People use passwords and other personal authentication inputs frequently when accessing resources such as accounts, computers, and so forth. For example, a person may use a username, a password, and/or a personal identification number (PIN) to gain access to various digital accounts such as a bank account, an email account, and other personal information. Some entities use personal questions to verify an identity of a person requesting accesses to a restricted resource in addition to (or in lieu of) usernames/passwords. For example, a familiar personal question may ask for a maiden name of the requester's mother. In some instances, personal questions are used to recover a forgotten password.
Some people advise use of unique passwords for important accounts. A cautious person may use many unique combinations of usernames/passwords to gain access to an array of resources. This may limit a potential unauthorized access to other resources if the person's username and password for a given resource become known (e.g., a security breach by hackers, etc.) However, this imposes a difficult task for the person to remember and manage their passwords, secret answers, and so forth.
In addition, many resources impose unique personal questions which require the person to enter (and remember) personal question responses. Unfortunately, some personal questions may be ambiguous and/or and not direct the person to enter the exact personal question response upon presentation of the personal question.
Often, a guess limit is imposed by a resource when the person repeatedly enters an incorrect password or personal question response. For example, after five incorrect attempts, a resource may direct the person to an alternative method to gain access to the restricted resource, lock the resource for a predetermined amount of time, or take other action to limit improper or unauthorized access to the resource. In some instances, a person may reach a guess limit despite knowing the requested information, such as when the person repeatedly makes data entry mistakes or for other reasons, which may inconvenience the person, waste time, and impose an expense to pursue other resource access alternatives (e.g., calling a help desk).
Entities that control or design resources attempt to make it difficult for unauthorized users to gain access to their resources. The entities may take approaches to making it difficult to guess a person's username, password, PIN, or personal question response. For example, entities may use multiple personal questions when verifying the identity of a person. In this way, it would be difficult for an unauthorized person to correctly guess the correct response to multiple personal questions. However, entities must balance employing time-consuming and extensive security processes with allowing authorized people to have access to the resources.
Techniques to provide evidence-based dynamic scoring to limit guesses in knowledge based authentication are disclosed herein. In some aspects, an authenticator may receive an input from a user in response to a presentation of a personal question that enables a user to access a restricted resource. The authenticator may determine that the input is not equivalent to a stored value, and thus is an incorrect input. The authenticator may then determine whether the input is similar to a previous input received from the user. A score may be assigned to the input. When the input is determined to be similar to the previous input, the score may be reduced. Another request for an input may be transmitted by the authenticator when a sum of the score and any previous scores of the session is less than a threshold.
In another aspect, the authenticator may receive a new answer to a personal question. The authenticator may analyze a collection of received answers to the personal question to create a distribution of the received answers. Next, the authenticator may compare the new answer to the distribution of received answers. Finally, the authenticator may designate the new answer as a popular answer when an occurrence of the new answer in the distribution of received answers exceeds a popularity threshold. In some aspects, the authenticator may reject popular answers and request that a user enter a more specific answer. In further aspects, the authenticator may discontinue use of the personal question that generates the popular answer.
The detailed description is described with reference to the accompanying figures. In the figures, the left-most digit(s) of a reference number identifies the figure in which the reference number first appears. The same reference numbers in different figures indicate similar or identical items.
Overview
As discussed above, people typically have to input responses (answers) to authentication requests to gain access to a restricted resource. One way to make authentication requests more secure against unauthorized use, and yet more reliable in granting access to an authorized person, is to dynamically adjust scoring of wrong responses based on the type of response that is entered by the person. Thus, certain responses may be penalized more harshly when received in response to an authorization request, and thus reach a threshold faster, than other answers.
In some embodiments, answers may be assigned a score based on the popularity of the answer. The score may be summed after each answer and be periodically compared to the threshold, which may eventually trigger additional security to protect unauthorized access of the requested resource.
When the response is similar (e.g., lexicon or semantic variation, etc.) to an input (the correct answer, a previous response, etc.), then the response may receive a reduced score, which in effect would increase the margin between a summed score and the threshold as compared to a receipt of a response that is not similar to an entry.
