Systems and methods for providing a covert password manager

US 9,270,670 B1
Filed: 10/10/2014
Issued: 02/23/2016
Est. Priority Date: 10/10/2014
Status: Active Grant

First Claim

Patent Images

1. A system configured to provide secured access to password information, comprising:

a computing device having a processor and physical memory, the physical memory storing instructions that cause the processor to;

provide an application that is configured to protect password information, wherein the application comprises;

a password manager module configured to perform password management functions associated with accessing and managing password information; and

a decoy module configured to disguise the password management functions of the application by providing a decoy function and one or more associated interfaces that are unrelated to managing the password information;

in response to receiving a request from a user to access the application, provide instructions for rendering an interface associated with the decoy function that includes an input form;

store data that associates an expected data type with at least one input field of the input form;

evaluate input received via the input form to determine whether or not the user is attempting to access the password information by comparing the data type of the input received via the at least one input field with the expected data type that is associated with the at least one input field;

determine that the user is attempting to access the password information in response to determining that the data type of the input received via the at least one input field is not the expected data type;

analyze the input to determine whether the user has submitted valid login credentials; and

provide access to the password information in response to determining that the user has submitted valid login credentials;

wherein the application permits an authorized user to access a configuration interface that allows the authorized user to specify the login credentials by selecting keyboard events, click events and data form entry events, and by associating expected data types with input fields associated with the data form entry events.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention relates to an application that is configured to provide secure access to confidential information. To protect the confidential information, the application may include functions that utilize a decoy application to disguise the functionality of the application. A unique sequence of inputs received through an interface associated with the decoy application may permit a user to access the confidential information. An authorized user that has been provided access to the confidential information may access configuration interfaces that permit the user to define the inputs that will serve as login credentials and to customize the appearance and functionality of the decoy application.

53 Citations

View as Search Results

14 Claims

1. A system configured to provide secured access to password information, comprising:
- a computing device having a processor and physical memory, the physical memory storing instructions that cause the processor to;
  
  provide an application that is configured to protect password information, wherein the application comprises;
  
  a password manager module configured to perform password management functions associated with accessing and managing password information; and
  
  a decoy module configured to disguise the password management functions of the application by providing a decoy function and one or more associated interfaces that are unrelated to managing the password information;
  
  in response to receiving a request from a user to access the application, provide instructions for rendering an interface associated with the decoy function that includes an input form;
  
  store data that associates an expected data type with at least one input field of the input form;
  
  evaluate input received via the input form to determine whether or not the user is attempting to access the password information by comparing the data type of the input received via the at least one input field with the expected data type that is associated with the at least one input field;
  
  determine that the user is attempting to access the password information in response to determining that the data type of the input received via the at least one input field is not the expected data type;
  
  analyze the input to determine whether the user has submitted valid login credentials; and
  
  provide access to the password information in response to determining that the user has submitted valid login credentials;
  
  wherein the application permits an authorized user to access a configuration interface that allows the authorized user to specify the login credentials by selecting keyboard events, click events and data form entry events, and by associating expected data types with input fields associated with the data form entry events.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The system of claim 1, wherein the input is utilized to execute the decoy function in response to determining that the data type of the input received via the at least one input field matches the expected data type associated with the at least one input field.
  - 3. The system of claim 1, wherein the login credentials are comprised of one or more character-based inputs that are submitted via the input form and one or more non-character inputs, and the one or more non-character inputs are selected from the group consisting of:
    - a click input on an interface element that is not part of the input form, a position of a cursor on an interface associated with the decoy function, or a selection of a function key while an interface associated with the decoy function is displayed.
  - 4. The system of claim 1, wherein the user is provided access to the configuration interface after the user has provided valid login credentials and is given access to the password information.
  - 5. The system of claim 4, wherein the configuration interface permits the user to specify the login credentials and the configuration interface at least includes:
    - a first input option that enables a keyboard event pertaining to a function key to be associated with the login credentials;
      
