Password reset using hash functions
First Claim
1. A method of resetting passwords, comprising:
- sending, by a password application on a server, to a user application, a notification that a current password will expire in a predetermined time period;
receiving, by a reset application on the server a request to reset of a current password;
executing, by the reset application, a first hash function on at least one seed of a plurality of seeds comprising a password profile, wherein the at least one seed is a timestamp of when the current password was created;
sending, by the reset application, to the user application, a first key;
receiving, by the reset application, a second key;
executing, by the reset application, a second hash function on the at least one seed;
determining, by the reset application, if a third key generated by the second hash function executed on the at least one seed is similar to the second key;
permitting, by the reset application, a user account associated with the user application to access a reset environment, in response to a determination that the third key generated by the second hash function executed on the at least one seed is similar to the second key;
receiving, by the password application, a new password; and
storing, by the password application, the new password and a timestamp of when the new password was created in the data store.
6 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods disclosed herein may be utilized for resetting passwords to restore access to all or part of a computer system. A user receives a notification that a current password associated is about to expire or has already expired. The notification may comprise a link that, when activated, executes a first hash function on at least one seed of a user profile, for example a time stamp associated with the creation of the current password, to generate a key. The key is sent to the user, the user is prompted to enter the key into, for example, a dialog box. When the entered key is received, a second hash function is executed on the same seed and the result is compared to the entered key. If there is a match, the user is granted access to a part of the system in order to reset their password.
-
Citations
20 Claims
-
1. A method of resetting passwords, comprising:
-
sending, by a password application on a server, to a user application, a notification that a current password will expire in a predetermined time period; receiving, by a reset application on the server a request to reset of a current password; executing, by the reset application, a first hash function on at least one seed of a plurality of seeds comprising a password profile, wherein the at least one seed is a timestamp of when the current password was created; sending, by the reset application, to the user application, a first key; receiving, by the reset application, a second key; executing, by the reset application, a second hash function on the at least one seed; determining, by the reset application, if a third key generated by the second hash function executed on the at least one seed is similar to the second key; permitting, by the reset application, a user account associated with the user application to access a reset environment, in response to a determination that the third key generated by the second hash function executed on the at least one seed is similar to the second key; receiving, by the password application, a new password; and
storing, by the password application, the new password and a timestamp of when the new password was created in the data store. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method of resetting passwords, comprising:
-
receiving, by a user application associated with a user account, a first notification from a password application on a server, based on a determination by the password application that a current password has expired, wherein the current password and a timestamp of when associated with the current password was created are stored in a data store on the server; sending, by the user application, a request for a new password to a reset application on the server; receiving, by the user application from the reset application, a key, wherein the key is based on the reset application executing a first hash function on at least the timestamp of when the current password was created; receiving, by the user account, based on a determination by the reset application that a result of a second hash function executed on the timestamp associated with the current password is similar to a second key received by the reset application, access to reset the current password; and entering, by the user account, a new password wherein the new password and a new timestamp of when the new password was created are stored in the data store. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A system for resetting passwords, comprising:
-
a memory; a processor; a password application and a reset application stored in the memory; wherein the password application, when executed by the processor; communicates with a data store, wherein the data store comprises a plurality of password profiles, and wherein each password profile comprises a current password and a timestamp of when the current password was created; sends at least one notification to a user application based on a determination that at least one of the current password has expired or that a predetermined time period remains until the current password expires; wherein the reset application, when executed by the processor; receives, a request to change the current password; sends, to the user application, a first key based on a first hash function executed on at least the timestamp of when the current password was created, wherein the first key is not stored on the server; receives a second key; executes a second hash function on the timestamp of when the current password was created; determines if a result of the second hash function is similar to the second key; receives, based upon the determination that the result of the second hash function is similar to the second key, a new password; and stores the new password and a timestamp of when the new password was created in the data store. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification