Password submission without additional user input

US 9,536,067 B1
Filed: 01/01/2015
Issued: 01/03/2017
Est. Priority Date: 01/01/2014
Status: Expired due to Fees

First Claim

Patent Images

1. A computer-implemented method for submitting and checking a password without additional user input, the method comprising:

presenting a password entry form to a user, the password entry form having a text field for entering a password;

wherein the password entry form is configured to accept passwords of variable length;

detecting text input from the user;

in response to detecting the text input from the user, displaying text characters in the text field;

in response to the user entering text characters in the text field, submitting the contents of the text field for password verification;

wherein the step of submitting the contents of the text field for password verification occurs without additional user input besides the user entering text characters in the text field;

wherein the step of submitting the contents of the text field for password verification is performed repeatedly in response to the user changing the contents of the text field and is performed at least once before the user has completed entry of the password in the text field;

at a first time, determining that a password submitted for verification is not a correct password of the user by retrieving a stored salt, adding the stored salt to the password submitted for verification or a function computed on the password submitted for verification and computing a hash of the result, comparing the resulting hash with a hash stored associated with an account of the user in a database, and determining that the hashes do not match;

in response to determining that a password submitted for verification is not a correct password of the user, denying access to a protected computer resource;

at a second time, determining that a password submitted for verification is a correct password of the user by retrieving the stored salt, adding the stored salt to the password submitted for verification or a function computed on the password submitted for verification and computing a hash of the result, comparing the resulting hash with the hash stored associated with the account of the user in the database, and determining that the hashes match; and

logging in the user to provide access to the protected computer resource, and notifying the user that he or she is logged in;

wherein the steps of detecting text input from the user and, in response to detecting the text input from the user, displaying text characters in the text field, are capable of occurring in parallel with the step of determining that a password submitted for verification is a correct password of the user.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer system may have a password entry form with a text field for a user to enter a password. The computer may receive text input from the user and display the text input in the text field. In response to the text input of the user, and without additional input from the user besides the text input, the computer may submit the password for verification of correctness. In some embodiments, submission of the password for verification occurs after a trigger event, where trigger events include without limitation a threshold time elapsing from the most recent text input of the user, a threshold time elapsing from the most recent password submission, entry of a threshold number of text characters, “immediate” submission after entry or deletion of a text character, and so forth.

58 Citations

View as Search Results

20 Claims

1. A computer-implemented method for submitting and checking a password without additional user input, the method comprising:
- presenting a password entry form to a user, the password entry form having a text field for entering a password;
  
  wherein the password entry form is configured to accept passwords of variable length;
  
  detecting text input from the user;
  
  in response to detecting the text input from the user, displaying text characters in the text field;
  
  in response to the user entering text characters in the text field, submitting the contents of the text field for password verification;
  
  wherein the step of submitting the contents of the text field for password verification occurs without additional user input besides the user entering text characters in the text field;
  
  wherein the step of submitting the contents of the text field for password verification is performed repeatedly in response to the user changing the contents of the text field and is performed at least once before the user has completed entry of the password in the text field;
  
  at a first time, determining that a password submitted for verification is not a correct password of the user by retrieving a stored salt, adding the stored salt to the password submitted for verification or a function computed on the password submitted for verification and computing a hash of the result, comparing the resulting hash with a hash stored associated with an account of the user in a database, and determining that the hashes do not match;
  
  in response to determining that a password submitted for verification is not a correct password of the user, denying access to a protected computer resource;
  
  at a second time, determining that a password submitted for verification is a correct password of the user by retrieving the stored salt, adding the stored salt to the password submitted for verification or a function computed on the password submitted for verification and computing a hash of the result, comparing the resulting hash with the hash stored associated with the account of the user in the database, and determining that the hashes match; and
  
  logging in the user to provide access to the protected computer resource, and notifying the user that he or she is logged in;
  
  wherein the steps of detecting text input from the user and, in response to detecting the text input from the user, displaying text characters in the text field, are capable of occurring in parallel with the step of determining that a password submitted for verification is a correct password of the user.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, further comprising determining that a threshold time has elapsed from the most recent entry of a text character in the text field before performing the step of, in response to the user entering text characters in the text field, submitting the contents of the text field for password verification.
  - 3. The method of claim 1, further comprising determining that the contents of the text field meet or exceed a threshold length before performing the step of, in response to the user entering text characters in the text field, submitting the contents of the text field for password verification.
  - 4. The method of claim 1, further comprising adding padding to the contents of the text field and encrypting the contents of the text field, prior to submitting the contents of the text field for password verification.
  - 5. The method of claim 1, wherein the step of presenting a password entry form to a user is performed on a client computer and the contents of the text field are submitted over a network for verification by a server computer such that the step of determining that a password submitted for verification is a correct password of the user is performed on the server computer.
  - 6. The method of claim 1, further comprising displaying the password entry form to the user asynchronously so that submitting the contents of the text field for password verification occurs without causing reloading of the password entry form.
  - 7. The method of claim 1, further comprising:
    - in response to the user deleting text characters in the text field, submitting the contents of the text field for password verification, wherein the submission of the contents of the text field for password verification occurs without additional user input besides the user deleting text characters in the text field.

