Secure identification string
First Claim
Patent Images
1. A method of providing secure access to a device, comprising:
- receiving a first credential string entered by via a user interface;
validating the first credential string using trusted code installed at the device;
in response to determining that the first credential string is valid using the trusted code, sending, to a remote server, an indication that the first credential string has been validated by the trusted code, wherein the remote server compares an amount of time between receiving the indication and a previous indication that a credential string has been validated by the trusted code with a predetermined duration;
in the event the amount of time is greater than the predetermined duration, receiving from the remote server a request for additional authentication information;
in the event the amount of time is less than or equal to the predetermined duration, receiving from the remote server a response that includes a second credential string, wherein the second credential string includes more characters than the first credential string; and
using the second credential string to provide access to data stored on the device.
4 Assignments
0 Petitions
Accused Products
Abstract
Providing secure access to a mobile or other device using a network-assisted PIN or other short password is disclosed. In various embodiments, upon entry by a user of a personal identification number (PIN) or other short password, the password and a unique identifier, such as a user and/or device identifier, and/or other data, are sent to a remote server. The remote server returns to the mobile or other device a cryptographic key and/or other data, such as a more secure (e.g., more characters and/or including characters drawn from a larger set of characters) password usable at the mobile device to access encrypted data.
58 Citations
25 Claims
-
1. A method of providing secure access to a device, comprising:
-
receiving a first credential string entered by via a user interface; validating the first credential string using trusted code installed at the device; in response to determining that the first credential string is valid using the trusted code, sending, to a remote server, an indication that the first credential string has been validated by the trusted code, wherein the remote server compares an amount of time between receiving the indication and a previous indication that a credential string has been validated by the trusted code with a predetermined duration; in the event the amount of time is greater than the predetermined duration, receiving from the remote server a request for additional authentication information; in the event the amount of time is less than or equal to the predetermined duration, receiving from the remote server a response that includes a second credential string, wherein the second credential string includes more characters than the first credential string; and using the second credential string to provide access to data stored on the device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 19, 20, 21, 22, 23, 24, 25)
-
-
13. A device configured to provide network-assisted secure access, comprising:
-
a communication interface; and a processor coupled to the communication interface and configured to; receive a first credential string entered by via a user interface; validate the first credential string using trusted code installed at the device; in response to determining that the first credential string is valid using the trusted code, send, to a remote server, an indication that the first credential string has been validated by the trusted code, wherein the remote server compares an amount of time between receiving the indication and a previous indication that a credential string has been validated by the trusted code with a predetermined duration; in the event the amount of time is greater than the predetermined duration, receiving from the remote server a request for additional authentication information; in the event the amount of time is less than or equal to the predetermined duration, receive from the remote server via the communication interface a response that includes a second credential string, wherein the second credential string includes more characters than the first credential string; and use the second credential string to provide access to data stored on the device. - View Dependent Claims (14, 15, 16, 17)
-
-
18. A computer program product to provide secure access, the computer program product being embodied in a tangible, non-transitory computer readable storage medium and comprising computer instructions for:
-
receiving a first credential string entered by via a user interface; validating the first credential string using trusted code installed at a device; in response to determining that the first credential string is valid using the trusted code, sending, to a remote server, an indication that the first credential string has been validated by the trusted code, wherein the remote server compares an amount of time between receiving the indication and a previous indication that a credential string has been validated by the trusted code within a predetermined duration; in the event the amount of time is greater than the predetermined duration, receiving from the remote server a request for additional authentication information; in the event the amount of time is less than or equal to the predetermined duration, receiving from the remote server a response that includes a second credential string, wherein the second credential string includes more characters than the first credential string; and using the second credential string to provide access to data stored on the device.
-
Specification