In addition, answers to personal questions may be analyzed to determine whether an answer population or distribution indicates that the answer would be relatively easy to guess, and thus less secure than alternative answers. Similarly, answer distribution may be analyzed to selectively remove questions that do not result in selection of difficult-to-guess answers (i.e., favorite baseball team, favorite color, etc.).
The processes and systems described herein may be implemented in a number of ways. Example implementations are provided below with reference to the following figures.
Illustrative Environment
The authenticator 102 may be any computing device capable of receiving an input from the users 104, verifying the input against one or more stored instances of user information (text, hashes, etc.), and permitting the user access to a resource, either on the authentication device 102 or separate from the authentication device (e.g., residing a second computing device, etc.). For example, the authenticator 102 may be configured as one or more servers that are accessible via a network (e.g., the Internet). The authenticator 102 may also reside on a personal computer, such as a login prompt to gain access to an application, operating system (OS), or the like. Other examples of implementations of the authenticator 102 may include an electronic safe, a handheld computing device (mobile phone, voicemail server, video game console, music player, etc.), and so forth.
In some embodiments, the users 104 may communicate with the authenticator 102 via computing devices 106 (or simply “clients”). A non-exhaustive list of possible clients 106 may include a personal digital assistant 106(1), a personal computer 106(2), a mobile telephone 106(3), and a music player 106(n). For example, the user 104 may communicate with the authenticator 102 over the network 108 via the clients 106 such as by accessing a password protected website, a voicemail server, a download server, etc. In various embodiments, the users 104 may access the authenticator 102 directly without the use of one of the clients 106.
In embodiments where the authenticator 102 is accessed by one of the clients 106, information may be passed between the clients 106 and the authenticator 102. A user input 112 (response, answer, etc.) may be transmitted by the users 104 and received by the authenticator 102, such as in response to a personal authentication question presented to the user 104 by the authenticator 102. The authenticator 102 may then transmit a message 114 to the user 104 indicating a status of the input 112 as correct or incorrect, or the authenticator 102 may simply provide user access to the restricted resource. When the input 112 is an incorrect input in response to a request for personal authentication information, additional exchanges of data may occur between the users 104 and the authenticator 102 (via the clients 106 or by direct input). In particular, the authenticator 102 may provide the users 104 with additional attempts to provide the input 112 that is correct (i.e., matches a stored answer) by implementing evidence-based dynamic scoring to limit guesses in knowledge based authentication that does not terminate after receipt of a predetermined (static) number of incorrect instances of the inputs 112. When the authenticator is local (e.g., a personal computer, mobile phone, etc.), the user 104 may enter the input 112 directly into the authenticator (e.g., type, speak, etc.).
In various embodiments, the authenticator 102 may exchange communications with the users 104 to establish the correct input that is difficult to guess (strong), which is then stored by the authenticator 102 and used in comparisons with the input 112. The authenticator 102 may reject an input that is not strong, such that the input 112 exceeds a popularity threshold that may indicate the input 112 is relatively easy to guess or otherwise determine (e.g., systematic approach, etc.). Thus, the authenticator 102 may reject an attempt by the users 104 to establish an input 112 because the input 112 is too popular or for other reasons.
In some embodiments, the environment 100 may include a data provider 116, which may communicate with the authenticator 102 via data server(s) 118. In some embodiments, the data provider 116 may provide personal authentication questions during an authentication process with the users 104.
The data provider 116 may transmit data 120, such as personal question(s) and/or answers to the personal question(s), to the authenticator 102 for a security strength analysis. In response, the authenticator 102 may transmit an analysis 122 of the data 120. The analysis 122 may include a recommendation to discontinue use of a personal authentication question that results in answers having a relatively low distribution of all received answers, a population of many popular answers, or other aspects that make the answers relatively easy to guess or ascertain by unauthorized users.
As illustrated, the authenticator 102 may be equipped with one or more processors 124 and memory 126. The memory 126 may include applications, modules, and/or data. In some embodiments, the memory 126 may include an authentication manager 128, which may facilitate providing evidence-based dynamic scoring for personal knowledge based authentication. In some embodiments, the authentication manager 128 may also analyze personal knowledge based questions and/or answers to determine a relative strength of questions/answers such that they will provide relatively secure access to a resource.
