Password constraint enforcement used in external site authentication
First Claim
1. A system, comprising:
- a processor configured to;
monitor encrypted network communications between a client and an external site;
process the encrypted network communications between the client and the external site to decrypt the encrypted network communications between the client and the external site and to detect a request from the client to create user credentials for user authentication on the external site; and
determine whether the request from the client to create user credentials for user authentication on the external site violates a policy for password constraint enforcement for user authentication on external sites, the user credentials including a username, a password, or a combination thereof, wherein the determining of whether the request from the client to create the user credentials for the user authentication on the external site violates the policy for password constraint enforcement comprises to;
determine whether the user credentials of the external site match other user credentials for user authentication on another external site, the other user credentials including a username, a password, or a combination thereof; and
in the event that the user credentials of the external site match the other user credentials for user authentication on the other external site, determine that the request violates the policy for password constraint enforcement; and
a memory coupled to the processor and configured to provide the processor with instructions.
0 Assignments
0 Petitions
Accused Products
Abstract
Techniques for password constraint enforcement used in external site authentication are disclosed. In some embodiments, password constraint enforcement used in external site authentication includes monitoring encrypted network communications between a client and an external site (e.g., a remote server), in which the encrypted network communications are encrypted using a first protocol (e.g., Secure Sockets Layer (SSL) protocol, HTTPS protocol, or another protocol for encrypted network communications); and determining if the client sends a request to create user credentials for an external site authentication. In some embodiments, password constraint enforcement used in external site authentication further includes performing password constraint enforcement used in the external site authentication.
14 Citations
20 Claims
-
1. A system, comprising:
-
a processor configured to; monitor encrypted network communications between a client and an external site; process the encrypted network communications between the client and the external site to decrypt the encrypted network communications between the client and the external site and to detect a request from the client to create user credentials for user authentication on the external site; and determine whether the request from the client to create user credentials for user authentication on the external site violates a policy for password constraint enforcement for user authentication on external sites, the user credentials including a username, a password, or a combination thereof, wherein the determining of whether the request from the client to create the user credentials for the user authentication on the external site violates the policy for password constraint enforcement comprises to; determine whether the user credentials of the external site match other user credentials for user authentication on another external site, the other user credentials including a username, a password, or a combination thereof; and in the event that the user credentials of the external site match the other user credentials for user authentication on the other external site, determine that the request violates the policy for password constraint enforcement; and a memory coupled to the processor and configured to provide the processor with instructions. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A method, comprising:
-
monitoring encrypted network communications between a client and an external site; processing the encrypted network communications between the client and the external site to decrypt the encrypted network communications between the client and the external site and to detect a request from the client to create user credentials for user authentication on the external site; and determining whether the request from the client to create user credentials for user authentication on the external site violates a policy for password constraint enforcement for user authentication on external sites, the user credentials including a username, a password, or a combination thereof, wherein the determining of whether the request from the client to create the user credentials for the user authentication on the external site violates the policy for password constraint enforcement comprises; determining whether the user credentials of the external site match other user credentials for user authentication on another external site, the other user credentials including a username, a password, or a combination thereof; and in the event that the user credentials of the external site match the other user credentials for user authentication on the other external site, determining that the request violates the policy for password constraint enforcement. - View Dependent Claims (18)
-
-
19. A computer program product, the computer program product being embodied in a tangible non-transitory computer readable storage medium and comprising computer instructions for:
-
monitoring encrypted network communications between a client and an external site; processing the encrypted network communications between the client and the external site to decrypt the encrypted network communications between the client and the external site and to detect a request from the client to create user credentials for user authentication on the external site; and determining whether the request from the client to create user credentials for user authentication on the external site violates a policy for password constraint enforcement for user authentication on external sites, the user credentials including a username, a password, or a combination thereof, wherein the determining of whether the request from the client to create the user credentials for the user authentication on the external site violates the policy for passsword constraint enforcement comprises; determining whether the user credentials of the external site match other user credentials for user authentication on another external site, the other user credentials including a username, a password, or a combination thereof; and in the event that the user credentials of the external site match the other user credentials for user authentication on the other external site, determining that the request violates the policy for password constraint enforcement. - View Dependent Claims (20)
-
Specification