Anti-spoofing password protection
First Claim
1. A method implemented in a computing device of obtaining a password from a user, said method comprising:
- storing authentication indicia recognized by said user in said computing device; and
prompting a user to enter said password by displaying a password entry screen containing said authentication indicia.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method to prevent the inadvertent disclosure of a password. A valid password input request results in a password entry screen being displayed to a user that includes authentication indicia known to the user. Failure to see the authentication indicia causes the user to know that the request is a spoof. The invention may further include a method and system of limiting the applications that operate after a password input request is received. Only the applications necessary for inputting the password operate, as the other applications are set as inoperable until the password has been input. This prevents a remote source from obtaining the password through fraudulent means such as a screen capture or trojan horse program.
88 Citations
19 Claims
-
1. A method implemented in a computing device of obtaining a password from a user, said method comprising:
-
storing authentication indicia recognized by said user in said computing device; and
prompting a user to enter said password by displaying a password entry screen containing said authentication indicia. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method implemented by a security module in a computing device of obtaining a password from a user, said method comprising:
-
prompting a user to enter said password by displaying a password entry screen;
halting programs not needed by said security module while said password entry screen is displayed;
obtaining said password from said user;
removing said password entry screen from said display; and
restarting halted programs after said password entry screen is removed from said display. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A device for inputting a confidential password comprising:
-
a secure processor executing a password program to obtain a password from a user;
memory operatively connected to said secure processor storing authentication indicia recognized by a user of said device;
a display operatively connected to said secure processor to display a password entry screen containing said authentication indicia. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
-
-
19. A device for a performing secure transactions, said device comprising:
-
memory storing authentication indicia recognized by a user of said device;
a secure processor programmed to;
prompt said user to enter a password by displaying a password entry screen containing said authentication indicia; and
perform said secure transaction following entry of said password by said user.
-
Specification