The authentication manager 128 may include a number of modules such as a dynamic scoring module 130 and an authentication value strength module 132 (or simply “strength module”). In some embodiments, the dynamic scoring module 130 may dynamically adjust a number of times the users 104 may submit the input 112 to a personal authentication question before additional security measures are enacted by the authenticator 102. In various embodiments, the authentication value strength module 132 may assess and report the relative strength of a personal authentication question and/or answer. For example, the authentication value strength module 132 may reject a user selection of an answer as too popular and then prompt the authenticator 102 to request another answer from the user 104.
Illustrative Evidence-Based Dynamic Scoring
At 202 the authenticator 102 may receive an input from one of the users 104. The input (e.g., the input 112) may be submitted by the user 104 in response to a request for personal information from a knowledge based authentication process. For example, the received input may be an answer to a personal question (e.g., “What is your mother's maiden name?”, “What is the name of your high school?”, etc.) and/or a password, PIN, or other response to a knowledge based authentication question.
At 204, the authenticator 102 may determine if the received input is similar to a stored answer (correct answer) and/or a previous input received from the user 104. For example, the user 104 may accidently hit an extra key when typing the input. In such an instance, the input may be a lexicon of a previous input (or stored answer) with the exception of the extra input (e.g., typed “superdaad” instead of “superdad” as password, etc.). In another example, the received input may be semantically similar to a previous input (or stored answer). For example, a personal knowledge question may ask “Where were you born?” A received input of “Twin Cities” may be semantically similar to “Minneapolis” (previous input or stored answer).
At 206, the authenticator 102 may reduce a score associated with the input when the input is similar (e.g., lexicon, semantic, etc.) to a previous input and/or stored answer. Each input may have an associated score that is ultimately used to restrict the user 104 from indefinitely providing inputs to the authenticator 102. The score may be reduced by a multiplier or a function to lessen a negative impact of an incorrect input when the incorrect input is similar to the previous input and/or stored answer. For example, a score may be equal to 0.5, but reduced to 0.25 when the input is determined to be similar at the operation 206. In some embodiments, the score reduction may be based on an inverse function of the popularity of the score. Thus, a more popular input that is similar to another input may have a score reduced by a smaller amount that a score associated with an input that is less popular.
At 208, the authenticator 102 may provide another opportunity for the user 104 to submit an input to gain access to a resource when the score does not reach a threshold. For example, a threshold may be established that, when reached or exceeded, directs the authenticator 102 to enact additional security to protect unauthorized access to the restricted resource. The score may be summed (accumulated) after each incorrect input by the user. For example, the score may be 0.5 after a first input, 0.7 after a second input (+0.2) and 1.2 after a third input (+0.4). When the threshold is set to 1.0, the user 104 may not be provided with a fourth opportunity to provide the input to the personal knowledge based question and/or additional security measures may be implemented before allowing the user 104 to gain access to the restricted resource.
At 302, the authenticator 102 may receive an input (e.g., the input 112) from one of the users 104. For example, the user 104 may submit the input in response to a presentation of a personal authentication question, username/password request, or the like, which may ultimately enable the user 104 to obtain access to a restricted resource.
At 304, the authenticator 102 may determine whether the received input is a match with a stored (correct) answer (e.g., text, hash, etc.). The authenticator 102 may grant access to the restricted resource at 306 when the received input matches a stored answer. However, when the input is not a match with the stored answer, further processing may be warranted to enable the user 104 an additional opportunity to enter an input that matches the stored answer.
At 308, a score is assigned to the received input. The score may be a fixed score for each input or it may vary based on the input. For example, the score may always be assigned a valued of 0.25. In another example, the score may be based on the popularity of the input in comparison to other answers received by the authenticator 102, where an input that is popular may receive a higher score than an input that is unpopular.
At 310, the score may be compared to a threshold value. The threshold value may be a predetermined value that, when either reached or surpassed, triggers the authenticator 102 to deny access to the restricted resource at 312. In some embodiments, the threshold may be a fixed number (unchanging), however in various embodiments the threshold may be adjusted based on various factors that are described below.
