Methods and credential servers for controlling access to a computer system
First Claim
1. A method for controlling access to a computer system, said method is implemented by a credential server computing device, said method comprising:
- receiving, by the credential server computing device, a first request from a workstation computing device, for a temporary single-factor credential associated with a user account;
receiving, by the credential server computing device, a reason selection transmitted from the workstation computing device, wherein the reason selection specifies a reason for requesting the temporary single-factor credential;
generating, by the credential server computing device, a plurality of selectable lifetimes in a list for the temporary single-factor credential based on the reason selection transmitted from the workstation computing device;
transmitting, by the credential server computing device, the plurality of selectable lifetimes to the workstation computing device;
modifying, at a computing device, the user account from requiring multi-factor authentication to permitting single-factor authentication for access to the computer system;
issuing, from the credential server computing device to the workstation computing device, the temporary single-factor credential;
receiving a second request to extend the lifetime of the temporary single-factor credential through a web-based user interface and extending the lifetime of the temporary single-factor credential in response to the request;
receiving, at the credential server computing device, the temporary single-factor credential;
upon receiving the temporary single-factor credential, generating a hash value and associating the hash value with the user account to permit access to the computer system;
disabling, at the computing device, the temporary single-factor credential, when the lifetime ends, such that access to the computer system via the temporary single-factor credential is terminated; and
modifying, at the credential server computing device, the user account to require multi-factor authentication for access to the computer system.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods and credential systems for use in controlling access to a computer system are disclosed. One example method includes receiving a request for a temporary single-factor credential associated with a user account, modifying the user account to allow single-factor authentication to permit access to the computer system, issuing the temporary single-factor credential, wherein the password includes a lifetime, disabling the temporary single-factor credential, when the lifetime ends, such that access to the computer system via the temporary single-factor credential is terminated, and modifying the user account associated to require multi-factor authentication for access to the computer system.
-
Citations
17 Claims
-
1. A method for controlling access to a computer system, said method is implemented by a credential server computing device, said method comprising:
-
receiving, by the credential server computing device, a first request from a workstation computing device, for a temporary single-factor credential associated with a user account; receiving, by the credential server computing device, a reason selection transmitted from the workstation computing device, wherein the reason selection specifies a reason for requesting the temporary single-factor credential; generating, by the credential server computing device, a plurality of selectable lifetimes in a list for the temporary single-factor credential based on the reason selection transmitted from the workstation computing device; transmitting, by the credential server computing device, the plurality of selectable lifetimes to the workstation computing device; modifying, at a computing device, the user account from requiring multi-factor authentication to permitting single-factor authentication for access to the computer system; issuing, from the credential server computing device to the workstation computing device, the temporary single-factor credential; receiving a second request to extend the lifetime of the temporary single-factor credential through a web-based user interface and extending the lifetime of the temporary single-factor credential in response to the request; receiving, at the credential server computing device, the temporary single-factor credential; upon receiving the temporary single-factor credential, generating a hash value and associating the hash value with the user account to permit access to the computer system; disabling, at the computing device, the temporary single-factor credential, when the lifetime ends, such that access to the computer system via the temporary single-factor credential is terminated; and modifying, at the credential server computing device, the user account to require multi-factor authentication for access to the computer system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A credential server for use in controlling access to a computer system, said credential server comprising:
-
a memory device storing a user account; and a processor coupled to the memory device, said processor configured to; receive a first request from a workstation computing device for a temporary single-factor credential associated with the user account; receive a reason selection transmitted from the workstation computing device, wherein the reason selection specifies a reason for requesting the temporary single-factor credential; generate a plurality of selectable lifetimes in a list for the temporary single-factor credential based on the reason selection transmitted from the workstation computing device; transmit the plurality of selectable lifetimes to the workstation computing device; modify the user account from requiring multi-factor authentication to permitting single-factor authentication for access to the computer system; issue the temporary single-factor credential to the workstation computing device; receive a second request to extend the lifetime of the temporary single-factor credential through a web-based user interface and extend the lifetime of the temporary single-factor credential in response to the request; receive the temporary single-factor credential; upon receiving the temporary single-factor credential, generate a hash value and associate the hash value with the user account to permit access to the computer system; disable the temporary single-factor credential, when the lifetime ends, such that access to the computer system via the temporary single-factor credential is terminated; and modify the user account to require multi-factor authentication for access to the computer system. - View Dependent Claims (10, 11, 12, 13)
-
-
14. One or more non-transitory computer-readable storage media having computer-executable instructions embodied thereon, wherein when executed by at least one processor, the computer-executable instructions cause the processor to:
-
receive a first request from a workstation computing device for a temporary single-factor credential associated with a user account; receive a reason selection transmitted from the workstation computing device, wherein the reason selection specifies a reason for requesting the temporary single-factor credential; generate a plurality of selectable lifetimes in a list for the temporary single-factor credential based on the reason selection transmitted from the workstation computing device; transmit the plurality of selectable lifetimes to the workstation computing device; modify the user account from requiring multi-factor authentication to permitting single-factor authentication for access to a computer system; issue the temporary single-factor credential to the workstation computing device; receive a second request to extend the lifetime of the temporary single-factor credential through a web-based user interface and extend the lifetime of the temporary single-factor credential in response to the request; receive the temporary single-factor credential; upon receiving the temporary single-factor credential, generate a hash value and associate the hash value with the user account to permit access to the computer system; modify the user account associated to permit single-factor authentication for access to the computer system; and disable the temporary credential, when the lifetime ends, such that access to the computer system via the temporary single-factor credential is terminated. - View Dependent Claims (15, 16, 17)
-
Specification