Browse Prior Art Database

Method to authenticate users based on last login information

IP.com Disclosure Number: IPCOM000175621D
Original Publication Date: 2008-Oct-16
Included in the Prior Art Database: 2008-Oct-16
Document File: 3 page(s) / 42K

Publishing Venue

IBM

Abstract

Disclosed is a method to authenticate users of computer systems based on shared knowledge. The shared knowledge used in this method is related to the history of previous successful login attempts. When logging into a computer system, the user is asked to provide information about prior successful login attempts. The computer system then compares data it had stored from previous authentications with data provided by the user during the present login attempt. The result of that comparison then is used to authenticate the user, in addition to traditional methods.

This text was extracted from a PDF file.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 52% of the total text.

Page 1 of 3

Method to authenticate users based on last login information

User authentication via userid and passwords is currently the most common means to secure applications, although considered to be a weak means of authentication. Stronger means of authentication are well known (client certificates, smart cards, biometric factors), but more costly and difficult to manage (for example, revocation of credentials).

Some applications, particularly in the banking sector, involve the user in maintaining an appropriate level of security by displaying information about the user's last login after successful authentication. The information presented to the user lists time and date of last login and/or number of previous unsuccessful login attempts. The user is then supposed to check that info for correctness, and to conclude from that information a potential intrusion. Once the user has concluded an intrusion has happened, it is up to the user to take appropriate action (for example, changing the password).

Realistically, few users even read that information and even fewer users draw or can draw the appropriate conclusions from it. In the contrary, a potential intruder gathers additional information about the user's behavior when reading that information.

The disclosed method uses the last-login information to make authentication of users more secure, compared to traditional authentication mechanisms such as password matching. The additional security of the authentication comes from gathering additional information from the user. The additional information is not static, but time-dependent. Therefore the additional info to be entered by the user changes at each login. Comparing the disclosed method with state-of-the-art one-time passwords, the disclosed methods provides superior security, because the shared knowledge is not static and does not need to be sent to the user, thus avoiding the risk of compromising the shared knowledge.

The disclosure, rather than displaying the last-login information to the user for manual interpretation, gathers from the user the last login information and then compares it to what the system has stored about the last login of the user. For applications which require "strong" authentication, the user not only has to present credentials (userid / password) but also information about her/his last login. The system captures that information and compares it with the stored information. If the two sets of information match sufficiently, the user is considered as "authenticated".

Since one cannot expect that the user takes record of the exact time of the last login, the system needs to be...