At 314, the authenticator 102 may transmit another request for an input to the user 104 when the score does not reach (or exceed) the threshold at the operation 310. At 316, the authenticator 102 may receive the other input from the user 104. The received input from the operation 316 may then be compared to the stored answer at 318 (similar to the operation 304). The authenticator 102 may grant access to the restricted resource at 306 when the received input matches the stored answer.
At 320, the authenticator 102 may determine whether the input is similar to a previous input. For example, the received input at 316 may be a same incorrect answer as received at 302, a lexicon string of characters (extra letter, missing letter, etc.), a semantically similar word (“Twin Cities” instead of “Minneapolis”), or similar by another metric.
At 322, the score is calculated as an incremental score without a reduction when no input similarity is determined at the operation 320. For example, the score may be computed as the score from the operation 308 in addition to a score assigned from the incorrect input determined at 318 (plus any other previous scores due to the loop of the process 300) to generate a total score.
When the authenticator 102, via the dynamic scoring module 130, determines that the received input at 316 is similar to the input at 302 (or, in some embodiments, another previous input), then the authenticator 102 may calculate the score with a similarity reduction at 324. The similarity reduction may, in effect, act to increase a number of “tries” or times the user 104 can provide the input to gain access to the restricted resource, thus resulting in a “dynamic scoring.” In some embodiments, the similarity reduction may be a based on a grouping (bucket) where input ranges have fixed reduction values, reduction values that correlate to a popularity of the input, or by other relationships between the inputs that can be used to reduce the score.
In accordance with various embodiments, the score computed at either the operation 322 or the operation 324 may be compared to the threshold at the operation 310. In this way, the user may have additional opportunities to enter the input to gain access to the restricted resource. The user may be more likely to receive additional opportunities to submit an input when the user previously enters inputs that are determined to be similar at the operation 320, thus resulting in a reduced incremental score at the operation 324.
At 402, the authenticator 102 may transmit a request for an input to one of the users 104. The input (e.g., a response to a personal authentication question, password, etc.) may enable the user to access a restricted resource when the input matches the stored answer. The authenticator 102 may receive the input at 404.
At 406, the authenticator 102 may determine whether the received input is a match with a stored (correct) answer (e.g., text, hash, etc.). The authenticator 102 may grant access to the restricted resource at 408 when the received input matches a stored answer. However, when the input is not a match with the stored answer, further processing may be warranted to enable the user 104 an additional opportunity to enter an input that matches the stored answer.
At 410, the authenticator 102 may determine an incremental score for the received input at 404 based on a popularity of the input. For example, an input that is relatively more popular may receive a higher score than an input that is relatively less popular. Popularity may be measured using historical data (previous inputs received by other users), by surveys, or by other sources.
In some embodiments, the score may be computed based on the percent of known answers received as the input (e.g., 30% of people provide this input, thus score is 0.3, etc.). In various embodiments, the incremental score for a range of scores may be assigned a single representative score (e.g., a grouped score, bucket score, etc.). For example, three groupings of scores may be used that correlate to the popularity of the input. Illustrative grouping values of 0.2, 0.35, and 0.5 may be used as group scores, such that each score may be assigned one of the grouping values (0.2, 0.35, 0.5). In an example, a score based on popularity of 0.11 may be assigned a grouping score of 0.2 while a score based on popularity of 0.38 may be assigned a grouping score of 0.35 (or in some instances 0.5 when values are rounded up). For purposes of discussion, the incremental score, whether a grouping score, pure popularity score, etc., will be referred to simply as the “score.”
At 412, the authenticator 102 may determine whether the received input at 404 is a lexicon match to a stored value. In some embodiments, the stored value may be limited to previous inputs (via the operations 404 using a loop function). In various embodiments, the stored value may also include the stored answer, which is the correct answer necessary to grant access to the restricted resource at 408. A lexicon match may be determined using software algorithms that determine an edit distance. Further discussion of the lexicon match is provided in a discussion of
At 414, the authenticator 102 may determine whether the received input at 404 is a semantic match to the stored value. A semantic match may be determined using comparison algorithms that compare data using lookup tables. For example, a semantic match may occur when the user 104 enters an input that is a synonym of a previous input, among other possible semantic matches. Further discussion of the semantic match is provided in a discussion of
When either the lexicon match or the semantic match is positive (a match is made), then the authenticator 102 may assign a reduction value at 416. However, when both the lexicon match and the semantic match are false (no match), then the authenticator 102 may not assign a reduction value at 418. The reduction value may be a static number, vary based on the popularity of the received input at the operation 404, vary based on groupings (buckets) that each have a different reduction value, and so forth.
At 420, the authenticator 102, via the dynamic scoring module 130, may calculate the score and apply any reduction value from the operation 416. For example, a bucket score for an input may be assigned the score of 0.35. However, the received input at 404 (e.g., “superddad”) may be a lexicon match of a previous input (e.g., “superdad”). In this instance, a reduction value may be assigned, such as 25% or another value used to reduce the incremental score, such that the score 0.35 may be reduced to 0.0875 (0.35×0.25=0.0875).
In some embodiments, the score that is reduced by the reduction value may be the lesser of two or more received scores, and not necessarily the determined incremental score from operation 410. For example, a first input may be assigned a score of 0.2 while a second input may be assigned a score of 0.5. When the second input is determined to be semantically similar (or a lexicon match) to the first input, a reduction value may be assigned at 414, which may then be applied to the lesser of the two scores (i.e. 0.2). In this way, it may not be advantageous for a user to provide a more popular input after providing a less popular input in order to receive additional opportunities at entering the input.
At 422, the score may be compared to a threshold value. The threshold value may be a predetermined value that, when either reached or surpassed, triggers the authenticator 102 to deny access to the restricted resource at 424. When the threshold is not either reached or exceeded (depending on the implementation), then the process 400 may continue at 402 where the authenticator 102 requests another input from the user 104.
In some embodiments, a computer algorithm may compute an edit distance to determine whether a lexicon match exists based on evaluators 426(1)-426(n). A non-exhaustive list of the evaluators may include an extra letter 426(1), a missing letter 426(2), a letter order 426(3), a letter swap 426(4), an inverted capitalization 426(5), and other possible edit changes 426(n). The evaluators may be used individually or in any combination to create a total edit distance. When the total edit distance is within a lexicon threshold, then the authenticator 102 may determine that a lexicon match exists at the operation 412. In an example, a first input of “Brooklyn” in comparison to a second input of “Brooklyn, N.Y.” may have an edit distance of three when using the evaluator of the extra letter 426(1), which may be determined to be a lexicon match at the operation 412.
In some embodiments, the computed edit distance may be influence the size of the reduction in the incremental score received at 416. For example, a lower edit distance may result in a greater reduction in the incremental score at 416 because the input is closer to a previous input than when the edit distance is a larger value.
In some embodiments, an input may be determined to be semantically similar to another input and/or the correct answer based on a term comparison (e.g., comparison of an input to another input, etc.). The term comparison may be made using one or more of the evaluators 428(1)-428(n). A non-exhaustive list of the evaluators may include a thesaurus 428(1), user survey data 428(2), user history data 428(3), search results/queries 428(4), and other databases 428(n).
In an example, the term comparison using the thesaurus 428(1) may associate a first input as a synonym of a second input, and thus designate the input as a semantic match at the operation 414. In a second example, an input of a location (e.g., “New York”) may be determined to be semantically similar to an input of another location that may be synonymous with the first inputted location (e.g., “Manhattan”) via a database 428(n) of locations, which may result in a semantic match at the operation 414. In a third example, the search results/queries 428(4) may be used to determine relationships between inputs based on terms two terms that are have a correlation based on search results and/or search queries. For example, search results for an input that result in a predetermined percentage of results (hits) having the second term may result in a semantic match at the operation 414. In a final example, the first input of “Brooklyn” in comparison to the second input of “Brooklyn, N.Y.” may be determined to be a semantic match at the operation 414 because they identify the same location, which could again be verified by the database 428(n). In such an instance, both a semantic match and lexicon match are possible.
Illustrative Authentication Strength Assessment
As discussed in the overview and with reference to
At 502, the authenticator 102 may transmit a request for an answer to a new personal question, which may be used to enable the user 104 to gain access to a restricted resource, such as using one of the processes 200, 300, or 400 discussed above. At 504, the authenticator may receive an answer from the user 104 in response to the operation 502.
