WO2005045550A2 - Password recovery system and method - Google Patents
Password recovery system and method Download PDFInfo
- Publication number
- WO2005045550A2 WO2005045550A2 PCT/GB2004/004612 GB2004004612W WO2005045550A2 WO 2005045550 A2 WO2005045550 A2 WO 2005045550A2 GB 2004004612 W GB2004004612 W GB 2004004612W WO 2005045550 A2 WO2005045550 A2 WO 2005045550A2
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- computer system
- data
- recovery
- computer
- encrypted
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2131—Lost password, e.g. recovery of lost or forgotten passwords
Definitions
- the present invention relates to a peer assisted challenge/response system and method for computer password recovery.
- Access control security for computer systems is commonly implemented using passwords.
- a password In order for a password to provide a satisfactory level of security, it should not be associated with the user or be a simple word that can easily be guessed.
- Security policies regarding password complexity and expiration vary between organisations. However, one problem is common to all password-based systems — when a password is lost or forgotten, a recovery mechanism is needed.
- Challenge/response is commonly used for computer password recovery.
- Passwords, or codes to bypass password systems or similar are held by, or registered with, a central system. If a user forgets his or her password, he or she contacts a help-desk at the central system. The help-desk authenticates the user or computer using information held about them and then provides a recovery code to the user. The recovery code allows a user to regain access to a locked machine and have their password reset.
- the authentication data and recovery code is exchanged over an un-trusted communication channel, such as a public telephone system
- an un-trusted communication channel such as a public telephone system
- the authentication data and/or recovery codes may be intercepted by unauthorised individuals.
- the data may then be used by such parties to attempt to gain unauthorised access to the computer system.
- the risks of communicating such data over un-trusted communication channels are such that many organisations prohibit the use of such channels during password recovery. Whilst such a policy may be acceptable to organisations operating over a single site or those having secure communication channels easily available, most organisations, particularly where users are members of the public accessing the system from a remote site, do not such luxuries available and are forced to use un-trusted communications channels.
- the present invention seeks to provide a method and system in which un-trusted communication channels can be used during password recovery without compromising security.
- a password recovery system for recovering access to a first computer system
- the password recovery system including a data repository storing data associated with the first computer system and a second computer system and/or their users, the data repository being arranged to accept authentication data from the first computer system or its user and verify the data in dependence on the stored data, wherein upon verification, the data repository is arranged to provide encrypted recovery data to said second computer system, the encrypted recovery data being decryptable by said second computer system, the recovery data including data for recovering access to said first computer system.
- Each of the first and second computer systems are preferably protected using an encryption key, each computer system being arranged to encrypt the encryption key in dependence on a password of the user of the respective computer system and store the encrypted encryption key, the respective computer system being arranged to decrypt the encrypted encryption key upon authentication of the user via said password to allow access to said encryption key and to said computer system.
- the system further comprises a recovery application further comprising a recovery application on each of the first and second computer systems, the data repository storing the encryption key for each computer system encrypted in dependence on encryption data, the recovery application storing said encryption data for the respective computer system, wherein the recovery data for the first computer system comprises the respective computer system's encryption key encrypted in dependence on encryption data.
- the encrypted recovery data preferably comprises said recovery data further encrypted in dependence on the encryption key for the second computer system.
- the encryption data may comprise pseudo-random data.
- a method of password recovery for one of a number of computer system comprising: storing, remotely of said computer systems, data associated with the number of computer systems and or their respective users; accepting a first request for password recovery for a first one of said number of computer systems from the user of said first computer system; verifying said first request in dependence on said stored data; accepting a second request for password recovery for the first computer systems from a second one of said number of computer systems; encrypting recovery data for the first computer system using stored data associated with said second computer system; communicating the encrypted recovery data to the second computer system; decrypting the encrypted recovery data at the second computer system; and, applying the recovery data to the first computer system to permit password recovery.
- the method further comprises: protecting said first and second computer systems using respective encryption keys; encrypting the respective encryption key at the respective computer system in dependence on a password of the user of the respective computer system; storing the encrypted encryption key in the respective computer system; and, decrypting the encrypted encryption key upon authentication of the user via said password to allow access to said encryption key and to said computer system.
- the method may further comprise: storing, remotely of said computer systems, the encryption key for each computer system encrypted in dependence on encryption data; storing in each computer system the respective encryption data for the respective computer system, wherein the recovery data for the first computer system comprises the first computer system's encryption key encrypted in dependence on the first computer's encryption data.
