Browse Prior Art Database

Security Protection through Secondary Alert Passwords

IP.com Disclosure Number: IPCOM000116748D
Original Publication Date: 1995-Oct-01
Included in the Prior Art Database: 2005-Mar-31
Document File: 2 page(s) / 81K

Publishing Venue

IBM

Related People

Bisdikian, C: AUTHOR [+2]

Abstract

A method is disclosed to provide enhanced security of electronically protected resources, or facilities, or systems, etc., through the use of secondary alert passwords. Legitimate users of the resources receive two types of passwords: (a) the normal password(s), and (b) one or more alert passwords to be used in abnormal situations. If an alert password has been used, the security system will notify the proper authorities (or software) to handle the situation appropriately.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 52% of the total text.

Security Protection through Secondary Alert Passwords

      A method is disclosed to provide enhanced security of
electronically protected resources, or facilities, or systems, etc.,
through the use of secondary alert passwords.  Legitimate users of
the resources receive two types of passwords: (a) the normal
password(s), and (b) one or more alert passwords to be used in
abnormal situations.  If an alert password has been used, the
security system will notify the proper authorities (or software) to
handle the situation appropriately.

      The use of passwords is a well-known mechanism to protect
unauthorized use of computer equipment, automatic teller machines,
combination based entry locks, etc.  Any person (or machine) with
knowledge of a user-id and a corresponding password is allowed to use
the system without any hindrance.  This can lead to crimes where the
owner of the user-id and password is forced (say, at a gun point) to
reveal this information to an unauthorized user who can use it for
personal gain.  Such crimes are very common and well publicized, for
example robberies at ATMs, access to numerical door locks and data
processing equipment.

      This disclosure describes a method to identify illegitimate
access attempts and protect the resources as well as the legitimate
users of user-ids and passwords through allocation of secondary alert
passwords (or even user-ids) to every legitimate user, in addition to
the regular (or normal, or primary) password(s) and user-id(s).

      When the use of an alert password on a protected system is
detected, appropriate usage monitoring or law enforcement authorities
are notified and the system may enter a restricted operation mode
where: (a) certain features are denied to the user; (b) slow down
its response time; (c) fake a malfunction; (d) direct (security)
cameras towards the area that the user stands to get better pictures;
(e) provide fake but otherwise legitimate looking data, etc.

      Certain passwords may also be reserved as universal secondary
alert passwords to detect unauthorized users trying to break
passwords.  Naturally, these universal secondary alert passwords are
never allocated to any users.  When a universal al...