At 506, the authenticator 102 may determine the popularity of the answer in comparison to other users' answers (e.g., survey answers, actual answer stored in a database, etc.). At 508, the authenticator 102 may determine whether the received answer at 504 is within a threshold that determines that the answer is relatively difficult to guess (i.e., strong answer). In some embodiments, the threshold may be set at a percentage of the answers. For example, when the threshold is 10% and 11% of users have selected the received answer at the operation 504, the threshold would be surpassed and the authenticator 102 would request another answer at 510. For example, the authenticator 102 may request the user 104 to input a more specific answer (e.g., “Bronx” instead of “New York”, etc.). However, if the answer is within the threshold at 508, then the authenticator 102 may store the answer as a correct answer (input) at 512.
At 602, the authenticator 102 may transmit a question to one of the users 104 and receive an answer (i.e. the input 112) at 604. The authenticator 102 may then evaluation the answer distribution to determine whether the answer distribution is large enough to continue use of the question at operation 606, which may be determined using a limit at 608.
When the answer distribution is too small (e.g., below a limit) at 608, the question may be discontinued at 610. At 612, a new question may be presented to the user. However, when the answer distribution is not too small (e.g., outside of a limit), then the authenticator 102 may store the answer as the correct answer (input) at 614.
In some embodiments, the data provider 116 may submit questions and/or answers to the authenticator 102 via the data server(s) 118 for evaluation using the processes 500 and/or 600. In this way, the data providers 116 may be able to offer restricted access to resources that is unlikely to be compromised by unauthorized users that exploit popular answers.
Illustrative Computing System
In a very basic configuration, the authentication device 800 typically includes at least one processing unit 802 and system memory 804. Depending on the exact configuration and type of authentication device, the system memory 804 may be volatile (such as RAM), non-volatile (such as ROM, flash memory, etc.) or some combination of the two. The system memory 804 typically includes an operating system 806, one or more program modules 808, and may include program data 810. The operating system 906 includes a component-based framework 912 that supports components (including properties and events), objects, inheritance, polymorphism, reflection, and provides an object-oriented component-based application programming interface (API). The authentication device 800 is of a very basic configuration demarcated by a dashed line 814. Again, a terminal may have fewer components but will interact with a computing device that may have such a basic configuration.
The authentication device 800 may have additional features or functionality. For example, the authentication device 800 may also include additional data storage devices (removable and/or non-removable). Such additional storage is illustrated in
The authentication device 800 may also contain communication connections 824 that allow the device to communicate with other computing devices 826 (e.g., the data server(s) 118, etc.), such as over the network 108. The network(s) 108 may include wired networks as well as wireless networks. The communication connections 824 are one example of communication media. The communication media may typically be embodied by computer readable instructions, data structures, program modules, etc.
It is appreciated that the illustrated authentication device 800 is only one example of a suitable device and is not intended to suggest any limitation as to the scope of use or functionality of the various embodiments described. Other well-known computing devices, systems, environments and/or configurations that may be suitable for use with the embodiments include, but are not limited to personal computers, server computers, hand-held or laptop devices, multiprocessor systems, microprocessor-based systems, set top boxes, game consoles, programmable consumer electronics, network PCs, minicomputers, mainframe computers, distributed computing environments that include any of the above systems or devices, and/or the like. For example, some or all of the components of the authentication device 800 may be implemented in a cloud computing environment, such that resources and/or services are made available via a computer network for selective use by client devices.
The dynamic scoring module 130 may also include a similarity module 904 to determine whether an input is similar to a previous input, and in some embodiments, to the stored answer. The similarity module 904 may perform the lexicon match 412 using one or more of the evaluators 426(1)-(n) and/or the semantic match 414 using one or more of the evaluators 428(1)-428(n). The dynamic scoring module 130 may then reduce an incremental score, which is ultimately compared to a threshold, which may enable the user 104 to enter another input to gain access to the restricted resource. The reduction may be based at least in part on an edit distance value.
The authentication value strength module 132 (or simply “strength module”) may include an answer analyzer 906 and a question analyzer 908. The answer analyzer 906 may evaluate the answer distribution of answers as described in the process 600. The answer analyzer 906 may use one or more data sources, such as user history, survey data, etc., to determine whether an answer is too popular, and thus does not provide an acceptable selection as an answer to a knowledge based personal authentication questions used to allow a user to obtain access to a restricted resource.