- the step of encrypting recovery data may comprise further encrypting said recovery data in dependence on the encryption key for the second computer system.
- the present invention has been designed to assist with secure password recovery.
- a password recovery mechanism is required where computer users have forgotten their computer password, and are subsequently denied access to a computer as a result of a security product or mechanism protecting the computer.
- the security product would typically be providing encryption of data on the user's computer and include a user authentication mechanism.
- Figure 1 is a schematic diagram of a password recovery system according to an embodiment of the present invention
- Figure 2 is a schematic diagram illustrating the password recovery system of Figure 1 in operation.
- Figure 1 is a schematic diagram of a password recovery system according to an embodiment of the present invention.
- the password recovery system includes a first computer system 10, a second computer system 20, and a recovery system 40.
- the first and second computer systems are registered with the recovery system 40 and are arranged to communicate with the recovery system 40 over an un-trusted communications channel 30.
- data about the user(s) of the respective systems and/or data on the systems themselves is recorded in a repository 50.
- a recovery application is also enabled on the respective systems 10, 20.
- an encryption key (preferably a different key for each system) is associated with the respective computer system that allows the user's password to be bypassed and/or changed.
- the encryption key is encrypted using pseudo-random data generated for each respective computer system 10, 20 and the encrypted encryption key is stored in the computer system's recovery application.
- the pseudo-random data is stored in the data repository.
- the recovery application may be software that is installed during registration, hardware that is installed or some combination of the two (such as a BIOS feature).
- Figure 2 is a schematic diagram illustrating the password recovery system of Figure 1 in operation.
- Password recovery of a first computer system 10 registered with the recovery system 40 requires the use of a second computer system 20 that has also been registered, such as a second laptop, to be involved in the password recovery process.
- a user (user A) with a protected computer system 10 is locked out of the computer as a result of forgetting their password, they are required to locate a second user (user B) in possession of a computer system 20 protected by the same password recovery system.
- step 100 user A contacts the recovery system 40 at which both computers 10, 20 are registered, and .provides information relating to their identity and/or data on the computer system 10.
- step 110 user B accesses their own computer system 20, and runs the recovery application. Via the recovery application, user B interacts with the recovery system 40, providing information relating to their identity and/or data on their computer system 20.
- step 120 as and when the recovery system 40 has authenticated the users and/or their computer systems 10, 20 in dependence on the data stored in the repository, it provides an encrypted recovery code to user B.
- the recovery code preferably comprises the pseudo-random data stored for the first computer system 10.
- the recovery code is encrypted using encryption data associated with the second computer system 20.
- the recovery application running on User B's computer system 20 Upon receipt of the encrypted recovery code, the recovery application running on User B's computer system 20 is able to decrypt the recovery code which can then be entered into User A's computer system 10 via the recovery application on user A's computer system 10 in step 130.
- the encrypted encryption key can be decrypted and the encryption key can then be accessed allowing subsequent access to the computer system 10 by User A and/or password change.
- an encryption key (DK A ) used to protect a first computer is encrypted using a key encryption key (KKA) derived from the user's password.
- the encrypted DK A (EDK A I) is stored on the computer.
- Successful decryption of EDKAI occurs during normal user authentication.
- a second encrypted copy of the DK A is stored within the data repository, such as a database, accessible to the help desk.
- a second encrypted key (EDK A 2) is encrypted using some pseudo-random data (PRD) stored on the computer.
- the database includes data relating to the computer and/or user to which an EDK A 2 belongs.
- Password recovery entails the transmission of EDKA2, allowing software on the locked machine to recover DK A using PRD.
- a second computer or computer system is involved.
- An application run by the help-desk encrypts the recovery data using the data encryption key of the second computer DK ⁇ .
- DK ⁇ data encryption key of the second computer
- only the second computer can access the recovery data for the first computer.
- unencrypted recovery data can only be obtained by use of a second computer, which itself must have been authenticated by entering a valid password to permit access to the data encryption key.
- the data repository may be arranged to only communicate with authenticated systems, in this manner an authenticated system must act as communication intermediary for the unauthenticated computer system.
- EDKA2 may be manually entered into the first machine, from which DK A may be recovered through PRD.
