Browse Prior Art Database

Method and System for Cross Site Password Protection

IP.com Disclosure Number: IPCOM000198676D
Publication Date: 2010-Aug-11
Document File: 1 page(s) / 19K

Publishing Venue

The IP.com Prior Art Database

Abstract

A method and system for cross site password protection is disclosed. The method and system provides enhanced password protection by storing hash values for username and password combinations across multiple websites.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 64% of the total text.

Page 1 of 1

Method and System for Cross Site Password Protection

Disclosed is a method and system for cross site password protection.

The method involves storing hash values of username and password combinations for each website in a browser extension. The username and password combination is stored for each user who logs into a system and enables the extension. Thereafter, when the user enters a username and password combination, the extension generates the hash checks to verify whether the user is entering credentials valid for a different site but invalid for the current site. In such a scenario the user is alerted.

In other words, the user initializes a separate password protection extension for each operating system. Each time the user logs into a new website, the user is prompted to enable the password protection extension. If the user chooses to do so, hash values of the username and password combination are stored.

When the user is about to log in to a website, hash values for the username and password combination are generated. In case, the generated hash value matches with a stored hash value for the current website, the user is allowed to log in to the website. However, if the hash value does not match the stored hash value for the current website, the method and system disclosed herein checks a registry to verify if the hash value is registered against any other website. In case of a match, a password leak warning is generated and displayed to the user for aborti...