Methods and systems of authenticating a password

US 9,660,980 B1
Filed: 04/21/2014
Issued: 05/23/2017
Est. Priority Date: 04/21/2014
Status: Active Grant

First Claim

Patent Images

1. A method of authenticating a password for a user account, the method comprising:

prompting, by a computing device, a user for one or more first credentials associated with the user account, wherein the user account is associated with a user password for the user account;

receiving, by the computing device from the a client computing device, a first password;

determining whether the first password was provided as part of a malicious activity; and

in response to determining that the first password was provided as part of a malicious activity;

prompting, by the computing device, the user for one or more second credentials associated with the user account that are different than the one or more first credentials,receiving, by the computing device from the client computing device, a second password that is different than the first password,determining, by the computing device, whether the second password satisfies each authentication rule associated with the user password, andin response to determining that the second password satisfies each authentication rule;

determining whether the second password satisfies an action rule associated with the user password, andin response to determining that the second password satisfies the action rule, performing an action associated with the action rule.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of creating a password for a user account may include receiving, by a computing device, one or more authentication rules that each correspond to a password. Each authentication rule may describe a feature a password is to possess. The method may include receiving, by the computing device, a content and a corresponding action rule for the password, where the action rule specifies an action that is be performed if the password includes the received content, associating the authentication rules, the content, and the action rule with one or more credentials of the user for the user account, and storing the password type, the authentication rules, the content, and the action rule in a database.

13 Citations

View as Search Results

9 Claims

1. A method of authenticating a password for a user account, the method comprising:
- prompting, by a computing device, a user for one or more first credentials associated with the user account, wherein the user account is associated with a user password for the user account;
  
  receiving, by the computing device from the a client computing device, a first password;
  
  determining whether the first password was provided as part of a malicious activity; and
  
  in response to determining that the first password was provided as part of a malicious activity;
  
  prompting, by the computing device, the user for one or more second credentials associated with the user account that are different than the one or more first credentials,receiving, by the computing device from the client computing device, a second password that is different than the first password,determining, by the computing device, whether the second password satisfies each authentication rule associated with the user password, andin response to determining that the second password satisfies each authentication rule;
  
  determining whether the second password satisfies an action rule associated with the user password, andin response to determining that the second password satisfies the action rule, performing an action associated with the action rule.
- View Dependent Claims (2, 3, 7, 8, 9)
- - 2. The method of claim 1, further comprising:
    - receiving, by the computing device during a subsequent access attempt, a third password to access the user account, wherein the third password is different from the first password and the second password;
      
      determining whether the third password satisfies each authentication rule; and
      
      in response to determining that the third password satisfies each authentication rule, allowing the client computing device to access the user account.
  - 3. The method of claim 1, further comprising:
    - receiving, by the computing device during a subsequent access attempt, a third password to access the user account, wherein the third password is different from the first password and the second password;
      
      determining whether the third password satisfies each authentication rule; and
      
      in response to determining that the third password does not satisfy each authentication rule, not allowing the client computing device to access the user account.
  - 7. The method of claim 1, wherein:
    - the user password for the user account is an equation that evaluates to a certain value,determining whether the second password satisfies each authentication rule associated with the user password comprises determining whether the second password is an equation that evaluates to the certain value.
  - 8. The method of claim 1, wherein:
    - determining whether the second password satisfies an action rule associated with the user password comprises determining whether the second password includes an indication that the second password is being spoken, andperforming an action associated with the action rule comprises denying access to the user account if a subsequent access attempt is made using the second password.
  - 9. The method of claim 1, wherein:
    - determining whether the second password satisfies an action rule associated with the user password comprises determining whether the second password includes an indication that the user is not trusted, andperforming an action associated with the action rule comprises revoking the user'"'"'s access to the account after a time period.

4. A system of authenticating a password for a user account, the system comprising:
- a computing device; and
  
  a computer-readable storage medium in communication with the computing device, wherein the computer-readable storage medium comprises one or more programming instructions that, when executed, cause the computing device to;
  
  prompt a user for one or more first credentials associated with the user account, wherein the user account is associated with a user password for the user account,receive a first password,determine whether the first password was provided as part of a malicious activity, andin response to determining that the first password was provided as part of a malicious activity;
  
  prompt the user for one or more second credentials associated with the user account that are different than the one or more first credentials,receive a second password that is different than the first password,determine whether the second password satisfies each authentication rule associated with the user password, andin response to determining that the second password satisfies each authentication rule;
  
  determine whether the second password satisfies an action rule associated with the user password, andin response to determining that the second password satisfies the action rule, perform an action associated with the action rule.
- View Dependent Claims (5, 6)
- - 5. The system of claim 4, wherein the computer-readable storage medium further comprises one or more programming instructions that, when executed, cause the computing device to:
    - receive during a subsequent access attempt a third password to access the user account, wherein the third password is different from the first password and the second password;
      
      determine whether the third password satisfies each authentication rule; and
      
      in response to determining that the third password satisfies each authentication rule, allow the client computing device to access the user account.
  - 6. The system of claim 4, wherein the computer-readable storage medium further comprises one or more programming instructions that, when executed, cause the computing device to:
    - receive during a subsequent access attempt a third password to access the user account, wherein the third password is different from the password and the third password;
      
      determine whether the third password satisfies each authentication rule; and
      
      in response to determining that the third password satisfies each authentication rule, allow the client computing device to access the user account.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google LLC (Alphabet Inc.)
Original Assignee
Google Inc. (Alphabet Inc.)
Inventors
Rashidi, Paul
Primary Examiner(s)
Pwu, Jeffrey
Assistant Examiner(s)
Corum, Jr., William

Application Number

US14/257,373
Time in Patent Office

1,128 Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/083 using passwords cryptograph...

Methods and systems of authenticating a password

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

13 Citations

9 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and systems of authenticating a password

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

13 Citations

9 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links