- the PRD is randomly generated at the first computer each time a recovery code is required.
- An encrypted version of PRD would be communicated to the data repository which would decrypt it and then encode it with DK A and re-encrypt the result using a key for the second, authenticated, computer.
- the version of DKA that eventually arrives for use in recovering the first computer will be dependent on PRD.
- the recovery code will only work once and the next time a recovery code is requested, the first computer will generate a different PRD and only accept a version of DK A that has been encoded using the new PRD.
Abstract
Description
Claims
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GB0325252A GB0325252D0 (en) | 2003-10-29 | 2003-10-29 | Password recovery system and method |
GB0325252.5 | 2003-10-29 |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2005045550A2 true WO2005045550A2 (en) | 2005-05-19 |
WO2005045550A3 WO2005045550A3 (en) | 2009-05-07 |
Family
ID=29725586
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/GB2004/004612 WO2005045550A2 (en) | 2003-10-29 | 2004-10-29 | Password recovery system and method |
Country Status (2)
Country | Link |
---|---|
GB (1) | GB0325252D0 (en) |
WO (1) | WO2005045550A2 (en) |
Cited By (33)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2008043009A1 (en) * | 2006-10-04 | 2008-04-10 | Microsoft Corporation | Character position-based password recovery |
EP2629227A1 (en) * | 2012-02-15 | 2013-08-21 | Research In Motion Limited | Key management on device for perimeters |
US8544084B2 (en) | 2002-08-19 | 2013-09-24 | Blackberry Limited | System and method for secure control of resources of wireless mobile communication devices |
USRE44746E1 (en) | 2004-04-30 | 2014-02-04 | Blackberry Limited | System and method for handling data transfers |
US8656016B1 (en) | 2012-10-24 | 2014-02-18 | Blackberry Limited | Managing application execution and data access on a device |
US8799227B2 (en) | 2011-11-11 | 2014-08-05 | Blackberry Limited | Presenting metadata from multiple perimeters |
US8856879B2 (en) | 2009-05-14 | 2014-10-07 | Microsoft Corporation | Social authentication for account recovery |
US8893219B2 (en) | 2012-02-17 | 2014-11-18 | Blackberry Limited | Certificate management method based on connectivity and policy |
US8898756B2 (en) | 2012-11-21 | 2014-11-25 | Applied Research Works, Inc. | System and method for password recovery |
US8931045B2 (en) | 2012-02-16 | 2015-01-06 | Blackberry Limited | Method and apparatus for management of multiple grouped resources on device |
US8972762B2 (en) | 2012-07-11 | 2015-03-03 | Blackberry Limited | Computing devices and methods for resetting inactivity timers on computing devices |
US9047451B2 (en) | 2010-09-24 | 2015-06-02 | Blackberry Limited | Method and apparatus for differentiated access control |
US9077622B2 (en) | 2012-02-16 | 2015-07-07 | Blackberry Limited | Method and apparatus for automatic VPN login on interface selection |
US9075955B2 (en) | 2012-10-24 | 2015-07-07 | Blackberry Limited | Managing permission settings applied to applications |
US9094194B2 (en) * | 2006-04-18 | 2015-07-28 | International Business Machines Corporation | Method and system for automating the recovery of a credential store when a user has forgotten their password using a temporary key pair created based on a new password provided by the user |
US9124431B2 (en) | 2009-05-14 | 2015-09-01 | Microsoft Technology Licensing, Llc | Evidence-based dynamic scoring to limit guesses in knowledge-based authentication |
US9137668B2 (en) | 2004-02-26 | 2015-09-15 | Blackberry Limited | Computing device with environment aware features |
US9147085B2 (en) | 2010-09-24 | 2015-09-29 | Blackberry Limited | Method for establishing a plurality of modes of operation on a mobile device |
US9161226B2 (en) | 2011-10-17 | 2015-10-13 | Blackberry Limited | Associating services to perimeters |
US9225727B2 (en) | 2010-11-15 | 2015-12-29 | Blackberry Limited | Data source based application sandboxing |
EP2919413A4 (en) * | 2012-11-09 | 2016-01-06 | Zte Corp | Data security verification method and device |
US9262604B2 (en) | 2012-02-01 | 2016-02-16 | Blackberry Limited | Method and system for locking an electronic device |
US9282099B2 (en) | 2005-06-29 | 2016-03-08 | Blackberry Limited | System and method for privilege management and revocation |
US9306948B2 (en) | 2012-02-16 | 2016-04-05 | Blackberry Limited | Method and apparatus for separation of connection data by perimeter type |
US9369466B2 (en) | 2012-06-21 | 2016-06-14 | Blackberry Limited | Managing use of network resources |
US9378394B2 (en) | 2010-09-24 | 2016-06-28 | Blackberry Limited | Method and apparatus for differentiated access control |
US9386451B2 (en) | 2013-01-29 | 2016-07-05 | Blackberry Limited | Managing application access to certificates and keys |
US9426145B2 (en) | 2012-02-17 | 2016-08-23 | Blackberry Limited | Designation of classes for certificates and keys |
US9497220B2 (en) | 2011-10-17 | 2016-11-15 | Blackberry Limited | Dynamically generating perimeters |
US9698975B2 (en) | 2012-02-15 | 2017-07-04 | Blackberry Limited | Key management on device for perimeters |
US9967055B2 (en) | 2011-08-08 | 2018-05-08 | Blackberry Limited | System and method to increase link adaptation performance with multi-level feedback |
US10848520B2 (en) | 2011-11-10 | 2020-11-24 | Blackberry Limited | Managing access to resources |
US11163862B2 (en) | 2018-05-16 | 2021-11-02 | International Business Machines Corporation | Authentication of users based on snapshots thereof taken in corresponding acquisition conditions |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1059761A1 (en) * | 1999-06-11 | 2000-12-13 | International Computers Limited | Cryptographic key, or other secret material, recovery |
US6229894B1 (en) * | 1997-07-14 | 2001-05-08 | Entrust Technologies, Ltd. | Method and apparatus for access to user-specific encryption information |
US6360322B1 (en) * | 1998-09-28 | 2002-03-19 | Symantec Corporation | Automatic recovery of forgotten passwords |
US20030188201A1 (en) * | 2002-03-28 | 2003-10-02 | International Business Machines Corporation | Method and system for securing access to passwords in a computing network environment |
-
2003
- 2003-10-29 GB GB0325252A patent/GB0325252D0/en not_active Ceased
-
2004
- 2004-10-29 WO PCT/GB2004/004612 patent/WO2005045550A2/en active Application Filing
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6229894B1 (en) * | 1997-07-14 | 2001-05-08 | Entrust Technologies, Ltd. | Method and apparatus for access to user-specific encryption information |
US6360322B1 (en) * | 1998-09-28 | 2002-03-19 | Symantec Corporation | Automatic recovery of forgotten passwords |
EP1059761A1 (en) * | 1999-06-11 | 2000-12-13 | International Computers Limited | Cryptographic key, or other secret material, recovery |
US20030188201A1 (en) * | 2002-03-28 | 2003-10-02 | International Business Machines Corporation | Method and system for securing access to passwords in a computing network environment |
Cited By (58)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8893266B2 (en) | 2002-08-19 | 2014-11-18 | Blackberry Limited | System and method for secure control of resources of wireless mobile communication devices |
US9998466B2 (en) | 2002-08-19 | 2018-06-12 | Blackberry Limited | System and method for secure control of resources of wireless mobile communication devices |
US9391992B2 (en) | 2002-08-19 | 2016-07-12 | Blackberry Limited | System and method for secure control of resources of wireless mobile communication devices |
US8544084B2 (en) | 2002-08-19 | 2013-09-24 | Blackberry Limited | System and method for secure control of resources of wireless mobile communication devices |
US10015168B2 (en) | 2002-08-19 | 2018-07-03 | Blackberry Limited | System and method for secure control of resources of wireless mobile communication devices |
US10298584B2 (en) | 2002-08-19 | 2019-05-21 | Blackberry Limited | System and method for secure control of resources of wireless mobile communication devices |
US8661531B2 (en) | 2002-08-19 | 2014-02-25 | Blackberry Limited | System and method for secure control of resources of wireless mobile communication devices |
US10999282B2 (en) | 2002-08-19 | 2021-05-04 | Blackberry Limited | System and method for secure control of resources of wireless mobile communication devices |
US9137668B2 (en) | 2004-02-26 | 2015-09-15 | Blackberry Limited | Computing device with environment aware features |
