Systems and methods for credential management between electronic devices
First Claim
1. A method on a first electronic device for enabling a user to access a secure website, the method comprising;
- authenticating, using the first electronic device, a user of the first electronic device to a browser application using browser credentials corresponding to a browser account for the user of the first electronic device;
using the browser application that has been authenticated using the browser credentials corresponding to the browser account to detect navigation to a login page of the secure website, the secure website requiring user credentials for access thereto;
responsive to detecting navigation to the login page of the secure website, detecting a presence of a mobile device proximal to the first electronic device;
responsive to detecting the presence of the mobile device being proximal to the first electronic device, authenticating, by a hardware processor of the first electronic device, the first electronic device to the mobile device, wherein authenticating the first electronic device to the mobile device comprises;
establishing a secure channel between the first electronic device and the mobile device; and
performing an application layer authentication between the browser application executing on the first electronic device and a credential manager application executing on the mobile device by receiving cryptographic data that includes a cryptographic nonce from the mobile device, hashing the browser credentials with the cryptographic data using a hash function to produce a hashed value, and sending the hashed value to the mobile device, wherein the credential manager application authenticates the browser application using the hashed value;
responsive to authenticating the first electronic device to the mobile device, sending, to the mobile device via the secure channel, an identification of the secure website;
responsive to sending the identification of the secure website to the mobile device, receiving via the secure channel, from the credential manager application executing on the mobile device, user credentials based on the identification of the secure website; and
populating, without user input, the login page of the secure website with the received user credentials.
2 Assignments
0 Petitions
Accused Products
Abstract
Embodiments are provided for managing user credentials that enable access to secure websites. According to certain aspects, a browser device connects (230) to a website server that hosts a secure website. The browser device initiates (236) a credential request and enters (238) a discovery routine with a mobile device. After establishing (240) a secure channel with the mobile device, the browser device sends (248) an identification of the secure website to the mobile device, which identifies (250) corresponding user credentials and sends (252) the user credentials to the browser device. The browser device populates (254) a login page with the user credentials and accesses (256) the secure website.
52 Citations
13 Claims
-
1. A method on a first electronic device for enabling a user to access a secure website, the method comprising;
-
authenticating, using the first electronic device, a user of the first electronic device to a browser application using browser credentials corresponding to a browser account for the user of the first electronic device; using the browser application that has been authenticated using the browser credentials corresponding to the browser account to detect navigation to a login page of the secure website, the secure website requiring user credentials for access thereto; responsive to detecting navigation to the login page of the secure website, detecting a presence of a mobile device proximal to the first electronic device; responsive to detecting the presence of the mobile device being proximal to the first electronic device, authenticating, by a hardware processor of the first electronic device, the first electronic device to the mobile device, wherein authenticating the first electronic device to the mobile device comprises; establishing a secure channel between the first electronic device and the mobile device; and performing an application layer authentication between the browser application executing on the first electronic device and a credential manager application executing on the mobile device by receiving cryptographic data that includes a cryptographic nonce from the mobile device, hashing the browser credentials with the cryptographic data using a hash function to produce a hashed value, and sending the hashed value to the mobile device, wherein the credential manager application authenticates the browser application using the hashed value; responsive to authenticating the first electronic device to the mobile device, sending, to the mobile device via the secure channel, an identification of the secure website; responsive to sending the identification of the secure website to the mobile device, receiving via the secure channel, from the credential manager application executing on the mobile device, user credentials based on the identification of the secure website; and populating, without user input, the login page of the secure website with the received user credentials. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method in a first electronic device of providing user credentials for access to a secure website, the method comprising:
-
detecting a presence of a mobile device proximal to the first electronic device. wherein the first electronic device is executing a credential manager application that stores user credentials required for access to a secure website in which a login page of the secure website has been navigated to using a browser application that is executing on the mobile device and wherein the browser application has been authenticated using browser credentials corresponding to a browser account for a user of the mobile device; responsive to detecting the presence of the mobile device being proximal to the first electronic device, authenticating, by a hardware processor of the first electronic device, the first electronic device to the mobile device, wherein authenticating the first electronic device to the mobile device comprises; establishing a secure channel between the first electronic device and the mobile device; and performing an application layer authentication between the browser application executing on the mobile device and the credential manager application executing on the first electronic by transmitting cryptographic data that includes a cryptographic nonce to the mobile device, receiving a hashed value that was produced by hashing the browser credentials with the cryptographic data using a hash function, and using the credential manager application to authenticate the browser application using the hashed value; responsive to authenticating the first electronic device to the mobile device, receiving, from the mobile device via the secure channel, an identification of the secure website; identifying, by the credential manager application of the first electronic device, the user credentials based on the identification of the secure website; and sending the user credentials to the mobile device via the secure channel, wherein the mobile device uses the user credentials with the browser application to access the secure website. - View Dependent Claims (7, 8, 9, 10)
-
-
11. An electronic device for enabling a user to access a secure website, comprising:
-
a memory storing a browser application that has been authenticated using browser credentials corresponding to a browser account and that is configured to detect navigation to a login page of the secure website, the secure website requiring user credentials for access thereto; a transceiver that connects to a mobile device; and a hardware processor configured to interface with the memory and the transceiver, and to perform operations comprising; authenticating, using the electronic device, a user of the electronic device to the browser application using the browser credentials corresponding to the browser account for the user of the electronic device, responsive to the browser application detecting navigation to the login page of the secure website, detecting a presence of the mobile device proximal to the electronic device, responsive to detecting the presence of the mobile device being proximal to the electronic device, authenticating the electronic device to the mobile device, wherein authenticating the electronic device to the mobile device comprises; establishing a secure channel between the electronic device and the mobile device, and performing an application layer authentication between the browser application executing on the electronic device and a credential manager application executing on the mobile device by receiving cryptographic data that includes a cryptographic nonce from the mobile device, hashing the browser credentials with the cryptographic data using a hash function to produce a hashed value, and sending the hashed value to the mobile device, wherein the credential manager application authenticates the browser application using the hashed value, responsive to authenticating the electronic device to the mobile device, causing a communication module to send, to the mobile device via the secure channel, an identification of the secure website, receiving, from the credential manager application executing on the mobile device via the secure channel, user credentials based on the identification of the secure website, and populating, without user input, the login page of the secure website with the received user credentials. - View Dependent Claims (12, 13)
-
Specification