Cloud-based active password manager

US 9,824,208 B2
Filed: 07/06/2015
Issued: 11/21/2017
Est. Priority Date: 07/06/2015
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method comprising:

receiving, by a password manager server, an access credential for a website from a host computer, the access credential comprising a password for logging into the website by a user;

synchronizing cryptographic key information, by the password manager server, between a client device and the password manager server, wherein the client device comprises non-transitory machine-readable storage media storing a unique seed value; and

at a predetermined time frequency, generating, by the password manager server, a new password replacing the password of the access credential for logging into the website by the user based on at least the unique seed value stored on the client device and a time-date stamp stored on the password manager server comprising time and date of when the password that is being replaced was generated, wherein the new password generated by the password manager server is different from each previous password for the website based on use of the time and date of previous password as an input for generating the new password, wherein the password manager server is configured to generate the new password for logging into the website each time the user generates a request to log into the website, and wherein the generated new password is never stored in a database associated with the password manager server for further use by the user.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and systems for periodically generating and managing passwords for one or more websites of users are disclosed. The users are provided with the ability to automatically replace their old passwords with new passwords for their one or more website accounts. The users can set a pre-determined frequency at which their passwords are to be updated and replaced with new passwords. The users can further define additional one or more rules based on which their passwords are updated. The methods and systems are further configured to auto log into user'"'"'s website accounts with the updated passwords.

Citations

20 Claims

1. A computer-implemented method comprising:
- receiving, by a password manager server, an access credential for a website from a host computer, the access credential comprising a password for logging into the website by a user;
  
  synchronizing cryptographic key information, by the password manager server, between a client device and the password manager server, wherein the client device comprises non-transitory machine-readable storage media storing a unique seed value; and
  
  at a predetermined time frequency, generating, by the password manager server, a new password replacing the password of the access credential for logging into the website by the user based on at least the unique seed value stored on the client device and a time-date stamp stored on the password manager server comprising time and date of when the password that is being replaced was generated, wherein the new password generated by the password manager server is different from each previous password for the website based on use of the time and date of previous password as an input for generating the new password, wherein the password manager server is configured to generate the new password for logging into the website each time the user generates a request to log into the website, and wherein the generated new password is never stored in a database associated with the password manager server for further use by the user.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The computer-implemented method of claim 1, further comprising generating, by the password manager server, a password manager account in a record of a password manager account database.
  - 3. The computer-implemented method of claim 1, further comprising receiving, by the password manager server, from the client device a set of random numbers, wherein the new password for the website is generated based on at least the unique seed value, the set of random numbers, and the time-date stamp.
  - 4. The computer-implemented method of claim 1, further comprising generating, by the password manager server, an activation identification (ID) for the client device upon receiving the access credential, wherein the password manager server determines whether the client device contains the activation ID before synchronizing the cryptographic key information.
  - 5. The computer-implemented method of claim 1, further comprising generating, by the password manager server, the time-date stamp, upon generating the new password.
  - 6. The computer-implemented method of claim 1, wherein the new password for the website is never stored on non-transitory machine-readable storage media.
  - 7. The computer-implemented method of claim 1, further comprising regenerating, by the password manager server, the new password required to log into the website upon receiving a request from the host computer to access the website.
  - 8. The computer-implemented method of claim 1, further comprising receiving, by the password manager server, from the host computer a set of password rules defining parameters for generating the new password.

9. A computer-implemented method comprising:
- receiving, by a password manager server, an access credential for a website from a host computer, the access credential comprising a password for logging into the website by a user;
  
  synchronizing cryptographic key information, by the password manager server, between a client device and the password manager server, wherein the client device comprises non-transitory machine-readable storage media storing a unique seed value; and
  
  at a predetermined time frequency, receiving, by the password manager server from the client device, a new password for logging into the website by the user that updates the password of the access credential stored in the password manager server, the new password is generated based on at least the unique seed value stored on the client device and a time-date stamp stored on the password manager server comprising time and date of when the password that is being updated was generated, wherein the new password generated by the password manager server is different from each previous password for the website based on use of the time and date of previous password as an input for generating the new password, and wherein the password manager server is configured to generate the new password for logging into the website each time the user generates a request to log into the website, and to never store the new password in a database associated with the password manager server for further use by the user.
- View Dependent Claims (10, 11, 12)
- - 10. The computer-implemented method of claim 9, wherein the access credential further comprises a website uniform resource locater (URL) and a login identifier (login ID).
  - 11. The computer-implemented method of claim 9, wherein the client device is a universal service bus (USB) device comprising a processor and non-transitory machine-readable storage media.
  - 12. The computer-implemented method of claim 9, wherein the at least one client device is a software application installed on a client computing device.

13. A system comprising:
- a host computer configured to transmit an access credential for a website to a password manager server over a communication network, the access credential comprising a password for logging into the website by a user;
  
  a client device comprising non-transitory machine-readable storage media storing a unique seed value; and
  
  the password manager server configured to;
  
  synchronize cryptographic key information between the client device and the password manager server, and at a predetermined time frequency generate a new password for logging into the website by the user replacing the password of the access credential, the new password generated based on at least the unique seed value stored on the client device and a time-elate stamp stored on the password manager server comprising time and date of when the password that is being replaced was generated wherein the new password is different from each previous password for the web site based on use of the time and date of previous password as an input for generating the new password, wherein the password manager server is further configured to generate the new password for logging into the website each time the user generates a request to log into the website, and wherein the generated new password is never stored in a database associated with the password manager server for further use by the user.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
- - 14. The system of claim 13, wherein the client device generates a set of random numbers when the new password for the website has to be generated, and wherein the new password for the website is generated based on at least the unique seed value of the client device, the set of random numbers, and the time-date stamp.
  - 15. The system of claim 13, further comprising a plurality of client devices, wherein each of the plurality of client devices is configured to, at the predetermined time frequency, transmit to the password manager server the unique seed value.
  - 16. The system of claim 15, wherein each of the plurality of the client devices can be customized for logging into and updating passwords of one or more websites to allow one of the plurality of client devices access to log into and change passwords of selected number of the one or more websites while the remaining number of the plurality of client devices are provided access to all of the one or more websites.
  - 17. The system of claim 13, wherein the credential of the website is stored in the client device, and wherein an encrypted version of the credential is stored in the password manager server.
  - 18. The system of claim 13, wherein the client device is password-protected.
  - 19. The system of claim 13, wherein the access credential further comprises a website uniform resource locater (URL) and a login identifier (login ID).
  - 20. The system of claim 13, wherein the client device is a universal service bus (USB) device comprising a processor and non-transitory machine-readable storage media.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Unisys Corporation
Original Assignee
Unisys Corporation
Inventors
Cavanagh, Edward T, DiDomenico, Michael J, Burchett, Brittney
Primary Examiner(s)
SCHMIDT, KARI L

Application Number

US14/791,595
Publication Number

US 20170011214A1
Time in Patent Office

869 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/31   User authentication

G06F 21/45   Structures or tools for the...

G06F 21/46   by designing passwords or c...

H04L 63/06   for supporting key manageme...

H04L 63/083   using passwords cryptograph...

H04L 63/0838   using one-time-passwords

H04L 63/0846   using time-dependent-passwo...

Cloud-based active password manager

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Cloud-based active password manager

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links