USRE48679E1 (en) | 2004-04-30 | 2021-08-10 | Blackberry Limited | System and method for handling data transfers |
USRE46083E1 (en) | 2004-04-30 | 2016-07-26 | Blackberry Limited | System and method for handling data transfers |
USRE44746E1 (en) | 2004-04-30 | 2014-02-04 | Blackberry Limited | System and method for handling data transfers |
USRE49721E1 (en) | 2004-04-30 | 2023-11-07 | Blackberry Limited | System and method for handling data transfers |
US10515195B2 (en) | 2005-06-29 | 2019-12-24 | Blackberry Limited | Privilege management and revocation |
US9282099B2 (en) | 2005-06-29 | 2016-03-08 | Blackberry Limited | System and method for privilege management and revocation |
US9734308B2 (en) | 2005-06-29 | 2017-08-15 | Blackberry Limited | Privilege management and revocation |
US9094194B2 (en) * | 2006-04-18 | 2015-07-28 | International Business Machines Corporation | Method and system for automating the recovery of a credential store when a user has forgotten their password using a temporary key pair created based on a new password provided by the user |
US7831836B2 (en) | 2006-10-04 | 2010-11-09 | Microsoft Corporation | Character position-based password recovery |
WO2008043009A1 (en) * | 2006-10-04 | 2008-04-10 | Microsoft Corporation | Character position-based password recovery |
US10013728B2 (en) | 2009-05-14 | 2018-07-03 | Microsoft Technology Licensing, Llc | Social authentication for account recovery |
US9124431B2 (en) | 2009-05-14 | 2015-09-01 | Microsoft Technology Licensing, Llc | Evidence-based dynamic scoring to limit guesses in knowledge-based authentication |
US8856879B2 (en) | 2009-05-14 | 2014-10-07 | Microsoft Corporation | Social authentication for account recovery |
US9147085B2 (en) | 2010-09-24 | 2015-09-29 | Blackberry Limited | Method for establishing a plurality of modes of operation on a mobile device |
US9378394B2 (en) | 2010-09-24 | 2016-06-28 | Blackberry Limited | Method and apparatus for differentiated access control |
US10318764B2 (en) | 2010-09-24 | 2019-06-11 | Blackberry Limited | Method and apparatus for differentiated access control |
US9531731B2 (en) | 2010-09-24 | 2016-12-27 | Blackberry Limited | Method for establishing a plurality of modes of operation on a mobile device |
US9519765B2 (en) | 2010-09-24 | 2016-12-13 | Blackberry Limited | Method and apparatus for differentiated access control |
US9047451B2 (en) | 2010-09-24 | 2015-06-02 | Blackberry Limited | Method and apparatus for differentiated access control |
US9225727B2 (en) | 2010-11-15 | 2015-12-29 | Blackberry Limited | Data source based application sandboxing |
US9967055B2 (en) | 2011-08-08 | 2018-05-08 | Blackberry Limited | System and method to increase link adaptation performance with multi-level feedback |
US10735964B2 (en) | 2011-10-17 | 2020-08-04 | Blackberry Limited | Associating services to perimeters |
US9402184B2 (en) | 2011-10-17 | 2016-07-26 | Blackberry Limited | Associating services to perimeters |
US9497220B2 (en) | 2011-10-17 | 2016-11-15 | Blackberry Limited | Dynamically generating perimeters |
US9161226B2 (en) | 2011-10-17 | 2015-10-13 | Blackberry Limited | Associating services to perimeters |
US10848520B2 (en) | 2011-11-10 | 2020-11-24 | Blackberry Limited | Managing access to resources |
US8799227B2 (en) | 2011-11-11 | 2014-08-05 | Blackberry Limited | Presenting metadata from multiple perimeters |
US9720915B2 (en) | 2011-11-11 | 2017-08-01 | Blackberry Limited | Presenting metadata from multiple perimeters |
US9262604B2 (en) | 2012-02-01 | 2016-02-16 | Blackberry Limited | Method and system for locking an electronic device |
US9698975B2 (en) | 2012-02-15 | 2017-07-04 | Blackberry Limited | Key management on device for perimeters |
EP2629227A1 (en) * | 2012-02-15 | 2013-08-21 | Research In Motion Limited | Key management on device for perimeters |
US8931045B2 (en) | 2012-02-16 | 2015-01-06 | Blackberry Limited | Method and apparatus for management of multiple grouped resources on device |
US9306948B2 (en) | 2012-02-16 | 2016-04-05 | Blackberry Limited | Method and apparatus for separation of connection data by perimeter type |
US9077622B2 (en) | 2012-02-16 | 2015-07-07 | Blackberry Limited | Method and apparatus for automatic VPN login on interface selection |
US9294470B2 (en) | 2012-02-17 | 2016-03-22 | Blackberry Limited | Certificate management method based on connectivity and policy |
