Browse Prior Art Database

Password history based authentication

IP.com Disclosure Number: IPCOM000244757D
Publication Date: 2016-Jan-11
Document File: 3 page(s) / 80K

Publishing Venue

The IP.com Prior Art Database

Abstract

Changing passwords on a periodic basis is a security practice intended to reduce risk of brute force password cracking or social engineering based password theft. Particularly for frequently used passwords, such as a corporate intranet password, common behaviour from users is to frequently type their old password on occasions out of habit / muscle memory, prior to remembering to type their new password. This, combined with password policies making passwords difficult to remember, can reduce productivity in cases of valid users and their access. Often in an enterprise situation many disparate systems may expire on or around the same time, requiring the user to change many passwords over the course of a week or so. Alternate solutions using biometrics or other authentication schemes that do not require remembering secrets can require additional hardware which may not be ubiquitous, or are unable to be revoked. This invention proposes Have a period of time during which previous and current password are both acceptable. If previous password is provided, optionally remind the user.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 60% of the total text.

Page 01 of 3

Password history based authentication

Changing passwords on a periodic basis is a security practice intended to reduce risk of brute force password cracking or social engineering based password theft. Particularly for frequently used passwords, such as a corporate intranet password, common behaviour from users is to frequently type their old password on occasions out of habit / muscle memory, prior to remembering to type their new password. This, combined with password policies making passwords difficult to remember, can reduce productivity in cases of valid users and their access.

Often in an enterprise situation many disparate systems may expire on or around the same time, requiring the user to change many passwords over the course of a week or so.

Alternate solutions using biometrics or other authentication schemes that do not require remembering secrets can require additional hardware which may not be ubiquitous, or are unable to be revoked.

This invention proposes Have a period of time during which previous and current password are both acceptable. If previous password is provided, optionally remind the user.

The benefit of this is that it assists when people are in the "password change time, when they have several identities all changing password at the same time, if this occurs over a week, it means that users will be able to continue access resources efficiently across multiple systems with different identities

This patent describes the way that a user a...