Systems and methods for credential management between electronic devices
First Claim
1. A method for accessing a secure website, comprising:
- causing a user interface to receive browser credentials for a user account associated with a browser application for logging in to the browser application executing on a first user device to be presented by the browser application;
authenticating, using the first user device, a user of the first user device to the browser application on the first user device using the browser credentials received via the user interface corresponding to a browser account for the user of the first user device;
detecting, using the browser application, navigation to a login page of a secure website that requires user credentials for access thereto;
detecting a presence of a mobile device proximal to the first user device using a device discovery protocol, wherein a first version of the browser credentials are stored on the mobile device;
in response to detecting the presence of the mobile device proximal to the first user device, performing an application layer authentication between the browser application executing on the first user device and a credential manager application executing on the mobile device via a secure channel between the first user device and the mobile device by comparing a second version of the browser credentials generated by the first user device with the first version of the browser credentials stored on the mobile device;
in response to authenticating the browser application executing on the first user device to the credential manager application executing on the mobile device, transmitting, to the mobile device via the secure channel, an identification of the secure website;
receiving, from the mobile device via the secure channel, user credentials corresponding to the secure website, wherein the user credentials are encrypted using a session key established in association with the application layer authentication; and
populating, without user input, the login page of the secure website on the first user device with the received user credentials.
0 Assignments
0 Petitions
Accused Products
Abstract
Embodiments are provided for managing user credentials that enable access to secure websites. According to certain aspects, a browser device connects (230) to a website server that hosts a secure website. The browser device initiates (236) a credential request and enters (238) a discovery routine with a mobile device. After establishing (240) a secure channel with the mobile device, the browser device sends (248) an identification of the secure website to the mobile device, which identifies (250) corresponding user credentials and sends (252) the user credentials to the browser device. The browser device populates (254) a login page with the user credentials and accesses (256) the secure website.
-
Citations
18 Claims
-
1. A method for accessing a secure website, comprising:
-
causing a user interface to receive browser credentials for a user account associated with a browser application for logging in to the browser application executing on a first user device to be presented by the browser application; authenticating, using the first user device, a user of the first user device to the browser application on the first user device using the browser credentials received via the user interface corresponding to a browser account for the user of the first user device; detecting, using the browser application, navigation to a login page of a secure website that requires user credentials for access thereto; detecting a presence of a mobile device proximal to the first user device using a device discovery protocol, wherein a first version of the browser credentials are stored on the mobile device; in response to detecting the presence of the mobile device proximal to the first user device, performing an application layer authentication between the browser application executing on the first user device and a credential manager application executing on the mobile device via a secure channel between the first user device and the mobile device by comparing a second version of the browser credentials generated by the first user device with the first version of the browser credentials stored on the mobile device; in response to authenticating the browser application executing on the first user device to the credential manager application executing on the mobile device, transmitting, to the mobile device via the secure channel, an identification of the secure website; receiving, from the mobile device via the secure channel, user credentials corresponding to the secure website, wherein the user credentials are encrypted using a session key established in association with the application layer authentication; and populating, without user input, the login page of the secure website on the first user device with the received user credentials. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system for accessing a secure website, the system comprising:
a hardware processor that is programmed to; cause a user interface to receive browser credentials for a user account associated with a browser application for logging in to the browser application executing on a first user device to be presented by the browser application; authenticate, using the first user device, a user of the first user device to the browser application on the first user device using the browser credentials received via the user interface corresponding to a browser account for the user of the first user device; detect, using the browser application, navigation to a login page of a secure website that requires user credentials for access thereto; detect a presence of a mobile device proximal to the first user device using a device discovery protocol, wherein a first version of the browser credentials are stored on the mobile device; in response to detecting the presence of the mobile device proximal to the first user device, performing an application layer authentication between the browser application executing on the first user device and a credential manager application executing on the mobile device via a secure channel between the first user device and the mobile device by comparing a second version of the browser credentials generated by the first user device with the first version of the browser credentials stored on the mobile device; in response to authenticating the browser application executing on the first user device to the credential manager application executing on the mobile device, an identification of the secure website; receive, from the mobile device via the secure channel, user credentials corresponding to the secure website, wherein the user credentials are encrypted using a session key established in association with the application layer authentication; and populate, without user input, the login page of the secure website on the first user device with the received user credentials. - View Dependent Claims (8, 9, 10, 11, 12)
-
13. A non-transitory, computer-readable medium containing computer-executable instructions that, when executed by a processor, cause the processor to perform a method for accessing a secure website, comprising:
-
causing a user interface to receive browser credentials for a user account associated with a browser application for logging in to the browser application executing on a first user device to be presented by the browser application; authenticating, using the first user device, a user of the first user device to the browser application on the first user device using the browser credentials received via the user interface corresponding to a browser account for the user of the first user device; detecting, using the browser application, navigation to a login page of a secure website that requires user credentials for access thereto; detecting a presence of a mobile device proximal to the first user device using a device discovery protocol, wherein a first version of the browser credentials are stored on the mobile device; in response to detecting the presence of the mobile device proximal to the first user device, performing an application layer authentication between the browser application executing on the first user device and a credential manager application executing on the mobile device via a secure channel between the first user device and the mobile device by comparing a second version of the browser credentials generated by the first user device with the first version of the browser credentials stored on the mobile device; in response to authenticating the browser application executing on the first user device to the credential manager application executing on the mobile device, transmitting, to the mobile device via the secure channel, an identification of the secure website; receiving, from the mobile device via the secure channel, user credentials corresponding to the secure website, wherein the user credentials are encrypted using a session key established in association with the application layer authentication; and populating, without user input, the login page of the secure website on the first user device with the received user credentials. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification