Resetting authentication tokens based on an implicit credential in response to an authentication request missing an authentication token
First Claim
Patent Images
1. An apparatus comprising:
- a processor;
a memory that stores code executable by the processor to;
receive an authentication request from a user, the authentication request usable to authenticate the user, wherein the authentication request requires an authentication token to authorize the user'"'"'s access of a computing resource;
determine whether the authentication token is missing from the authentication request;
authenticate the user via the authentication request and the authentication token, in response to determining that the authentication token is not missing from the authentication request;
request an implicit credential in response to determining that the authentication token is missing from the authentication request, the user submitting the authentication request without any authentication token, the implicit credential being a different type of credential than the authentication token;
receive the implicit credential;
identify a time of day and date when the authentication request was received;
identify a network address of a device that transmitted the authentication request, wherein the network address is one of an IP address and a MAC address;
request an implicit credential in response to the user submitting the authentication request without any authentication token, the implicit credential being a different type of credential than the authentication token;
receive the implicit credential;
determine whether the time of day and date when the authentication request was received matches a predetermined time range in response to determining that the authentication token is missing from the authentication request;
determine whether the network address of the device that transmitted the authentication request matches a predefined network address in response to determining that the authentication token is missing from the authentication request;
determine whether the implicit credential matches a predefined credential in response to determining that the authentication token is missing from the authentication request; and
reset the authentication token in response to the time of day and date when the authentication request was received matching the predetermined time range, the network address of the device matching the predefined network address, and the implicit credential matching the predefined credential.
2 Assignments
0 Petitions
Accused Products
Abstract
For resetting authentication tokens based on implicit credentials, a method is disclosed that includes receiving, by use of a processor, an authentication request, the request requiring an authentication token, the request not including the authentication token, verifying an implicit credential, and resetting the authentication token in response to the implicit credential matching a predefined credential.
7 Citations
20 Claims
-
1. An apparatus comprising:
-
a processor; a memory that stores code executable by the processor to; receive an authentication request from a user, the authentication request usable to authenticate the user, wherein the authentication request requires an authentication token to authorize the user'"'"'s access of a computing resource; determine whether the authentication token is missing from the authentication request; authenticate the user via the authentication request and the authentication token, in response to determining that the authentication token is not missing from the authentication request; request an implicit credential in response to determining that the authentication token is missing from the authentication request, the user submitting the authentication request without any authentication token, the implicit credential being a different type of credential than the authentication token; receive the implicit credential; identify a time of day and date when the authentication request was received; identify a network address of a device that transmitted the authentication request, wherein the network address is one of an IP address and a MAC address; request an implicit credential in response to the user submitting the authentication request without any authentication token, the implicit credential being a different type of credential than the authentication token; receive the implicit credential; determine whether the time of day and date when the authentication request was received matches a predetermined time range in response to determining that the authentication token is missing from the authentication request; determine whether the network address of the device that transmitted the authentication request matches a predefined network address in response to determining that the authentication token is missing from the authentication request; determine whether the implicit credential matches a predefined credential in response to determining that the authentication token is missing from the authentication request; and reset the authentication token in response to the time of day and date when the authentication request was received matching the predetermined time range, the network address of the device matching the predefined network address, and the implicit credential matching the predefined credential. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method comprising:
-
receiving, by use of a processor and at an authenticating device, an authentication request from a user, the authentication request usable to authenticate the user, wherein the authentication request requires an authentication token to authorize the user'"'"'s access of a computing resource; determining, by the authenticating device, whether the authentication token is missing from the authentication request; authenticating the user via the authentication request and the authentication token, in response to determining that the authentication token is not missing from the authentication request; requesting an implicit credential in response to determining that the authentication token is missing from the authentication request, the user submitting the authentication request without any authentication token, the implicit credential being a different type of credential than the authentication token; identifying a time of day and date when the authentication request was received and a network address of a device that transmitted the authentication request, wherein the network address is one of an IP address and a MAC address; requesting an implicit credential in response to the user submitting the authentication request without any authentication token, the implicit credential being a different type of credential than the authentication token; determining, by the authenticating device, whether the time of day and date when the authentication request was received matches a predetermined time range in response to determining that the authentication token is missing from the authentication request; determining, by the authenticating device, whether the network address of the device that transmitted the authentication request matches a predefined network address in response to determining that the authentication token is missing from the authentication request; determining, by the authenticating device, whether the implicit credential matches a predefined credential in response to determining that the authentication token is missing from the authentication request; and resetting, by the authenticating device, the authentication token in response to the time of day and date when the authentication request was received matching the predetermined time range, the network address of the device matching the predefined network address, and the implicit credential matching the predefined credential. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14)
-
-
15. A program product comprising a non-transitory computer readable storage medium that stores code executable by a processor to perform:
-
receiving an authentication request from a user, the authentication request usable to authenticate the user, wherein the authentication request requires an authentication token to authorize the user'"'"'s access of a computing resource; determining whether the authentication token is missing from the authentication request; authenticating the user via the authentication request and the authentication token, in response to determining that the authentication token is not missing from the authentication request; requesting an implicit credential in response to determining that the authentication token is missing from the authentication request, the implicit credential being a different type of credential than the authentication token; identifying a time of day and date when the authentication request was received and a network address of a device that transmitted the authentication request, wherein the network address is one of an IP address and a MAC address; requesting an implicit credential in response to determining that the authentication token is missing from the authentication request, the implicit credential being a different type of credential than the authentication token; determining whether the time of day and date when the authentication request was received matches a predetermined time range in response to determining that the authentication request is missing the authentication token; determining whether the network address of the device that transmitted the authentication request matches a predefined network address in response to determining that the authentication request is missing the authentication token; determining whether the implicit credential matches a predefined credential in response to determining that the authentication request is missing the authentication token; and resetting the authentication token in response to the time of day and date when the authentication request was received matching the predetermined time range, the network address of the device matching the predefined network address, and the implicit credential matching the predefined credential. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification