Browse Prior Art Database

Predefined, One-Time Use User IDs and Passwords

IP.com Disclosure Number: IPCOM000028674D
Original Publication Date: 2004-May-26
Included in the Prior Art Database: 2004-May-26
Document File: 2 page(s) / 56K

Publishing Venue

IBM

Abstract

Disclosed is software for predefined, one-time use user IDs and passwords. Such user IDs and passwords are needed when operating in unknown or untrusted environments.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 52% of the total text.

Page 1 of 2

Predefined, One-Time Use User IDs and Passwords

Disclosed is software for predefined, one-time use user IDs and passwords. Such user IDs and passwords are needed when operating in unknown or untrusted environments.

Users encounter situations where people, systems, and/or networks may compromise their user IDs and/or passwords. Examples:
1) People: A person standing over the users shoulder can see the users keystrokes.
2) Systems: A hardware or software based key logger that captures the users keystrokes.
3) Network: A network that has been compromised or is transmitting data in an insecure manner.

If a potential hacker captures a user ID or password, security is degraded for that user. If he captures both, all security is potentially lost for that user.

Predefined, one-time use user IDs and/or passwords directly address the above issues. There would be two types of user IDs:
1) master ID and password: Master IDs are primary IDs. They are issued and used in secure and trusted environments. Master IDs create and issue associated one-time use IDs in secure and trusted environments.
2) one-time use ID and password: These IDs and passwords are used in unknown or untrusted environments. Once they are used to gain access, they cannot be used again. These IDs are associated with a single master ID. Once they are used to gain access, they may assume the roles and permissions, or a subset of the roles and permissions, assigned to the master ID.

Implementation requires the ability for an operating system, application, and/or device to store one or more one-time use user IDs and/or passwords associated with a master ID.

One-time use user IDs and passwords are only valid for one logon. They are subject to same user ID and password policies the master ID and password are. For example, such policies may dictate the number and type of characters, user ID expiration, and reuse of previous character sequences. Their activity is logged just like master IDs and passwords.

In certain environments, it may be acceptable to allow one-tim...