Obfuscated passwords

US 9,590,808 B2
Filed: 12/08/2014
Issued: 03/07/2017
Est. Priority Date: 12/08/2014
Status: Expired due to Fees

First Claim

Patent Images

1. A method for obfuscating an electronic password from visual surveillance each time a user accesses a session, comprising:

receiving, from the user, a password symbol of the electronic password;

generating, by a computing device in response to receiving the password symbol in a session access attempt, an obfuscated password derived from the electronic password using an obfuscation rule when the password symbol is a first symbol of the electronic password,wherein the obfuscated password comprises symbols of the electronic password and a unique sequence of at least one obfuscating symbol generated from both the obfuscation rule and a randomly selected symbol of the electronic password, wherein the unique sequence of at least one obfuscating symbol is generated for each session access attempt by applying the obfuscation rule to a set of generating symbols;

determining, in response to receiving a password symbol, whether to provide a feedback indicator, the feedback indicator corresponding to an instruction to enter an obfuscating symbol derived from the received password symbol according to both the feedback indicator and the obfuscation rule, wherein providing the feedback indicator includes vibrating an electronic device and the feedback indicator is selected from a group consisting of auditory cues, haptic cues, and visual cues;

providing, in response to determining to provide the feedback indicator, the feedback indicator to the user;

obtaining, from the user in response to providing the feedback indicator, a second password symbol; and

determining whether there are more password symbols to obtain;

repeating the determining, the providing, and the obtaining when there are more password symbols to obtain; and

granting access to the session when there are no more password symbols to obtain and the obfuscated password has been received.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for obfuscating an electronic password can include receiving at least a first symbol of a first password, wherein the first password has a plurality of symbols. Next, a second password (the obfuscated password) can be generated, the second password being derived from the first password using an obfuscation rule, wherein the second password includes the symbols of the first password and at least one obfuscating symbol generated from a first symbol of the first password (generating symbol) and the obfuscation rule. It can then be determined whether to provide a feedback indicator. A feedback indicator can be provided, in response to determining to provide the feedback indicator, wherein the feedback indicator corresponds with an instruction to enter an obfuscating symbol according to the obfuscating rule, the obfuscating symbol being from the second password. Finally, access can be granted to a session in response to receiving the second password.

Citations

6 Claims

1. A method for obfuscating an electronic password from visual surveillance each time a user accesses a session, comprising:
- receiving, from the user, a password symbol of the electronic password;
  
  generating, by a computing device in response to receiving the password symbol in a session access attempt, an obfuscated password derived from the electronic password using an obfuscation rule when the password symbol is a first symbol of the electronic password,wherein the obfuscated password comprises symbols of the electronic password and a unique sequence of at least one obfuscating symbol generated from both the obfuscation rule and a randomly selected symbol of the electronic password, wherein the unique sequence of at least one obfuscating symbol is generated for each session access attempt by applying the obfuscation rule to a set of generating symbols;
  
  determining, in response to receiving a password symbol, whether to provide a feedback indicator, the feedback indicator corresponding to an instruction to enter an obfuscating symbol derived from the received password symbol according to both the feedback indicator and the obfuscation rule, wherein providing the feedback indicator includes vibrating an electronic device and the feedback indicator is selected from a group consisting of auditory cues, haptic cues, and visual cues;
  
  providing, in response to determining to provide the feedback indicator, the feedback indicator to the user;
  
  obtaining, from the user in response to providing the feedback indicator, a second password symbol; and
  
  determining whether there are more password symbols to obtain;
  
  repeating the determining, the providing, and the obtaining when there are more password symbols to obtain; and
  
  granting access to the session when there are no more password symbols to obtain and the obfuscated password has been received.
- View Dependent Claims (2)
- - 2. The method of claim 1, wherein generating the obfuscated password comprises determining a unique sequence of obfuscating symbols for the obfuscated password for each session access attempt.

