Methods of resetting passwords in network service systems including user redirection and related systems and computer program products

US 9,407,630 B2
Filed: 09/10/2014
Issued: 08/02/2016
Est. Priority Date: 09/23/2003
Status: Expired due to Term

First Claim

Patent Images

1. A method of resetting a password for a network service account, the method comprising:

accepting entry of a password at a first server via a communication session from an electronic device wherein the electronic device is remote from the first server;

comparing the entered password with a known password;

redirecting the communications session of the user, without user intervention, of the electronic device from the first server to a second server providing a password reset tool responsive to a negative comparison result between the entered password and the known password, such that the entered password does not match the known password;

blocking the user of the electronic device from network access other than the password reset tool in the second server, wherein the second server is separate from the first server;

accepting user entry of verification information at the second server responsive to blocking network access;

comparing the verification information from the user with known verification information for the user at the password reset tool in the second server;

accepting user entry of a new password responsive to matching the entered verification information and the known verification information for the user; and

storing the new password as the known password for the user,wherein the electronic device is remote from both of the first and second servers;

wherein the second server comprises an element of a sandbox network and wherein the first server is outside the sandbox network;

wherein the password reset tool implemented on the second server is separate from the first server;

wherein the password reset tool in the second server is configured to accept redirection of the user of the electronic device from an access control point implemented at the first server to the sandbox network at the second server, the access control point being coupled between the electronic device and the second server;

wherein the password reset tool in the second server implemented at the second server is further configured to accept user entry of verification information, to compare the verification information from the user of the electronic device with known verification information for the user of the electronic device, to accept user entry of a new password if the verification information accepted from the user of the electronic device matches the known verification information for the user of the electronic device, and to store the new password as the known password for the user of the electronic device; and

wherein the method further comprises terminating redirecting the communication session of the user of the electronic device to the second server providing the password reset tool in response to at least one of;

verification information entered by the user that does not match the known verification information;

user verification information that is accepted a predetermined number of times without matching the known verification information; and

passing of a predetermined period of time without accepting user verification information matching the known verification information.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Resetting a password for a network service account may include redirecting the user to a password reset tool, wherein the user is blocked from network access other than the password reset tool while being redirected. After redirecting the user to the password reset tool, user entry of verification information may be accepted, and the verification information from the user may be compared with known verification information for the user. User entry of a new password may be accepted if the verification information accepted from the user matches the known verification information for the user; and the new password may be stored as the known password for the user. Related systems and computer-program products are also discussed.

64 Citations

View as Search Results

17 Claims

1. A method of resetting a password for a network service account, the method comprising:
- accepting entry of a password at a first server via a communication session from an electronic device wherein the electronic device is remote from the first server;
  
  comparing the entered password with a known password;
  
  redirecting the communications session of the user, without user intervention, of the electronic device from the first server to a second server providing a password reset tool responsive to a negative comparison result between the entered password and the known password, such that the entered password does not match the known password;
  
  blocking the user of the electronic device from network access other than the password reset tool in the second server, wherein the second server is separate from the first server;
  
  accepting user entry of verification information at the second server responsive to blocking network access;
  
  comparing the verification information from the user with known verification information for the user at the password reset tool in the second server;
  
  accepting user entry of a new password responsive to matching the entered verification information and the known verification information for the user; and
  
  storing the new password as the known password for the user,wherein the electronic device is remote from both of the first and second servers;
  
  wherein the second server comprises an element of a sandbox network and wherein the first server is outside the sandbox network;
  
  wherein the password reset tool implemented on the second server is separate from the first server;
  
  wherein the password reset tool in the second server is configured to accept redirection of the user of the electronic device from an access control point implemented at the first server to the sandbox network at the second server, the access control point being coupled between the electronic device and the second server;
  
  wherein the password reset tool in the second server implemented at the second server is further configured to accept user entry of verification information, to compare the verification information from the user of the electronic device with known verification information for the user of the electronic device, to accept user entry of a new password if the verification information accepted from the user of the electronic device matches the known verification information for the user of the electronic device, and to store the new password as the known password for the user of the electronic device; and
  
