Credential vault encryption
First Claim
Patent Images
1. A method comprising:
- receiving a primary password to a reverse proxy system from a user;
encrypting a plurality of secondary passwords with the primary password, each secondary password comprising a password to a separate remote web application accessed by the user through the reverse proxy;
storing the encrypted secondary passwords in a credential vault;
decrypting an encrypted secondary password from the credential vault using the primary password; and
responsive to a request for the user to access one of the remote web applications, providing the secondary password for the remote web application to the remote web application.
2 Assignments
0 Petitions
Accused Products
Abstract
A number of secondary passwords can be encrypted with a primary password and stored in a credential vault. An encrypted secondary password from the credential vault can be decrypted using the primary password and provided the secondary password to an application. Encrypted secondary passwords can be updated when the primary password changes.
108 Citations
36 Claims
-
1. A method comprising:
-
receiving a primary password to a reverse proxy system from a user; encrypting a plurality of secondary passwords with the primary password, each secondary password comprising a password to a separate remote web application accessed by the user through the reverse proxy; storing the encrypted secondary passwords in a credential vault; decrypting an encrypted secondary password from the credential vault using the primary password; and responsive to a request for the user to access one of the remote web applications, providing the secondary password for the remote web application to the remote web application. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory computer readable medium including code to:
-
receive a primary password to a reverse proxy system from a user; encrypt a plurality of secondary passwords with the primary password, each secondary password comprising a password to a separate remote web application accessed by the user through the reverse proxy; store the encrypted secondary passwords in a credential vault; decrypt an encrypted secondary password from the credential vault using the primary password; and responsive to a request for the user to access one of the remote web applications, provide the secondary password for the remote web application to the remote web application. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A method comprising:
-
encrypting a number of secondary passwords with a first primary password; encrypting a fixed string with the first primary password; storing the secondary passwords and the encrypted fixed string in a credential vault; receiving a password for a user; decrypting the encrypted fixed string with the received password; and upon determining that the decrypted fixed string does not match the fixed string; prompting the user to input both the first primary password and a second primary password, decrypting the secondary passwords with the first primary password, and re-encrypting the secondary passwords with the second primary password. - View Dependent Claims (16, 17, 18, 19)
-
-
20. A system comprising:
-
a reverse proxy server configured to receive a primary password to the reverse proxy system from a user; and a credential vault in communication with the reverse proxy server, the credential vault configured to; encrypt a plurality of secondary passwords with the primary password, each secondary password comprising a password to a separate remote web application accessed by the user through the reverse proxy; store the encrypted secondary passwords in a credential vault; decrypt an encrypted secondary password from the credential vault using the primary password; and responsive to a request for the user to access one of the remote web applications, provide the secondary password for the remote web application to the remote web application. - View Dependent Claims (21, 22, 23, 24, 25, 26)
-
-
27. A non-transitory computer readable medium including code to:
-
encrypt a number of secondary passwords with a first primary password; encrypt a fixed string with the first primary password; store the secondary passwords and the encrypted fixed string in a credential vault; receive a password for a user; decrypt the encrypted fixed string with the received password; and upon determining that the decrypted fixed string does not match the fixed string; prompt the user to input both the first primary password and a second primary password, decrypting the secondary passwords with the first primary password, and re-encrypting the secondary passwords with the second primary password. - View Dependent Claims (28, 29, 30, 31)
-
-
32. A system comprising:
-
an interface configured to receive a password from a user; and a credential vault in communication with the interface, the credential vault configured to; encrypt a number of secondary passwords with a first primary password; encrypt a fixed string with the first primary password; store the secondary passwords and the encrypted fixed string in the credential vault; decrypt the encrypted fixed string with the received password; and upon determining that the decrypted fixed string does not match the fixed string; prompt the user to input both the first primary password and a second primary password, decrypt the secondary passwords with the first primary password, and re-encrypt the secondary passwords with the second primary password. - View Dependent Claims (33, 34, 35, 36)
-
Specification