Distributed passcode verification system
First Claim
Patent Images
1. A computer-implemented method, comprising:
- receiving passcode information comprising, for each passcode of a plurality of passcodes, a value derived based at least in part on the passcode and usable, with a secret, to verify purported passcodes, the secret maintained in a hardware device;
receiving a purported passcode;
causing the hardware device to provide a reference value calculated based at least in part on the purported passcode and the secret;
determining, based at least in part on whether the reference value matches a corresponding value of the passcode information, whether the purported passcode is valid;
enabling access to computing functionality as a result of determining that the purported passcode is valid; and
as a result of a limit on a number of passcode verifications having been exceeded, causing the hardware device to be unable to use the secret to at least verify passcodes, the hardware device being unilaterally unable to restore an ability to use the secret to at least verify passcodes.
1 Assignment
0 Petitions
Accused Products
Abstract
A distributed passcode verification system includes devices that each have a secret and that are each able to perform a limited number of verifications using their secrets. Passcode verifiers receive passcode information from a passcode information manager. The passcode information provides information usable, with a secret, to verify passcodes provided to a verifier.
219 Citations
22 Claims
-
1. A computer-implemented method, comprising:
-
receiving passcode information comprising, for each passcode of a plurality of passcodes, a value derived based at least in part on the passcode and usable, with a secret, to verify purported passcodes, the secret maintained in a hardware device; receiving a purported passcode; causing the hardware device to provide a reference value calculated based at least in part on the purported passcode and the secret; determining, based at least in part on whether the reference value matches a corresponding value of the passcode information, whether the purported passcode is valid; enabling access to computing functionality as a result of determining that the purported passcode is valid; and as a result of a limit on a number of passcode verifications having been exceeded, causing the hardware device to be unable to use the secret to at least verify passcodes, the hardware device being unilaterally unable to restore an ability to use the secret to at least verify passcodes. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system, comprising a plurality of computing devices that implement at least:
-
one or more passcode verifiers, each passcode verifier of the one or more passcode verifiers having a hardware device that maintains a secret so as to be unobtainable outside of the hardware device, the passcode verifier further having functionality to; receive, from a passcode information manager, passcode information required to perform passcode verifications; and use the hardware device to verify passcodes based at least in part on the secret and in accordance with a limit on a number of passcode verifications performable using the secret, the hardware device being unable to unilaterally restore an ability to use the secret to at least verify passcodes. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A non-transitory computer-readable storage medium having collectively stored thereon executable instructions that, as a result of execution by one or more processors of a computer system, cause the computer system to:
-
receive a purported passcode; and as a result of receiving the purported passcode; cause to be calculated, based at least in part on the purported passcode and a secret of the computer system, a reference value to result in a calculated reference value; determine, based at least in part on the calculated reference value and passcode verification information received from another computer system, whether the purported passcode is valid; enable access to a resource in response to determining the purported passcode is valid; and perform an operation that contributes to depletion of a limited number of passcode verifications performable by the computer system, the computer system being unable to unilaterally restore the limited number of passcode verifications. - View Dependent Claims (17, 18, 19, 20, 21, 22)
-
Specification