Simplified login for mobile devices

US 9,832,642 B2
Filed: 10/05/2015
Issued: 11/28/2017
Est. Priority Date: 04/25/2008
Status: Active Grant

First Claim

Patent Images

1. A mobile device configured for simplified logins, comprising:

a display to provide a user with a request to enter a first credential and a second credential during a first login;

a user input interface configured to receive a user input including the first credential and the second credential;

a transmitter configured to transmit the first credential and the second credential to a validation server;

a receiver configured to receive encrypted data based on the first credential and the second credential; and

a processor configured to generate, for a second login, a login screen requesting the second credential and not the first credential, based on whether the first credential is to be revalidated,the processor further configured to replace the encrypted data with new encrypted data that is based on a revalidated first credential with a new revalidation date in response to the first credential being revalidated to provide the revalidated first credential.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Aspects of the subject matter described herein relate to a simplified login for mobile devices. In aspects, on a first logon, a mobile device asks a user to enter credentials and a PIN. The credentials and PIN are sent to a server which validates user credentials. If the user credentials are valid, the server encrypts data that includes at least the user credentials and the PIN and sends the encrypted data to the mobile device. In subsequent logons, the user may logon using only the PIN. During login, the mobile device sends the PIN in conjunction with the encrypted data. The server can then decrypt the data and compare the received PIN with the decrypted PIN. If the PINs are equal, the server may grant access to a resource according to the credentials.

12 Citations

20 Claims

1. A mobile device configured for simplified logins, comprising:
- a display to provide a user with a request to enter a first credential and a second credential during a first login;
  
  a user input interface configured to receive a user input including the first credential and the second credential;
  
  a transmitter configured to transmit the first credential and the second credential to a validation server;
  
  a receiver configured to receive encrypted data based on the first credential and the second credential; and
  
  a processor configured to generate, for a second login, a login screen requesting the second credential and not the first credential, based on whether the first credential is to be revalidated,the processor further configured to replace the encrypted data with new encrypted data that is based on a revalidated first credential with a new revalidation date in response to the first credential being revalidated to provide the revalidated first credential.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The mobile device of claim 1, wherein the first credential comprises a username and a password.
  - 3. The mobile device of claim 1, wherein the second credential is a PIN.
  - 4. The mobile device of claim 1, wherein the second credential is longer than the first credential.
  - 5. The mobile device of claim 1, further comprising:
    - a login component configured to send the second credential, unencrypted, and the encrypted data to the validation server to enable the validation server to compare the second credential, unencrypted, and at least a portion of the encrypted data to determine whether to grant the mobile device access to a resource.
  - 6. The mobile device of claim 5, wherein the login component is configured to embed the encrypted data in a parameter of a uniform resource locator that is associated with the resource.
  - 7. The mobile device of claim 1, wherein the encrypted data indicates whether the first credential is to be revalidated.

8. A method implemented at least in part by a computer to provide simplified logins, the method comprising:
- providing, by a display of the computer, a request for a user to enter a first credential and a second credential during a first login;
  
  receiving, by a user input interface of the computer, a user input that includes the first credential and the second credential;
  
  transmitting, by a transmitter of the computer, the first credential and the second credential to a validation server;
  
  receiving, by a receiver of the computer, encrypted data based on the first credential and the second credential;
  
  generating, by a processing unit of the computer, a login screen for a second login, the login screen requesting the second credential and not the first credential, based on whether the first credential is to be revalidated; and
  
  replacing the encrypted data with new encrypted data that is based on a revalidated first credential with a new revalidation date in response to the first credential being revalidated to provide the revalidated first credential.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The method of claim 8, wherein the first credential comprises a username and a password.
  - 10. The method of claim 8, wherein the second credential is a PIN.
  - 11. The method of claim 8, wherein the second credential is longer than the first credential.
  - 12. The method of claim 8, further comprising:
    - sending the second credential, unencrypted, and the encrypted data to the validation server to enable the validation server to compare the second credential, unencrypted, and at least a portion of the encrypted data to determine whether to grant the computer access to a resource.
  - 13. The method of claim 8, further comprising:
    - embedding the encrypted data in a parameter of a uniform resource locator that is associated with a resource.
  - 14. The method of claim 8, wherein the encrypted data indicates whether the first credential is to be revalidated.

15. A computer storage device having computer-executable instructions, which when executed perform actions, comprising:
- provide a request for a user to enter a first credential and a second credential during a first login;
  
  transmit the first credential and the second credential to a validation server in response to receipt of a user input that includes the first credential and the second credential;
  
  receive encrypted data based on the first credential and the second credential;
  
  generate a login screen for a second login, the login screen requesting the second credential and not the first credential, based on whether the first credential is to be revalidated; and
  
  replace the encrypted data with new encrypted data that is based on a revalidated first credential with a new revalidation date in response to the first credential being revalidated to provide the revalidated first credential.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The computer storage device of claim 15, wherein the first credential comprises a username and a password.
  - 17. The computer storage device of claim 15, wherein the second credential is a PIN.
  - 18. The computer storage device of claim 15, wherein the second credential is longer than the first credential.
  - 19. The computer storage device of claim 15, wherein the actions further comprise:
    - send the second credential, unencrypted, and the encrypted data to the validation server to enable the validation server to compare the second credential, unencrypted, and at least a portion of the encrypted data to determine whether to grant a computer access to a resource.
  - 20. The computer storage device of claim 15, wherein the actions further comprise:
    - embed the encrypted data in a parameter of a uniform resource locator that is associated with a resource.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Inventors
Mendelovich, Meir, Neystadt, John, Aoyama, Ken, Nice, Nir, Gurman, Shay Yehuda
Primary Examiner(s)
Pwu, Jeffrey
Assistant Examiner(s)
Ambaye, Samuel

Application Number

US14/874,730
Publication Number

US 20160037343A1
Time in Patent Office

785 Days
Field of Search

713168, 713155, 380259
US Class Current
CPC Class Codes

H04L 63/0428   wherein the data content is...

H04L 63/083   using passwords cryptograph...

H04L 63/10   for controlling access to d...

H04L 9/00   Cryptographic mechanisms or...

H04L 9/32   including means for verifyi...

H04L 9/321   involving a third party or ...

H04L 9/3226   using a predetermined code,...

H04W 12/02   Protecting privacy or anony...

H04W 12/033   of the user plane, e.g. use...

H04W 12/068   using credential vaults, e....

H04W 12/069   using certificates or pre-s...

Simplified login for mobile devices

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

12 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Simplified login for mobile devices

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

12 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links