Browse Prior Art Database

A method or system to identify expired passwords with hash images

IP.com Disclosure Number: IPCOM000226491D
Publication Date: 2013-Apr-08
Document File: 3 page(s) / 54K

Publishing Venue

The IP.com Prior Art Database

Abstract

This invention disclosures a system or method to help the user to identify the expired passwords which are stored in login forms. As we know, a lot of login forms (of web browsers or client-side tools) provide the capability of saving user's credentials, which can save user's effort of re-typing user name & password multiple times. The passwords stored in the login forms are commonly displayed as asterisks or dots for security purpose, which makes it not so identical, and user may not be aware that the stored passwords is already expired. This invention provides a hashed image for each saved password besides the login forms, which could help the user to identify whether the saved one is the same as the hased image for the active/updated passwords.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 51% of the total text.

Page 01 of 3

A method or system to identify expired passwords with hash images

As we know, a lot of login forms (of web browsers or client-side tools) provide the capability of saving user's credentials, which can save user's effort of re-typing user name & password multiple times. This is a user-friendly functionality, but may cause another problem: the user might not be aware of the saved password has been expired, and some of the systems may even lock the user account after the expired password being retried multiple times. So it's essential that the user is able to figure out whether the saved password is expired or not easily.

The known solutions for this problem include:


(1) Some login forms change the left-side icon when user types the password, but it only reflects the change of user input length, not values.


(2) Publication on IP.com: AN AUTOMATED MECHANISM TO MANAGE PASSWORD WITH EXPIRATION

This solution maintains a cellphone number and multiple vocal words & corresponding passwords for a specific user id. If any password expiration is detected, an automatic phone call will be made to the cellphone number, and prompt the user to select one of the stored password by pronouncing a vocal word, if the pronounced vocal word matches any stored words, the corresponding password of this stored word will be set as the new password of this user id.

To resolve this problem, our solution is to maintain an image pool, and map the saved password to one of the images in the pool by hash algorithm. By comparing the mapped image, the user is able to find out whether the saved password is expired or not.

The saved passwords saved in login forms are commonly displayed with asterisks or dots other than plain texts for security purpose, which also brings

difficulty to the user when trying to identify whether it's expired or not. The solution #1 can help the user to identify the length of input password, but is not able to reflect the values; The solution #2 is to pro-actively help the user to change an expired password, but not able to identify the expired password saved in login forms either.

With our solu...