  wherein the method further comprises terminating redirecting the communication session of the user of the electronic device to the second server providing the password reset tool in response to at least one of;
  
  verification information entered by the user that does not match the known verification information;
  
  user verification information that is accepted a predetermined number of times without matching the known verification information; and
  
  passing of a predetermined period of time without accepting user verification information matching the known verification information.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, wherein accepting entry of the password from the electronic device comprises accepting entry of the password from the electronic device over a telephone line.
  - 3. The method of claim 1 further comprising providing network service for the user without redirecting to the second server providing the password reset tool if the entered password matches the known password for the user.
  - 4. The method of claim 1, wherein redirecting the user to the second server providing the password reset tool comprises redirecting the user to the second server providing the password reset tool if a predetermined number of passwords have been accepted from the user during a session without matching the known password.
  - 5. The method of claim 1:
    - wherein accepting entry of a password further comprises accepting entry of a username and the password from the electronic device; and
      
      wherein redirecting the user of the electronic device to the password reset tool if the password from the electronic device does not match the known password further comprises redirecting the user of the electronic device to the second server providing the password reset tool only if the username from the electronic device is a valid username.
  - 6. The method of claim 1 further comprising, after accepting entry of the new password, terminating redirecting of the user of the electronic device to the second server providing the password reset tool.
  - 7. The method of claim 1 further comprising, after accepting entry of the new password from the remote electronic device, transmitting instructions for the remote electronic device to automatically save the new password.
  - 8. The method of claim 1, wherein redirecting the user of the electronic device to the second server providing the password reset tool comprises tunneling the user from the first server to the second server providing the password reset tool.
  - 9. The method of claim 1 further comprising:
    - after redirecting the user of the electronic device to the second server providing the password reset tool, accepting a request from a network browser at the second server; and
      
      responsive to accepting the request from a network browser, providing a password reset window including prompts for entry of the verification information while the user of the electronic device is blocked from network access other than the password reset tool wherein the password reset window is provided from the second server at the electronic device remote from the second server.
  - 10. The method of claim 1 further comprising:
    - after redirecting the user of the electronic device to the second server providing the password reset tool, accepting a request for e-mail service at the second server from the electronic device; and
      
      responsive to accepting the request for e-mail service, providing a password reset e-mail from the second server for the user including a link to a password reset window including prompts for entry of the verification information while the user of the electronic device is blocked from network access other than the password reset tool.
  - 11. The method of claim 10 further comprising, responsive to accepting the request for e-mail, blocking access of the user of the electronic device to all e-mails other than the password reset e-mail.
  - 12. The method of claim 1, wherein the network service account comprises an Internet service account.

13. A network service system that provides access to a data network for a user having a network service account therewith, the system comprising:
- an electronic device; and
  
  first and second servers in communication with the electronic device;
  
  an access control point implemented on the first server configured to accept entry of a password from the electronic device remote from the first server as a condition of providing access to the data network, to compare the entered password with a known password for the user using the electronic device, and to redirect the communications session of the user, without user intervention, of the electronic device from the first server to a second server providing a password reset tool responsive to a negative comparison result between the entered password and the known password, such that the entered password does not match the known password; and
  
  a password reset tool implemented on the second server separate from the first server, wherein the password reset tool is configured to accept redirection of the communications session of the user, without user intervention, of the electronic device from the access control point implemented at the first server to the password reset tool implemented at the second server, wherein the user of the electronic device is blocked from network access other than the password reset tool implemented at the second server while being redirected, the password reset tool implemented at the second server being further configured to accept user entry of verification information after redirecting the user of the electronic device to the password reset tool, to compare the verification information from the user of the electronic device with known verification information for the user of the electronic device, to accept user entry of a new password, responsive to matching the entered verification information and the known verification information for the user, and to store the new password as the known password for the user of the electronic device,wherein the electronic device is remote from both of the first and second servers; and
  
  wherein the second server comprises an element of a sandbox network and wherein the first server is outside the sandbox network;
  
  wherein the password reset tool in the second server is configured to accept redirection of the user of the electronic device from an access control point implemented at the first server to the sandbox network at the second server, the access control point being coupled between the electronic device and the second server;
  