8. A computer-implemented method for submitting and checking a password without additional user input, the method comprising:
- presenting a password entry form to a user, the password entry form having a text field for entering a password;
  
  wherein the password entry form is configured to accept passwords of variable length;
  
  detecting text input from the user;
  
  in response to detecting the text input from the user, displaying text characters in the text field;
  
  in response to the user entering text characters in the text field, submitting the contents of the text field for password verification;
  
  wherein the step of submitting the contents of the text field for password verification occurs without additional user input besides the user entering text characters in the text field;
  
  wherein the step of submitting the contents of the text field for password verification is performed repeatedly in response to the user changing the contents of the text field and is performed at least once before the user has completed entry of the password in the text field;
  
  at a first time, determining that a password submitted for verification is not a correct password of the user and not providing access to a protected computer resource;
  
  at a second time, determining that a password submitted for verification is a correct password of the user, logging in the user to provide access to the protected computer resource, and notifying the user that he or she is logged in;
  
  wherein the steps of detecting text input from the user and, in response to detecting the text input from the user, displaying text characters in the text field, are capable of occurring in parallel with the step of determining that a password submitted for verification is a correct password of the user.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The method of claim 8, further comprising determining that a threshold time has elapsed from the most recent entry of a text character in the text field before performing the step of, in response to the user entering text characters in the text field, submitting the contents of the text field for password verification.
  - 10. The method of claim 8, further comprising determining that the contents of the text field meet or exceed a threshold length before performing the step of, in response to the user entering text characters in the text field, submitting the contents of the text field for password verification.
  - 11. The method of claim 8, further comprising adding padding to the contents of the text field and encrypting the contents of the text field, prior to submitting the contents of the text field for password verification.
  - 12. The method of claim 8, wherein the step of presenting a password entry form to a user is performed on a client computer and the contents of the text field are submitted over a network for verification by a server computer such that the step of determining that a password submitted for verification is a correct password of the user is performed on the server computer.
  - 13. The method of claim 8, further comprising displaying the password entry form to the user asynchronously so that submitting the contents of the text field for password verification occurs without causing reloading of the password entry form.
  - 14. The method of claim 8, further comprising:
    - in response to the user deleting text characters in the text field, submitting the contents of the text field for password verification, wherein the submission of the contents of the text field for password verification occurs without additional user input besides the user deleting text characters in the text field.

15. A non-transitory computer-readable medium containing instructions for submitting and checking a password without additional input, the non-transitory computer-readable medium comprising:
- instructions for presenting a password entry form to a user, the password entry form having a text field for entering a password;
  
  wherein the password entry form is configured to accept passwords of variable length;
  
  instructions for detecting text input from the user;
  
  instructions for, in response to detecting the text input from the user, displaying text characters in the text field;
  
  instructions for, in response to the user entering text characters in the text field, submitting the contents of the text field for password verification;
  
  wherein the instructions for submitting the contents of the text field for password verification include instructions for submitting the contents of the text field for password verification without additional user input besides the user entering text characters in the text field;
  
  wherein the instructions for the submitting the contents of the text field for password verification further include instructions for submitting the contents of the text field for password verification before the user has completed entry of the password in the text field;
  
  instructions for determining that a password submitted for verification is not a correct password of the user and denying access to a protected computer resource;
  
  instructions for determining that a password submitted for verification is a correct password of the user, logging in the user to provide access to the protected computer resource, and notifying the user that he or she is logged in;
  
  instructions for determining whether a password submitted for verification is correct or not in parallel with continuing to receive text input from the user and updating the contents of the text field in response to the received text input.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The non-transitory computer-readable medium of claim 15, further comprising instructions for determining that a threshold time has elapsed from the most recent entry of a text character in the text field before, in response to the user entering text characters in the text field, submitting the contents of the text field for password verification.
  - 17. The non-transitory computer-readable medium of claim 15, further comprising instructions for determining that the contents of the text field meet or exceed a threshold length before, in response to the user entering text characters in the text field, submitting the contents of the text field for password verification.
  - 18. The non-transitory computer-readable medium of claim 15, further comprising instructions for adding padding to the contents of the text field and encrypting the contents of the text field, prior to submitting the contents of the text field for password verification.
  - 19. The non-transitory computer-readable medium of claim 15, further comprising instructions for displaying the password entry form to the user asynchronously so that submitting the contents of the text field for password verification occurs without causing reloading of the password entry form.
  - 20. The non-transitory computer-readable medium of claim 15, further comprising:
    - instructions for detecting that the user has deleted text characters from the text field and, in response to the user deleting text characters in the text field, submitting the contents of the text field for password verification without additional user input besides the user deleting text characters in the text field.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Advanced Research LLC
Original Assignee
Advanced Research LLC
Inventors
Lee, Bryant Christopher
Primary Examiner(s)
Lin, Kenny

Application Number

US14/588,459
Time in Patent Office

733 Days
Field of Search

None
US Class Current

1/1
CPC Class Codes

G06F 21/31 User authentication

H04L 63/083 using passwords cryptograph...

Password submission without additional user input

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

58 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Password submission without additional user input

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

58 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others