Anti-spoofing password protection

US 20020066039A1
Filed: 11/30/2000
Published: 05/30/2002
Est. Priority Date: 11/30/2000
Status: Abandoned Application

First Claim

Patent Images

1. A method implemented in a computing device of obtaining a password from a user, said method comprising:

storing authentication indicia recognized by said user in said computing device; and

prompting a user to enter said password by displaying a password entry screen containing said authentication indicia.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method to prevent the inadvertent disclosure of a password. A valid password input request results in a password entry screen being displayed to a user that includes authentication indicia known to the user. Failure to see the authentication indicia causes the user to know that the request is a spoof. The invention may further include a method and system of limiting the applications that operate after a password input request is received. Only the applications necessary for inputting the password operate, as the other applications are set as inoperable until the password has been input. This prevents a remote source from obtaining the password through fraudulent means such as a screen capture or trojan horse program.

88 Citations

View as Search Results

19 Claims

1. A method implemented in a computing device of obtaining a password from a user, said method comprising:
- storing authentication indicia recognized by said user in said computing device; and
  
  prompting a user to enter said password by displaying a password entry screen containing said authentication indicia.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1 wherein storing authentication indicia recognized by said user in said computing device comprises storing said authentication indicia in a security module.
  - 3. The method of claim 1 wherein displaying said password entry screen containing said authentication indicia comprises displaying said authentication indicia for a limited time.
  - 4. The method of claim 1 further comprising obtaining said authentication indicia from said user.
  - 5. The method of claim 1 further comprising halting programs running on said computing device not necessary for inputting said password while said password entry screen is displayed.

6. A method implemented by a security module in a computing device of obtaining a password from a user, said method comprising:
- prompting a user to enter said password by displaying a password entry screen;
  
  halting programs not needed by said security module while said password entry screen is displayed;
  
  obtaining said password from said user;
  
  removing said password entry screen from said display; and
  
  restarting halted programs after said password entry screen is removed from said display.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The method of claim 6 wherein halting programs not needed by said security module while said password entry screen is displayed comprises inhibiting an operating system in said computing device from responding to interrupts not associated with said security module.
  - 8. The method of claim 6 wherein halting programs not needed by said security module while said password entry screen is displayed comprises inhibiting context-switching by an operating system in said computing device to programs not needed by said security module.
  - 9. The method of claim 6 wherein halting programs not needed by said security module while said password entry screen is displayed comprises:
    - storing a status table in random access memory used by an operating system in said computing device, each entry in said status table relating to a currently executing program and containing a status indication associated with said currently executing program;
      
      saving current settings of said status table; and
      
      changing said current settings so as to inhibit execution by said operating system of said programs not needed by said security module.
  - 10. The method of claim 6 wherein halting programs not needed by said security module while said password entry screen is displayed comprises:
    - storing an alternate status table in random access memory used by an operating system in said computing device, each entry in said alternate status table relating to a program needed by said security module;
      
      instructing said operating system to use said alternate status table while said password entry screen is displayed.

11. A device for inputting a confidential password comprising:
- a secure processor executing a password program to obtain a password from a user;
  
  memory operatively connected to said secure processor storing authentication indicia recognized by a user of said device;
  
  a display operatively connected to said secure processor to display a password entry screen containing said authentication indicia.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
- - 12. The device of claim 11 further comprising a smart card containing said secure processor and said memory.
  - 13. The device of claim 11 further comprising a security lock program executed by said secure processor to inhibit execution of programs not needed by said secure processor to obtain said password from said user.
  - 14. The device of claim 13 wherein said security lock program inhibits an operating system from responding to interrupts not associated with said secure processor while said password entry screen is displayed.
  - 15. The device of claim 13 wherein said security lock program inhibits an operating system from context-switching while said password entry screen is displayed.
  - 16. The device of claim 13 wherein said security lock program inhibits execution of programs not needed by said secure processor to obtain said password from said user.
  - 17. The device of claim 16 wherein said security lock program inhibits execution of programs not needed by said secure processor to obtain said password from said user by changing settings in a status table used by an operating system while said password entry screen is displayed.
  - 18. The device of claim 16 wherein said security lock program inhibits execution of programs not needed by said secure processor to obtain said password from said user by causing an operating system to use an alternate status table while said password entry screen is displayed.

19. A device for a performing secure transactions, said device comprising:
- memory storing authentication indicia recognized by a user of said device;
  
  a secure processor programmed to;
  
  prompt said user to enter a password by displaying a password entry screen containing said authentication indicia; and
  
  perform said secure transaction following entry of said password by said user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Ericsson, Inc. (Telefonaktiebolaget LM Ericsson)
Original Assignee
Ericsson, Inc. (Telefonaktiebolaget LM Ericsson)
Inventors
Dent, Paul W.

Application Number

US09/727,062
Publication Number

US 20020066039A1
Time in Patent Office

Days
Field of Search
US Class Current

713/202
CPC Class Codes

G06F 21/31 User authentication

Anti-spoofing password protection

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

88 Citations

19 Claims

Specification

Use Cases

Quick Links

Others

Anti-spoofing password protection

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

88 Citations

19 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others