Password theft protection for controlling access to computer software
First Claim
Patent Images
1. A method for accessing a password-secured computer software application, the method comprising:
- acquiring an input password;
generating at a first computer an output password from the input password using password generation data, wherein the output password differs from the input password, andproviding the output password accompanied by a user identifier that is associated with the output password to a second computer as part of a request to access a password-secured computer software application using the output password when accompanied by the user identifier,wherein the password-secured computer software application is accessible using the output password when accompanied by the user identifier,wherein the password-secured computer software application is inaccessible using the input password when accompanied by the user identifier,wherein the acquiring comprises acquiring wherein the input password is input into a web page of the password-secured computer software application,wherein the generating comprises generating the output password by using the password generation data in combination with data associated with the web page of the password-secured computer software application, andwherein the generating comprises generating wherein the data associated with the web page includes any of a portion of a network address associated with the web page, and a certificate signature public key associated with the web page.
1 Assignment
0 Petitions
Accused Products
Abstract
Accessing a password-secured computer software application by acquiring an input password, generating at a first computer an output password from the input password using password generation data, where the output password differs from the input password, and providing the output password to a second computer as part of a request to access a password-secured computer software application using the output password, where the password-secured computer software application is accessible using the output password, and where the password-secured computer software application is inaccessible using the input password.
18 Citations
11 Claims
-
1. A method for accessing a password-secured computer software application, the method comprising:
-
acquiring an input password; generating at a first computer an output password from the input password using password generation data, wherein the output password differs from the input password, and providing the output password accompanied by a user identifier that is associated with the output password to a second computer as part of a request to access a password-secured computer software application using the output password when accompanied by the user identifier, wherein the password-secured computer software application is accessible using the output password when accompanied by the user identifier, wherein the password-secured computer software application is inaccessible using the input password when accompanied by the user identifier, wherein the acquiring comprises acquiring wherein the input password is input into a web page of the password-secured computer software application, wherein the generating comprises generating the output password by using the password generation data in combination with data associated with the web page of the password-secured computer software application, and wherein the generating comprises generating wherein the data associated with the web page includes any of a portion of a network address associated with the web page, and a certificate signature public key associated with the web page. - View Dependent Claims (2, 3, 4)
-
-
5. A system for accessing a password-secured computer software application, the system comprising:
-
a password acquirer configured to acquire an input password; and a password generator configured to generate at a first computer an output password from the input password using password generation data, wherein the output password differs from the input password, and provide the output password accompanied by a user identifier that is associated with the output password to a second computer as part of a request to access a password-secured computer software application using the output password when accompanied by the user identifier, wherein the password-secured computer software application is accessible using the output password when accompanied by the user identifier, wherein the password-secured computer software application is inaccessible using the input password when accompanied by the user identifier, wherein the input password is input into a web page of the password-secured computer software application, wherein the password generator is configured to generate the output password by using the password generation data in combination with data associated with the web page of the password-secured computer software application, and wherein the data associated with the web page includes any of a portion of a network address associated with the web page, and a certificate signature public key associated with the web page. - View Dependent Claims (6, 7, 8)
-
-
9. A computer program product for accessing a password-secured computer software application, the computer program product comprising:
-
a non-transitory, computer-readable storage medium; and computer-readable program code embodied in the storage medium, wherein the computer-readable program code is configured to acquire an input password, generate at a first computer an output password from the input password using password generation data, wherein the output password differs from the input password, and provide the output password accompanied by a user identifier that is associated with the output password to a second computer as part of a request to access a password-secured computer software application using the output password when accompanied by the user identifier, wherein the password-secured computer software application is accessible using the output password when accompanied by the user identifier, wherein the password-secured computer software application is inaccessible using the input password when accompanied by the user identifier, wherein the input password is input into a web page of the password-secured computer software application, wherein the computer-readable program code is configured to generate the output password by using the password generation data in combination with data associated with the web page of the password-secured computer software application, and wherein the data associated with the web page includes any of a portion of a network address associated with the web page, and a certificate signature public key associated with the web page. - View Dependent Claims (10, 11)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeInternational Business Machines Corporation
-
Original AssigneeInternational Business Machines Corporation
-
InventorsFarkash, Ariel, Jarrous, Ayman, Moffie, Micha
-
Primary Examiner(s)Siddiqi, Mohammad A
-
Application NumberUS14/945,447Publication NumberTime in Patent Office922 DaysField of SearchUS Class CurrentCPC Class CodesG06F 21/31 User authenticationG06F 21/6218 to a system of files or obj...H04L 63/083 using passwords cryptograph...H04L 9/0863 involving passwords or one-...H04L 9/30 Public key, i.e. encryption...H04L 9/3226 using a predetermined code,...H04L 9/3263 involving certificates, e.g...