      a second input option that enables a click event to be associated with the login credentials; and
      
      a third input option that enables a data form entry event to be associated with the login credentials;
      
      wherein selections associated with the first input option, second input option and third input option are stored in a database associated with the application and the selections are retrieved from the database to determine whether the user has entered valid login credentials.
  - 6. The system of claim 4, wherein the configuration interface permits the user to customize the design, appearance and functionality of the interfaces associated with the decoy module.
  - 7. The system of claim 6, wherein the user is provided with a plurality of design templates for customizing the design and appearance of the interfaces and a plurality of functional templates for selecting different decoy functions.

8. A method for providing secured access to password information, comprising:
- providing an application that is configured to protect password information, wherein the application comprises;
  
  a password manager module configured to perform password management functions associated with accessing and managing password information; and
  
  a decoy module configured to disguise the password management functions of the application by providing a decoy function and one or more associated interfaces that are unrelated to managing the password information;
  
  in response to receiving a request from a user to access the application, providing instructions for rendering an interface associated with the decoy function that includes an input form;
  
  storing data on a non-transitory computer storage medium that associates an expected data type with at least one input field of the input form;
  
  evaluating, with a processor, input received via the input form to determine whether or not the user is attempting to access the password information by comparing the data type of the input received via the at least one input field with the expected data type that is associated with the at least one input field;
  
  determining that the user is attempting to access the password information in response to determining that the data type of the input received via the at least one input field is not the expected data type;
  
  analyzing, with a processor, the input to determine whether the user has submitted valid login credentials; and
  
  providing access to the password information in response to determining that the user has submitted valid login credentials;
  
  wherein the application permits an authorized user to access a configuration interface that allows the authorized user to specify the login credentials by selecting keyboard events, click events and data form entry events, and by associating expected data types with input fields associated with the data form entry events.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The method of claim 8, wherein the input is utilized to execute the decoy function in response to determining that the data type of the input received via the at least one input field matches the expected data type associated with the at least one input field.
  - 10. The method of claim 8, wherein the login credentials are comprised of one or more character-based inputs that are submitted via the input form and one or more non-character inputs, and the one or more non-character inputs are selected from the group consisting of:
    - a click input on an interface element that is not part of the input form, a position of a cursor on an interface associated with the decoy function, or a selection of a function key while an interface associated with the decoy function is displayed.
  - 11. The method of claim 8, wherein the user is provided access to the configuration interface after the user has provided valid login credentials and is given access to the password information.
  - 12. The method of claim 11, wherein the configuration interface permits the user to specify the login credentials and the configuration interface at least includes:
    - a first input option that enables a keyboard event pertaining to a function key to be associated with the login credentials;
      
      a second input option that enables a click event to be associated with the login credentials; and
      
      a third input option that enables a data form entry event to be associated with the login credentials and which permits a data type to be associated with the data form entry event;
      
      wherein selections associated with the first input option, second input option and third input option are stored in a database associated with the application and the selections are retrieved from the database to determine whether the user has entered valid login credentials.
  - 13. The method of claim 11, wherein the configuration interface permits the user to customize the design, appearance and functionality of the interfaces associated with the decoy module.
  - 14. The method of claim 13, wherein the user is provided with a plurality of design templates for customizing the design and appearance of the interfaces and a plurality of functional templates for selecting different decoy functions.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Joseph Fitzgerald
Original Assignee
Joseph Fitzgerald
Inventors
Fitzgerald, Joseph
Primary Examiner(s)
Revak, Christopher

Application Number

US14/511,664
Time in Patent Office

501 Days
Field of Search

None
US Class Current

1/1
CPC Class Codes

G06F 21/45   Structures or tools for the...

H04L 63/08   for authentication of entit...

H04L 63/083   using passwords cryptograph...

H04L 63/10   for controlling access to d...

Systems and methods for providing a covert password manager

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

53 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for providing a covert password manager

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

53 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links