Systems and methods for automated detection of login sequence for web form-based authentication
First Claim
Patent Images
1. A method for determining a login sequence, the method comprising:
- (a) receiving in memory coupled to a processor of a client device, a model of a web artifact, the model comprising at least one of;
(i) a structure of the web artifact, and (ii) one or more events associated with an element of the structure, the processor of the client device being different from another processor transmitting the web artifact;
(b) identifying by the processor of the client device, a password field in the model, and a form associated with the password field, the form comprising a set of distinct input fields, each distinct input field having a respective type selected from a group consisting of;
(i) an unspecified type, (ii) a text type, and (iii) an email type, one field in the set being the identified password field;
(c) determining by the processor of the client device a total number of distinct input fields in the form, the determined total number identifying a count of the distinct input fields in the form;
(d) ascertaining by the processor of the client device that the determined total number equals a specified total number of distinct input fields provided in user credentials stored in the memory;
(e) identifying by the processor of the client device a submit element in the form;
(f) attempting login at a website corresponding to the web artifact by supplying by the processor of the client device the user credentials stored in the memory to the web artifact.
4 Assignments
0 Petitions
Accused Products
Abstract
A system for automating login can determine if a web artifact, such as a web page, includes a login form, by identifying a password field, a user ID field, and a submit button or another element providing the functionality to submit credentials for authorization. Submission of user credentials may be emulated, and access to password protected areas can be ascertained, e.g., by identifying any element that permits signing out from the password protected area.
-
Citations
20 Claims
-
1. A method for determining a login sequence, the method comprising:
-
(a) receiving in memory coupled to a processor of a client device, a model of a web artifact, the model comprising at least one of;
(i) a structure of the web artifact, and (ii) one or more events associated with an element of the structure, the processor of the client device being different from another processor transmitting the web artifact;(b) identifying by the processor of the client device, a password field in the model, and a form associated with the password field, the form comprising a set of distinct input fields, each distinct input field having a respective type selected from a group consisting of;
(i) an unspecified type, (ii) a text type, and (iii) an email type, one field in the set being the identified password field;(c) determining by the processor of the client device a total number of distinct input fields in the form, the determined total number identifying a count of the distinct input fields in the form; (d) ascertaining by the processor of the client device that the determined total number equals a specified total number of distinct input fields provided in user credentials stored in the memory; (e) identifying by the processor of the client device a submit element in the form; (f) attempting login at a website corresponding to the web artifact by supplying by the processor of the client device the user credentials stored in the memory to the web artifact. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A system for determining a login sequence, comprising:
-
a memory comprising a model of a web artifact transmitted by a server at a website associated with the web artifact, the model comprising at least one of;
(i) a structure of the web artifact, and (ii) one or more events associated with an element of the structure; anda processor different from the server coupled to the memory and configured to; identify a password field in the model, and a form associated with the password field, the form comprising a set of distinct input fields, each distinct input field having a respective type selected from a group consisting of;
(i) an unspecified type, (ii) a text type, and (iii) an email type, one field in the set being the identified password field;determine a total number of distinct input fields in the form;
the determined total number identifying a count of the distinct input fields in the form;ascertain that the determined total number equals a specified total number of distinct input fields provided in user credentials stored in the memory; identify a submit element in the form; and attempt login at the website corresponding to the web artifact by supplying user credentials stored in the memory to the web artifact. - View Dependent Claims (19, 20)
-
Specification