Enterprise password reset
First Claim
Patent Images
1. A computer-executed method for authenticating a user, the method comprising:
- receiving a request from the user for authentication;
extracting, by a server computer, user-behavior information associated with the user from user-specific information stored in an enterprise computer, wherein the extracted user-behavior information includes one or more temporal activities associated with the user, and wherein the user-behavior information is extracted by the server computer so that the user'"'"'s privacy is not compromised by a clerk of an enterprise information help-desk;
generating one or more challenges based on the extracted user-behavior information for the user, wherein generating a respective challenge involves;
selecting a behavior-information item from the extracted user-behavior information;
generating a question so that the selected behavior-information item is the answer to the question, wherein the question is formulated in a way that the question does not reveal the selected behavior-information item; and
formulating the respective challenge using the generated question;
receiving respective responses from the user to the challenges;
comparing the user'"'"'s responses to the behavior-information items used to formulate the corresponding challenges; and
authenticating the user using the challenges without asking the user to input a password.
6 Assignments
0 Petitions
Accused Products
Abstract
One embodiment of the present invention provides a system for automatically authenticating a user. During operation, the system receives a user'"'"'s request for authentication. The system then extracts information associated with the user from user-specific information stored in an enterprise computer. The extracted user information does not explicitly relate to a password. The system further generates one or more challenges based on the extracted user information, and receives the user'"'"'s response to the challenges. Subsequently, the system compares the user'"'"'s response to the extracted user information, and authenticates the user.
118 Citations
24 Claims
-
1. A computer-executed method for authenticating a user, the method comprising:
-
receiving a request from the user for authentication; extracting, by a server computer, user-behavior information associated with the user from user-specific information stored in an enterprise computer, wherein the extracted user-behavior information includes one or more temporal activities associated with the user, and wherein the user-behavior information is extracted by the server computer so that the user'"'"'s privacy is not compromised by a clerk of an enterprise information help-desk; generating one or more challenges based on the extracted user-behavior information for the user, wherein generating a respective challenge involves; selecting a behavior-information item from the extracted user-behavior information; generating a question so that the selected behavior-information item is the answer to the question, wherein the question is formulated in a way that the question does not reveal the selected behavior-information item; and formulating the respective challenge using the generated question; receiving respective responses from the user to the challenges; comparing the user'"'"'s responses to the behavior-information items used to formulate the corresponding challenges; and authenticating the user using the challenges without asking the user to input a password. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A non-transitory computer-readable storage medium storing instructions which when executed by a computer cause the computer to perform a method for authenticating a user, the method comprising:
-
receiving a request from the user for authentication; extracting user-behavior information associated with the user from user-specific information stored in an enterprise computer, wherein the extracted user-behavior information includes one or more temporal activities associated with the user, and wherein the user-behavior information is extracted by a server computer so that the user'"'"'s privacy is not compromised by a clerk of an enterprise information help-desk; generating one or more challenges based on the extracted user-behavior information for the user, wherein generating a respective challenge involves; selecting a behavior-information item from the extracted user-behavior information; generating a question so that the selected behavior-information item is the answer to the question, wherein the question is formulated in a way that the question does not reveal the selected behavior-information item; and formulating the respective challenge using the generated question; receiving respective responses from the user to the challenges; comparing the user'"'"'s responses to the behavior-information items used to formulate the corresponding challenges; and authenticating the user using the challenges without asking the user to input a password. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A computer system for authenticating a user, comprising:
-
a processor; a memory; a receiving mechanism configured to receive a request from the user for authentication; an extracting mechanism configured to extract user-behavior information associated with the user from user-specific information stored in an enterprise computer, wherein the extracted user-behavior information includes one or more temporal activities associated with the user, and wherein the user-behavior information is extracted by the computer system so that the user'"'"'s privacy is not compromised by a clerk of an enterprise information help-desk; a formulating mechanism configured to; select a behavior-information item from the extracted user-behavior information; and generate a question so that the selected behavior-information item is the answer to the question, wherein the question is formulated in a way that the question does not reveal the selected behavior-information item; a generating mechanism configured to generate one or more challenges using the generated questions; a receiving mechanism configured to receive respective responses from the user to the challenges; a comparing mechanism configured to compare the user'"'"'s responses to the behavior-information items used to formulate the corresponding challenges; and an authenticating mechanism configured to authenticate the user using the challenges without asking the user to input a password. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
-
Specification