Browse Prior Art Database

Centralized Password Synchronization Service

IP.com Disclosure Number: IPCOM000132099D
Original Publication Date: 2005-Dec-01
Included in the Prior Art Database: 2005-Dec-01
Document File: 1 page(s) / 22K

Publishing Venue

IBM

Abstract

Disclosed is a system for a Centralized Password Synchronization Service. The issue arises where a user must maintain multiple distinct passwords for several different systems.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 51% of the total text.

Page 1 of 1

Centralized Password Synchronization Service

An issue arises where a user must maintain multiple distinct passwords for several different systems. This creates a password management issue where, depending on policy, the user must constantly change passwords to unique values at predetermined intervals. Inevitably, the passwords become out of synch in both the password value itself and the interval of password expiration, so the user has to maintain a list of passwords and values.

There are many solutions to this problem currently, each with its own drawback. First, the solution of "single sign on" or using a service such as an LDAP server to authenticate via one universal password. The drawback to this is that each individual service must know of / trust this service. In addition, if the single password is compromised, all systems are accessible.

A more common solution is for the user to actively store the passwords in any manner of method - on a piece of paper, in a utility that secures all passwords, etc. The issue here is that the user is required to actively generate passwords, renew them, track expiration, etc.

Our proposal is to have a centralized service that a user's applications may register with, much like LDAP, that applications will notify when the password has expired. This service will then compile a list of known passwords for the user from all participating applications, summarize them, and transmit (potentially via an simple email notice) all passwords. In this manner, the user must only re...