  wherein the password reset tool in the second server is configured to terminate redirecting the communication session of the user of the electronic device to the second server providing the password reset tool in response to at least one of;
  
  verification information entered by the user that does not match the known verification information;
  
  user verification information that is accepted a predetermined number of times without matching the known verification information; and
  
  passing of a predetermined period of time without accepting user verification information matching the known verification information.
- View Dependent Claims (14, 15, 16)
- - 14. The network service system of claim 13, wherein the access control point is configured to accept entry of the password from the electronic device over a telephone line.
  - 15. The network service system of claim 13, wherein the access control point is configured to provide network service for the user of the electronic device without redirecting to the password reset tool if the entered password matches the known password for the user.
  - 16. The network service system of claim 13, wherein the access control point is configured to redirect the user to the password reset tool if a predetermined number of passwords have been accepted from the user during a session without matching the known password.

17. A computer program product configured to reset a password for a network service account, the computer program product comprising a non-transitory computer readable storage medium having computer-readable program code embodied in the medium, the computer-readable program code comprising:
- computer-readable program code that is configured to accept entry of a password at a first server from an electronic device wherein the electronic device is remote from the first server;
  
  computer-readable program code that is configured to compare the entered password with a known password, wherein redirecting the user to the password reset tool comprises redirecting the user to the password reset tool if the entered password does not match the known password;
  
  computer-readable program code that is configured to redirect the communications session of the user, without user intervention, of the electronic device from the first server to a second server providing a password reset tool responsive to a negative comparison result between the entered password and the known password, such that the entered password does not match the known password, and to block the user of the electronic device from network access other than the password reset tool in the second server, wherein the second server is separate from the first server;
  
  computer-readable program code that is configured to accept user entry of verification information at the second server responsive to blocking network access;
  
  computer-readable program code that is configured to compare the verification information from the user with known verification information for the user at the password reset tool in the second server;
  
  computer-readable program code that is configured to accept user entry of a new password responsive to matching the entered verification information and the known verification information for the user; and
  
  computer-readable program code that is configured to store the new password as the known password for the user,wherein the electronic device is remote from both of the first and second servers;
  
  wherein the second server comprises an element of a sandbox network and wherein the first server is outside the sandbox network;
  
  wherein the password reset tool implemented on the second server is separate from the first server;
  
  wherein the password reset tool in the second server is configured to accept redirection of the user of the electronic device from an access control point implemented at the first server to the sandbox network at the second server, the access control point being coupled between the electronic device and the second server;
  
  wherein the password reset tool in the second server implemented at the second server is further configured to accept user entry of verification information, to compare the verification information from the user of the electronic device with known verification information for the user of the electronic device, to accept user entry of a new password if the verification information accepted from the user of the electronic device matches the known verification information for the user of the electronic device, and to store the new password as the known password for the user of the electronic device; and
  
  wherein the method further comprises terminating redirecting the communication session of the user of the electronic device to the second server providing the password reset tool in response to at least one of;
  
  verification information entered by the user that does not match the known verification information;
  
  user verification information that is accepted a predetermined number of times without matching the known verification information; and
  
  passing of a predetermined period of time without accepting user verification information matching the known verification information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
ServiceNow Incorporated
Original Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Inventors
Morris, Nadia, Conner, William J.
Primary Examiner(s)
Pham, Luu
Assistant Examiner(s)
Baum, Ronald

Application Number

US14/482,325
Publication Number

US 20140380439A1
Time in Patent Office

692 Days
Field of Search

726/6
US Class Current

1/1
CPC Class Codes

G06F 21/31   User authentication

G06F 21/604   Tools and structures for ma...

G06F 2221/2131   Lost password, e.g. recover...

H04L 63/083   using passwords cryptograph...

Methods of resetting passwords in network service systems including user redirection and related systems and computer program products

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

64 Citations

17 Claims

Specification

Use Cases

Quick Links

Others

Methods of resetting passwords in network service systems including user redirection and related systems and computer program products

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

64 Citations

17 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others