Browse Prior Art Database

Helping a user to recall his/her password by employing a gradual password hinter

IP.com Disclosure Number: IPCOM000114553D
Original Publication Date: 2005-Mar-29
Included in the Prior Art Database: 2005-Mar-29
Document File: 1 page(s) / 39K

Publishing Venue

IBM

Abstract

Disclosed is a method to help a user to gradually and securely "re-construct" a lost or forgotten password.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 55% of the total text.

Page 1 of 1

Helping a user to recall his/her password by employing a gradual password hinter

In today's computerized world, one needs to keep track of many passwords for various systems and applications. Some passwords change on regular basis according to the security policy at the specific site and might not be meaningful to the user, just a arbitrary collection of characters and digits. It is difficult to remember the assortment of passwords that accompany one in daily life. Even if one recycles one's passwords among various applications, one does not always remember which password applies to which system. A number of schemes exist to assist the user in this situation. In some situations, the computer remembers for the user (which can present problems with security); in others, biometrics are used. Mechanisms for using reminders (asking the user a question) exist in many places, and zero knowledge and public key schemes are also used. Suggested here is a new scheme based on asking, for example, multiple questions to remind the user of the password.

    Instead of prompting the user for the password in "one chunk", the mechanism presented here provides for a gradual build-up of the password by providing "hints" that should "ring a bell" with the user but that would mean nothing to an attacker (unauthorized user). Assume that the password is "m2adehai", for instance. Now when the user tries to logon to the system, instead of being prompted simply to enter the password, the promp...