect the confidential information, the application may include functions that utilize a decoy application to disguise the functionality of the application. A unique sequence of inputs received through an interface associated with the decoy application may permit a user to access the confidential information. An authorized user that has been provided access to the confidential information may access configuration interfaces that permit the user to define the inputs that will serve as login credentials and to customize the appearance and functionality of the decoy application.
53 Citations
14 Claims
-
1. A system configured to provide secured access to password information, comprising:
-
a computing device having a processor and physical memory, the physical memory storing instructions that cause the processor to; provide an application that is configured to protect password information, wherein the application comprises; a password manager module configured to perform password management functions associated with accessing and managing password information; and a decoy module configured to disguise the password management functions of the application by providing a decoy function and one or more associated interfaces that are unrelated to managing the password information; in response to receiving a request from a user to access the application, provide instructions for rendering an interface associated with the decoy function that includes an input form; store data that associates an expected data type with at least one input field of the input form; evaluate input received via the input form to determine whether or not the user is attempting to access the password information by comparing the data type of the input received via the at least one input field with the expected data type that is associated with the at least one input field; determine that the user is attempting to access the password information in response to determining that the data type of the input received via the at least one input field is not the expected data type; analyze the input to determine whether the user has submitted valid login credentials; and provide access to the password information in response to determining that the user has submitted valid login credentials; wherein the application permits an authorized user to access a configuration interface that allows the authorized user to specify the login credentials by selecting keyboard events, click events and data form entry events, and by associating expected data types with input fields associated with the data form entry events. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for providing secured access to password information, comprising:
-
providing an application that is configured to protect password information, wherein the application comprises; a password manager module configured to perform password management functions associated with accessing and managing password information; and a decoy module configured to disguise the password management functions of the application by providing a decoy function and one or more associated interfaces that are unrelated to managing the password information; in response to receiving a request from a user to access the application, providing instructions for rendering an interface associated with the decoy function that includes an input form; storing data on a non-transitory computer storage medium that associates an expected data type with at least one input field of the input form; evaluating, with a processor, input received via the input form to determine whether or not the user is attempting to access the password information by comparing the data type of the input received via the at least one input field with the expected data type that is associated with the at least one input field; determining that the user is attempting to access the password information in response to determining that the data type of the input received via the at least one input field is not the expected data type; analyzing, with a processor, the input to determine whether the user has submitted valid login credentials; and providing access to the password information in response to determining that the user has submitted valid login credentials; wherein the application permits an authorized user to access a configuration interface that allows the authorized user to specify the login credentials by selecting keyboard events, click events and data form entry events, and by associating expected data types with input fields associated with the data form entry events. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
Specification