Methods, devices and computer program supports for password generation and verification
First Claim
Patent Images
1. A method of verification of an entered password during log-on of a user to an entity protected by a password, the password comprising several characters, and the method comprising in a processor:
- receiving at least one character of the password;
verifying that the at least one received character has a parity value different from a parity of the length of the user name;
determining that a brute force attack has been attempted upon detection of a predetermined number of parts of entered passwords having parity values equal to the parity of the length of the user name; and
upon reception of all the characters of the entered password and an indication that the password is complete, the subsequent step of verifying that the complete password corresponds to the password that protects the entity.
2 Assignments
0 Petitions
Accused Products
Abstract
During log-on of a user to an entity protected by a password, the password is verified by iteratively receiving a password character; and verifying that the received character complies with a predefined property (α) that sets at least one requirement for allowable passwords. If this is not the case, then this can indicate a brute force attack and appropriate action may be taken. The property α may be dependent on the user. Also provided are a corresponding device and a computer program product.
43 Citations
7 Claims
-
1. A method of verification of an entered password during log-on of a user to an entity protected by a password, the password comprising several characters, and the method comprising in a processor:
-
receiving at least one character of the password; verifying that the at least one received character has a parity value different from a parity of the length of the user name; determining that a brute force attack has been attempted upon detection of a predetermined number of parts of entered passwords having parity values equal to the parity of the length of the user name; and upon reception of all the characters of the entered password and an indication that the password is complete, the subsequent step of verifying that the complete password corresponds to the password that protects the entity. - View Dependent Claims (2, 3)
-
-
4. A device for verifying an entered password during log-on of a user to an entity protected by a password, the password comprising several characters, and the device comprising:
-
an interface for receiving at least one character of said entered password; and a processor configured to; verify that at least one received password character has a parity value different from a parity of the length of a user name; determine that a brute force attack has been attempted upon detection of a predetermined number of parts of entered passwords having parity values equal to the parity of the length of the user name and upon reception of all the characters of the password and an indication that the entered password is complete, subsequently verify that the complete entered password corresponds to the password that protects the entity. - View Dependent Claims (5, 6)
-
-
7. A computer program product stored on a non-transitory computer readable medium, and having stored thereon instructions of a software program, wherein the instructions, when executed by a processor performs, during log-on of a user to an entity protected by a password comprising several characters:
-
receiving at least one character of an entered password; and verifying that the at least one received character has a parity value different from a parity of a length of the user name; determining that a brute force attack has been attempted upon detection of a predetermined number of parts of entered passwords having parity values equal to the parity of the length of the user name; and upon reception of all the characters of the entered password and an indication that the entered password is complete, subsequently verifying that the complete password corresponds to the entered password that protects the entity.
-
Specification