3. A system for obfuscating an electronic password, the system comprising:
- one or more computing nodes having a memory and a processor; and
  
  a computer readable storage medium of the one or more computing nodes having program instructions embodied therewith, the program instructions executable by the processor to cause the system to;
  
  receive, from the user, a password symbol of the electronic password;
  
  generate, in response to receiving the password symbol in a session access attempt, an obfuscated password derived from the electronic password using an obfuscation rule when the password symbol is a first symbol of the electronic password,wherein the obfuscated password comprises symbols of the electronic password and a unique sequence of at least one obfuscating symbol generated from both the obfuscation rule and a randomly selected symbol of the electronic password, wherein the unique sequence of at least one obfuscating symbol is generated for each session access attempt by applying the obfuscation rule to a set of generating symbols;
  
  determine, in response to receiving a first password symbol, whether to provide a feedback indicator, the feedback indicator corresponding to an instruction to enter an obfuscating symbol derived from the received password symbol according to both the feedback indicator and the obfuscation rule, wherein the feedback indicator includes a vibration of an electronic device and the feedback indicator is selected from a group consisting of auditory cues, haptic cues, and visual cues;
  
  provide, in response to determining to provide the feedback indicator, the feedback indicator to the user;
  
  obtain, from the user in response to providing the feedback indicator, a second password symbol;
  
  determine whether there are more password symbols to obtain;
  
  repeat the determining, the providing, and the obtaining when there are more password symbols to obtain; and
  
  grant access to a session when there are no more password symbols to obtain and the obfuscated password has been received.
- View Dependent Claims (4)
- - 4. The system of claim 3, wherein the program instructions are further executable by the processor to cause the system to determine a unique sequence of obfuscating symbols for the obfuscated password for each session access attempt.

5. A computer program product for obfuscating an electronic password, the computer program product comprising a computer readable storage medium having program instructions embodied therewith, wherein the computer readable storage medium is not a transitory signal per se, the program instructions executable by a processing circuit to cause the processing circuit to perform a method comprising:
- receiving, from the user, a password symbol of the electronic password;
  
  generating, by a computing device in response to receiving the password symbol in a session access attempt, an obfuscated password derived from the electronic password using an obfuscation rule when the password symbol is a first symbol of the electronic password,wherein the obfuscated password comprises symbols of the electronic password and a unique sequence of at least one obfuscating symbol generated from both the obfuscation rule and a randomly selected symbol of the electronic password, wherein the unique sequence of at least one obfuscating symbol is generated for each session access attempt by applying the obfuscation rule to a set of generating symbols;
  
  determining, in response to receiving a password symbol, whether to provide a feedback indicator, the feedback indicator corresponding to an instruction to enter an obfuscating symbol derived from the received password symbol according to both the feedback indicator and the obfuscation rule, wherein providing the feedback indicator includes vibrating an electronic device and the feedback indicator is selected from a group consisting of auditory cues, haptic cues, and visual cues;
  
  providing, in response to determining to provide the feedback indicator, the feedback indicator to the user;
  
  obtaining, from the user in response to providing the feedback indicator, a second password symbol;
  
  determining whether there are more password symbols to obtain;
  
  repeating the determining, the providing, and the obtaining when there are more password symbols to obtain; and
  
  granting access to the session when there are no more password symbols to obtain and the obfuscated password has been received.
- View Dependent Claims (6)
- - 6. The computer program product of claim 5, wherein generating the obfuscated password comprises determining a unique sequence of obfuscating symbols for the obfuscated password for each session access attempt.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AirBNB Incorporated
Original Assignee
International Business Machines Corporation
Inventors
Jiang, Tao T T, Romano, George J., Zhao, Guo Xin
Primary Examiner(s)
Le, Chau
Assistant Examiner(s)
CHAUDHRY, MUHAMMAD U

Application Number

US14/562,796
Publication Number

US 20160164681A1
Time in Patent Office

820 Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 2209/04 Masking or blinding

H04L 9/3226 using a predetermined code,...

Obfuscated passwords

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

6 Claims

Specification

Solutions

Use Cases

Quick Links

Obfuscated passwords

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

6 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links