PASSWORD CONSTRAINT ENFORCEMENT USED IN EXTERNAL SITE AUTHENTICATION
0 Assignments
0 Petitions
Accused Products
Abstract
Techniques for password constraint enforcement used in external site authentication are disclosed. In some embodiments, password constraint enforcement used in external site authentication includes monitoring encrypted network communications between a client and an external site (e.g., a remote server), in which the encrypted network communications are encrypted using a first protocol (e.g., Secure Sockets Layer (SSL) protocol, HTTPS protocol, or another protocol for encrypted network communications); and determining if the client sends a request to create user credentials for an external site authentication. In some embodiments, password constraint enforcement used in external site authentication further includes performing password constraint enforcement used in the external site authentication.
11 Citations
21 Claims
-
1. (canceled)
-
2. A system, comprising:
-
a processor configured to; monitor encrypted network communications between a client and an external site; process the encrypted network communications between the client and the external site to decrypt the encrypted network communications between the client and the external site and to detect a request from the client to create user credentials for user authentication on the external site; and determine whether the request from the client to create user credentials for user authentication on the external site does violates a policy for password constraint enforcement for user authentication on external sites, wherein the policy includes password complexity constraints for internal users of an enterprise network, password complexity constraints for internal users creating authentication credentials on external sites, a rule not to use identical passwords on a plurality of external sites, a rule not to use a user'"'"'s enterprise password on external sites, or any combination thereof; and a memory coupled to the processor and configured to provide the processor with instructions. - View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A method, comprising:
-
monitoring encrypted network communications between a client and an external site; processing the encrypted network communications between the client and the external site to decrypt the encrypted network communications between the client and the external site and to detect a request from the client to create user credentials for user authentication on the external site; and determining whether the request from the client to create user credentials for user authentication on the external site does violates a policy for password constraint enforcement for user authentication on external sites, wherein the policy includes password complexity constraints for internal users of an enterprise network, password complexity constraints for internal users creating authentication credentials on external sites, a rule not to use identical passwords on a plurality of external sites, a rule not to use a user'"'"'s enterprise password on external sites, or any combination thereof. - View Dependent Claims (19)
-
-
20. A computer program product, the computer program product being embodied in a tangible computer readable storage medium and comprising computer instructions for:
-
monitoring encrypted network communications between a client and an external site; processing the encrypted network communications between the client and the external site to decrypt the encrypted network communications between the client and the external site and to detect a request from the client to create user credentials for user authentication on the external site; and determining whether the request from the client to create user credentials for user authentication on the external site violates a policy for password constraint enforcement for user authentication on external sites, wherein the policy includes password complexity constraints for internal users of an enterprise network, password complexity constraints for internal users creating authentication credentials on external sites, a rule not to use identical passwords on a plurality of external sites, a rule not to use a user'"'"'s enterprise password on external sites, or any combination thereof. - View Dependent Claims (21)
-
Specification