Password reset using hash functions

US 9,355,233 B1
Filed: 01/27/2014
Issued: 05/31/2016
Est. Priority Date: 01/27/2014
Status: Active Grant

First Claim

Patent Images

1. A method of resetting passwords, comprising:

sending, by a password application on a server, to a user application, a notification that a current password will expire in a predetermined time period;

receiving, by a reset application on the server a request to reset of a current password;

executing, by the reset application, a first hash function on at least one seed of a plurality of seeds comprising a password profile, wherein the at least one seed is a timestamp of when the current password was created;

sending, by the reset application, to the user application, a first key;

receiving, by the reset application, a second key;

executing, by the reset application, a second hash function on the at least one seed;

determining, by the reset application, if a third key generated by the second hash function executed on the at least one seed is similar to the second key;

permitting, by the reset application, a user account associated with the user application to access a reset environment, in response to a determination that the third key generated by the second hash function executed on the at least one seed is similar to the second key;

receiving, by the password application, a new password; and

storing, by the password application, the new password and a timestamp of when the new password was created in the data store.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods disclosed herein may be utilized for resetting passwords to restore access to all or part of a computer system. A user receives a notification that a current password associated is about to expire or has already expired. The notification may comprise a link that, when activated, executes a first hash function on at least one seed of a user profile, for example a time stamp associated with the creation of the current password, to generate a key. The key is sent to the user, the user is prompted to enter the key into, for example, a dialog box. When the entered key is received, a second hash function is executed on the same seed and the result is compared to the entered key. If there is a match, the user is granted access to a part of the system in order to reset their password.

Citations

20 Claims

1. A method of resetting passwords, comprising:
- sending, by a password application on a server, to a user application, a notification that a current password will expire in a predetermined time period;
  
  receiving, by a reset application on the server a request to reset of a current password;
  
  executing, by the reset application, a first hash function on at least one seed of a plurality of seeds comprising a password profile, wherein the at least one seed is a timestamp of when the current password was created;
  
  sending, by the reset application, to the user application, a first key;
  
  receiving, by the reset application, a second key;
  
  executing, by the reset application, a second hash function on the at least one seed;
  
  determining, by the reset application, if a third key generated by the second hash function executed on the at least one seed is similar to the second key;
  
  permitting, by the reset application, a user account associated with the user application to access a reset environment, in response to a determination that the third key generated by the second hash function executed on the at least one seed is similar to the second key;
  
  receiving, by the password application, a new password; and
  
  storing, by the password application, the new password and a timestamp of when the new password was created in the data store.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the plurality of seeds further comprise a userID, a user name, a plurality of user contact information, a timestamp associated with expiration of the first key, and a plurality of previously used passwords.
  - 3. The method of claim 2, wherein the password profile does not comprise the first key or the second key.
  - 4. The method of claim 1, further comprising:
    - receiving, by the reset application, subsequent to the password application receiving the new password, the second key; and
      
      executing, by the reset application, a third hash function on the timestamp associated with the new password.
  - 5. The method of claim 4, further comprising:
    - determining, by the reset application, if the result of the hash function executed on the timestamp associated with the new password is similar to the second key.
  - 6. The method of claim 5, further comprising:
    - sending, by the reset application, a notification in response to a determination that the result of the hash function executed on the timestamp associated with the new password is not similar to the second key.
  - 7. The method of claim 6, further comprising:
    - sending, by the reset application, in response to a determination that the result of the hash function executed on the timestamp associated with the new password is not similar to the second key, a request to resubmit the second key.
  - 8. The method of claim 7, further comprising:
    - locking a user account in response to the determination that the result of the hash function executed on the timestamp associated with the new password is not similar to the second key.

9. A method of resetting passwords, comprising:
- receiving, by a user application associated with a user account, a first notification from a password application on a server, based on a determination by the password application that a current password has expired, wherein the current password and a timestamp of when associated with the current password was created are stored in a data store on the server;
  
  sending, by the user application, a request for a new password to a reset application on the server;
  
  receiving, by the user application from the reset application, a key, wherein the key is based on the reset application executing a first hash function on at least the timestamp of when the current password was created;
  
  receiving, by the user account, based on a determination by the reset application that a result of a second hash function executed on the timestamp associated with the current password is similar to a second key received by the reset application, access to reset the current password;
  
  and entering, by the user account, a new password wherein the new password and a new timestamp of when the new password was created are stored in the data store.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. The method of claim 9, wherein a plurality of password profiles are stored in the data store on the server, wherein each password profile of the plurality of password profiles comprises a userID, the current password, and the timestamp associated with the current password'"'"'s creation.
  - 11. The method of claim 10, wherein each password profile of the plurality of password profiles further comprises a user name, user contact information, and a plurality of previously used passwords.
  - 12. The method of claim 11, further comprising receiving, by the user application, after a second predetermined period of time, a second notification that the current password is set to expire.
  - 13. The method of claim 12, wherein the second predetermined period of time is less than the first predetermined period of time.
  - 14. The method of claim 13, further comprising receiving a third notification that the current password is expired.

15. A system for resetting passwords, comprising:
- a memory;
  
  a processor;
  
  a password application and a reset application stored in the memory;
  
  wherein the password application, when executed by the processor;
  
  communicates with a data store, wherein the data store comprises a plurality of password profiles, and wherein each password profile comprises a current password and a timestamp of when the current password was created;
  
  sends at least one notification to a user application based on a determination that at least one of the current password has expired or that a predetermined time period remains until the current password expires;
  
  wherein the reset application, when executed by the processor;
  
  receives, a request to change the current password;
  
  sends, to the user application, a first key based on a first hash function executed on at least the timestamp of when the current password was created, wherein the first key is not stored on the server;
  
  receives a second key;
  
  executes a second hash function on the timestamp of when the current password was created;
  
  determines if a result of the second hash function is similar to the second key;
  
  receives, based upon the determination that the result of the second hash function is similar to the second key, a new password;
  
  and stores the new password and a timestamp of when the new password was created in the data store.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The system of claim 15, wherein the password profile comprises a userID, a user name, a user contact information, the new password, the timestamp associated with the new password, a timestamp associated with expiration of the first key, and a plurality of previously used passwords.
  - 17. The system of claim 16, wherein the password profile does not comprise the first key or the second key.
  - 18. The system of claim 15, wherein the user application resides on a user device, wherein the user device is one of a kiosk, a personal computer, a laptop computer, a portable electronic device, a personal digital assistant, a tablet, a mobile phone, or combinations thereof.
  - 19. The system of claim 18, wherein the user application resides on the server and is accessed by the user device.
  - 20. The system of claim 19, wherein the user device comprises an interface application that is in communication at least one of the password application and the reset application.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
T-Mobile Innovations LLC (Deutsche Telekom AG)
Original Assignee
Sprint Communications Company LP (Deutsche Telekom AG)
Inventors
Maitland, Christopher J., Chen, Anthony D.
Primary Examiner(s)
Jeudy, Josnel

Application Number

US14/165,574
Time in Patent Office

855 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/45   Structures or tools for the...

G06F 2221/2131   Lost password, e.g. recover...

H04L 9/00   Cryptographic mechanisms or...

H04L 9/0891   Revocation or update of sec...

H04L 9/3236   using cryptographic hash fu...

H04L 9/3297   involving time stamps, e.g....

Password reset using hash functions

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Password reset using hash functions

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links