Algorithm hardening in background context and external from the browser to prevent malicious intervention with the browser

US 11,089,011 B2
Filed: 12/30/2019
Issued: 08/10/2021
Est. Priority Date: 09/25/2015
Status: Active Grant

First Claim

Patent Images

1. A system to manage user credentials, comprising:

one or more hardware processors;

memory including instructions that, when executed, cause one or more hardware processors to;

provide, by a non-rendered application, new credentials to a website to perform credential resetting for the website;

establish, by the non-rendered application, an authenticated session for a user with the website by logging into the website based on the new credentials; and

pass session configuration data corresponding to the established authenticated session from the non-rendered application to a rendering application, the session configuration data to allow the rendering application to continue the established authenticated session to access the website based on the established authenticated session.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed examples to manage user credentials include providing new credentials from a non-rendered application to a website to perform credential resetting for the website; establishing an authenticated session for a user with the website based on the new credentials; and passing session configuration data corresponding to the authenticated session from the non-rendered application to a browser, the session configuration data to allow the browser to continue the authenticated session.

Citations

21 Claims

1. A system to manage user credentials, comprising:
- one or more hardware processors;
  
  memory including instructions that, when executed, cause one or more hardware processors to;
  
  provide, by a non-rendered application, new credentials to a website to perform credential resetting for the website;
  
  establish, by the non-rendered application, an authenticated session for a user with the website by logging into the website based on the new credentials; and
  
  pass session configuration data corresponding to the established authenticated session from the non-rendered application to a rendering application, the session configuration data to allow the rendering application to continue the established authenticated session to access the website based on the established authenticated session.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The system as defined claim 1, wherein the instructions are to further cause the one or more hardware processors to provide the new credentials to the website based on a script detecting a prompt from the website for at least one of a user name or a password, the script executed by the rendering application.
  - 3. The system as defined claim 1, wherein the instructions are to further cause the one or more hardware processors to:
    - obtain encrypted current credentials for the website in response to a request to reset credentials for the website;
      
      decrypt the encrypted current credentials for the website to generate decrypted current credentials; and
      
      provide the decrypted current credentials and the new credentials to the non-rendered application.
  - 4. The system as defined claim 1, wherein the instructions are to further cause the one or more hardware processors to generate the new credentials based on a credential criterion for the web site.
  - 5. The system as defined claim 1, wherein the instructions are to further cause the one or more hardware processors to:
    - encrypt the new credentials to generate encrypted new credentials; and
      
      store the encrypted new credentials in a credentials database.
  - 6. The system as defined claim 1, wherein the session configuration data includes a session cookie to allow the rendering application to continue accessing the website during the authenticated session.
  - 7. The system as defined claim 1, wherein the non-rendered application is a headless browser.

8. A storage device or storage disk comprising instructions to manage user credentials, the instructions, when executed, to cause one or more hardware processors to at least:
- provide, by a non-rendered application, new credentials to a website to perform credential resetting for the website;
  
  establish, by the non-rendered application, an authenticated session for a user with the website by logging into the website based on the new credentials; and
  
  pass session configuration data corresponding to the established authenticated session from the non-rendered application to a rendering application, the session configuration data to allow the rendering application to continue the established authenticated session to access the website based on the established authenticated session.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The storage device or storage disk as defined in claim 8, wherein the instructions are to further cause the one or more hardware processors to provide the new credentials to the website based on a script detecting a prompt from the website for at least one of a user name or a password, the script executed by the rendering application.
  - 10. The storage device or storage disk as defined in claim 8, wherein the instructions are to further cause the one or more hardware processors to:
    - obtain encrypted current credentials for the website in response to a request to reset credentials for the website;
      
      decrypt the encrypted current credentials for the website to generate decrypted current credentials; and
      
      provide the decrypted current credentials and the new credentials to the non-rendered application.
  - 11. The storage device or storage disk as defined in claim 8, wherein the instructions are to further cause the one or more hardware processors to generate the new credentials based on a credential criterion for the website.
  - 12. The storage device or storage disk as defined in claim 8, wherein the instructions are to further cause the one or more hardware processors to:
    - encrypt the new credentials to generate encrypted new credentials; and
      
      store the encrypted new credentials in a credentials database.
  - 13. The storage device or storage disk as defined in claim 8, wherein the session configuration data includes a session cookie to allow the rendering application to continue accessing the website during the authenticated session.
  - 14. The storage device or storage disk as defined in claim 8, wherein the non-rendered application is a headless browser.

15. A method of managing user credentials, comprising:
- decrypting encrypted current credentials for a website to generate decrypted current credentials;
  
  providing the decrypted current credentials and new credentials to a non-rendered application;
  
  providing, by executing an instruction with one or more hardware processors, the new credentials from the non-rendered application to the website to perform credential resetting for the website;
  
  establishing, by executing an instruction with the one or more hardware processors, an authenticated session for a user with the website by logging into the website based on the new credentials; and
  
  passing session configuration data corresponding to the established authenticated session from the non-rendered application to a rendering application by executing an instruction with the one or more hardware processors, the session configuration data to allow the rendering application to continue the established authenticated session to access the website based on the established authenticated session.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The method as defined in claim 15, further including providing the new credentials to the website based on a script detecting a prompt from the website for at least one of a user name or a password, the script executed by the rendering application.
  - 17. The method as defined in claim 15, further including obtaining the encrypted current credentials for the website in response to a request to reset credentials for the website.
  - 18. The method as defined in claim 15, further including generating the new credentials based on a credential criterion for the website.
  - 19. The method as defined in claim 15, further including:
    - encrypting the new credentials to generate encrypted new credentials; and
      
      storing the encrypted new credentials in a credentials database.
  - 20. The method as defined in claim 15, wherein the session configuration data includes a session cookie to allow the rendering application to continue accessing the website during the authenticated session.
  - 21. The method as defined in claim 15, wherein the non-rendered application is a headless browser.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
McAfee, LLC
Original Assignee
McAfee, LLC
Inventors
Whiteside, Greg, Beaulieu, Olivier, Rene, Mathieu
Primary Examiner(s)
Chai, Longbit

Application Number

US16/730,573
Publication Number

US 20200137039A1
Time in Patent Office

589 Days
Field of Search

713168
US Class Current
CPC Class Codes

G06F 16/957   Browsing optimisation, e.g....

H04L 63/06   for supporting key manageme...

H04L 63/083   using passwords cryptograph...

H04L 63/1466   Active attacks involving in...

H04L 67/02   based on web technology, e....

H04L 67/146   Markers for unambiguous ide...

H04L 9/0822   using key encryption key

H04L 9/0894   Escrow, recovery or storing...

H04L 9/32   including means for verifyi...

Algorithm hardening in background context and external from the browser to prevent malicious intervention with the browser

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Algorithm hardening in background context and external from the browser to prevent malicious intervention with the browser

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links