US9426145B2 (en) | 2012-02-17 | 2016-08-23 | Blackberry Limited | Designation of classes for certificates and keys |
US8893219B2 (en) | 2012-02-17 | 2014-11-18 | Blackberry Limited | Certificate management method based on connectivity and policy |
US9369466B2 (en) | 2012-06-21 | 2016-06-14 | Blackberry Limited | Managing use of network resources |
US11032283B2 (en) | 2012-06-21 | 2021-06-08 | Blackberry Limited | Managing use of network resources |
US8972762B2 (en) | 2012-07-11 | 2015-03-03 | Blackberry Limited | Computing devices and methods for resetting inactivity timers on computing devices |
US9075955B2 (en) | 2012-10-24 | 2015-07-07 | Blackberry Limited | Managing permission settings applied to applications |
US9065771B2 (en) | 2012-10-24 | 2015-06-23 | Blackberry Limited | Managing application execution and data access on a device |
US8656016B1 (en) | 2012-10-24 | 2014-02-18 | Blackberry Limited | Managing application execution and data access on a device |
EP2919413A4 (en) * | 2012-11-09 | 2016-01-06 | Zte Corp | Data security verification method and device |
US8898756B2 (en) | 2012-11-21 | 2014-11-25 | Applied Research Works, Inc. | System and method for password recovery |
US9940447B2 (en) | 2013-01-29 | 2018-04-10 | Blackberry Limited | Managing application access to certificates and keys |
US10460086B2 (en) | 2013-01-29 | 2019-10-29 | Blackberry Limited | Managing application access to certificates and keys |
US9386451B2 (en) | 2013-01-29 | 2016-07-05 | Blackberry Limited | Managing application access to certificates and keys |
US11163862B2 (en) | 2018-05-16 | 2021-11-02 | International Business Machines Corporation | Authentication of users based on snapshots thereof taken in corresponding acquisition conditions |
Also Published As
Publication number | Publication date |
---|---|
GB0325252D0 (en) | 2003-12-03 |
WO2005045550A3 (en) | 2009-05-07 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2005045550A2 (en) | Password recovery system and method | |
JP4615601B2 (en) | Computer security system and computer security method | |
EP0636259B1 (en) | Cryptographic data security in a secured computer system | |
US7178025B2 (en) | Access system utilizing multiple factor identification and authentication | |
US5425102A (en) | Computer security apparatus with password hints | |
US5590199A (en) | Electronic information network user authentication and authorization system | |
CN103561034B (en) | A kind of secure file shared system | |
US6480958B1 (en) | Single-use passwords for smart paper interfaces | |
US9246887B1 (en) | Method and apparatus for securing confidential data for a user in a computer | |
EP2156354B1 (en) | Method and system for preventing impersonation of a computer system user | |
US20100250937A1 (en) | Method And System For Securely Caching Authentication Elements | |
US20040117636A1 (en) | System, method and apparatus for secure two-tier backup and retrieval of authentication information | |
EP2339777A2 (en) | Method of authenticating a user to use a system | |
JPH11212922A (en) | Password management and recovery system | |
CA2251193A1 (en) | Method and apparatus for encoding and recovering keys | |
US10623400B2 (en) | Method and device for credential and data protection | |
JP2900869B2 (en) | Database search system and database protection method | |
WO2018142291A1 (en) | Identity verification | |
US11509649B2 (en) | Exclusive self-escrow method and apparatus | |
US11316658B2 (en) | System and method for securing a database by scrambling data | |
CN109284615B (en) | Mobile equipment digital resource safety management method | |
TW201818288A (en) | Key sharing system and method thereof wherein a mobile device is used as the key sharing system | |
JP2001268067A (en) | Key recovery method and key management system | |
KR101386606B1 (en) | Method for controlling backup storage | |
EP1946478B1 (en) | Recovery of encrypted data from a secure storage device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A2 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A2 Designated state(s): GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
NENP | Non-entry into the national phase in: |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |