Browse Prior Art Database

A secure fault-tolerant method for entrypted password

IP.com Disclosure Number: IPCOM000248849D
Publication Date: 2017-Jan-18
Document File: 4 page(s) / 93K

Publishing Venue

The IP.com Prior Art Database

Abstract

The disclosure will put the wrong encrypted password into a wrong encrypted password map and count each of the value. Once log in successfully, the disclosure will check the latest wrong password using the former three steps of the 4-layer protection to detect if it should be put into fault-tolerant encrypted password set.

If log in with a fault-tolerance password at next time, the log-on will be successful and the last step of the 4-layer protection will be executed, that's to say a log-on warning will be sent to user by email/SMS.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 41% of the total text.

1

A secure fault-tolerant method for entrypted password

When we log in to a system using user/password, we might be annoying at mis-input the password and retype it again and again. It usually happens when met broken keypad or in a hurry, especially for disables or elders.

The disclosure will put the wrong encrypted password into a wrong encrypted password map and count each of the value. Once log in successfully, the disclosure will check the latest wrong password using the former three steps of the 4-layer protection to detect if it should be put into fault-tolerant encrypted password set.

If log in with a fault-tolerance password at next time, the log-on will be successful and the last step of the 4-layer protection will be executed, that's to say a log-on warning will be sent to user by email/SMS.

Claim points: Concepts of fault-tolerant encrypted password set, wrong encrypted password map1. 4-layer protection to avoid the fault-tolerant mechanism decreasing the security2.

Filter wrong password by frequency check for fault-tolerant password recommendation Typo password validation rule User decide whether to treat the recommended password as a fault-tolerant value Log-on warning when using fault-tolerant password to log in

In current solutions, we usually just store the correct encrypted code. While in our disclosure, Three more encrypted code are needed to store to enable fault-tolerant authentication:

fault-tolerant encrypted password setwrong encrypted password map(wrong encrypted password/counts) latest wrong encrypted password

At the same time, two more value are also need to be stored in front side latest inputted passwordlatest wrong password

Below is how the disclosure work in a user_name/password authentication process

At front side, The disclosure will do one more thing before sending authentication request

1. Store the password as latest inputted password.

2

At server side, If the authentication check is fail, that is to say received a wrong password from front side.

The disclosure will do below three more things: 1. Store the wrong encrypted password as latest wrong encrypted password 2. Store the wrong encrypted password in a wrong encrypted password map and count it Back to front side, 3. Assign the value of latest inputted password to latest wrong password

If the authentication check is successful, that is to say received a correct password from front side. The disclosure will check the latest wrong password using the first 3 protection to detect if it should be put into fault-tolerant encrypted password set

1. 4-layer protection-1: Filter wrong password by frequency check for fault-tolerant password recommendation Search the latest wrong encrypted password in wrong encrypted password map and compare the count with threshold If the wrong frequency is lager than the threshold, the fault-tolerant value will be set to true and send to front side with the log in success info.

Back to front side, the disclosure will...