MULTIFACTOR USERNAME BASED AUTHENTICATION
First Claim
Patent Images
1. A computer-implemented method comprising:
- receiving, at a server, a message including a username, a hashed value;
retrieving the hashed password associated with the username;
calculating an expected time-dependent value associated with the username;
calculating an expected hashed value based on the username, a retrieved hashed password, and an expected time-dependent value; and
determining if the expected hashed value matches the hashed value from the message.
1 Assignment
0 Petitions
Accused Products
Abstract
A hashed value is computed from an encrypted password value and a displayed code value from a hardware token at a client. The encrypted password value is based on a username, a context identifier, and a password. The client provides the username and the hashed value to a server. The encrypted password value associated with the username is retrieved at the server. An expected hashed value is computed at the server. The client is validated based on a comparison of the hashed value and the expected hashed value.
280 Citations
20 Claims
-
1. A computer-implemented method comprising:
-
receiving, at a server, a message including a username, a hashed value; retrieving the hashed password associated with the username; calculating an expected time-dependent value associated with the username; calculating an expected hashed value based on the username, a retrieved hashed password, and an expected time-dependent value; and determining if the expected hashed value matches the hashed value from the message.
-
-
3. A computer-implemented method comprising:
-
computing, at a client, a hashed password value from a password, a username, a security context identifier; computing a hashed value from a time-dependent value associated with the username and the hashed password; and transmitting a message including the username, the hashed value, the client session random, and the MAC. - View Dependent Claims (4, 5, 6, 7)
-
-
8. A computer-accessible storage medium including data that, when accessed by a computer, cause the computer system to perform a method comprising:
-
receiving, at a server, a message including a username, and a hashed value; retrieving the hashed password associated with the username; calculating an expected time-dependent value associated with the username; calculating an expected hashed value based on the username, a retrieved hashed password, and an expected time-dependent value; and determining if the expected hashed value matches the hashed value from the message. - View Dependent Claims (9)
-
-
10. A computer-accessible storage medium including data that, when accessed by a computer, cause the computer system to perform a method comprising:
-
computing, at a client, a hashed password value from a password, a username, and a security context identifier; computing a hashed value from a time-dependent value associated with the username and the hashed password; and transmitting a message including the username, the hashed value, the client session random, and the MAC. - View Dependent Claims (11, 12, 13, 14)
-
-
15. A client comprising:
-
an encrypted password value generator configured to generate an encrypted password value based on a username, a security context identifier; and a hashed value generator coupled to the encrypted password value generator, the hashed value generator configured to compute a hashed value from a time-dependent value associated with the username and the hashed password, and to transmit a message including the username, and the hashed value. - View Dependent Claims (2, 16, 17, 18, 19, 20)
-
Specification