In various embodiments, the question analyzer 908 may evaluate the answer distribution of answers to questions as described in the process 700. The question analyzer 906 may use one or more data sources, such as user history, survey data, etc., to determine whether a question leads to answers with a low answer distribution (e.g., popular answers), and thus does not generate answers that provide secure access to the requested resource.
Although the techniques have been described in language specific to structural features and/or methodological acts, it is to be understood that the appended claims are not necessarily limited to the specific features or acts described. Rather, the specific features and acts are disclosed as exemplary forms of implementing such techniques.
Number | Name | Date | Kind |
---|---|---|---|
5035625 | Munson et al. | Jul 1991 | A |
5180309 | Egnor | Jan 1993 | A |
5276737 | Micali | Jan 1994 | A |
5712913 | Chaum | Jan 1998 | A |
5719560 | Watkins | Feb 1998 | A |
5719941 | Swift et al. | Feb 1998 | A |
5774588 | Li | Jun 1998 | A |
5793951 | Stein et al. | Aug 1998 | A |
5822544 | Chaco et al. | Oct 1998 | A |
5907618 | Gennaro et al. | May 1999 | A |
5920630 | Wertheimer et al. | Jul 1999 | A |
5948054 | Nielsen | Sep 1999 | A |
6026163 | Micali | Feb 2000 | A |
6058188 | Chandersekaran et al. | May 2000 | A |
6067444 | Cannon et al. | May 2000 | A |
6073099 | Sabourin et al. | Jun 2000 | A |
6128735 | Goldstein et al. | Oct 2000 | A |
6141423 | Fischer | Oct 2000 | A |
6157920 | Jakobsson et al. | Dec 2000 | A |
6160891 | Al-Salqan | Dec 2000 | A |
6216229 | Fischer | Apr 2001 | B1 |
6249585 | McGrew et al. | Jun 2001 | B1 |
6289353 | Hazlehurst et al. | Sep 2001 | B1 |
6291399 | Henmi et al. | Sep 2001 | B1 |
6389136 | Young et al. | May 2002 | B1 |
6487411 | Laakso et al. | Nov 2002 | B1 |
6594684 | Hodjat et al. | Jul 2003 | B1 |
6755661 | Sugimoto | Jun 2004 | B2 |
6941459 | Hind et al. | Sep 2005 | B1 |
6954755 | Reisman | Oct 2005 | B2 |
7082429 | Lin et al. | Jul 2006 | B2 |
7106845 | Zhuk et al. | Sep 2006 | B1 |
7178065 | Dinker et al. | Feb 2007 | B2 |
7181017 | Nagel et al. | Feb 2007 | B1 |
7263717 | Boydstun et al. | Aug 2007 | B1 |
7330971 | Kukreja et al. | Feb 2008 | B1 |
7634800 | Ide et al. | Dec 2009 | B2 |
7788708 | Doane et al. | Aug 2010 | B2 |
7827183 | Fraser et al. | Nov 2010 | B2 |
7831836 | Beck et al. | Nov 2010 | B2 |
7860706 | Abir | Dec 2010 | B2 |
7954144 | Ebrahimi et al. | May 2011 | B1 |
8015606 | Jevans et al. | Sep 2011 | B1 |
8024280 | Jessus et al. | Sep 2011 | B2 |
8042039 | Anderson | Oct 2011 | B2 |
8078881 | Liu | Dec 2011 | B1 |
8346701 | Wang et al. | Jan 2013 | B2 |
8364952 | Ho et al. | Jan 2013 | B2 |
8380511 | Cave et al. | Feb 2013 | B2 |
8397291 | Miyazaki et al. | Mar 2013 | B2 |
8489388 | Bonnet et al. | Jul 2013 | B2 |
8505075 | Jevans et al. | Aug 2013 | B2 |
8566247 | Nagel et al. | Oct 2013 | B1 |
20010037328 | Pustejovsky et al. | Nov 2001 | A1 |
20020067832 | Jablon | Jun 2002 | A1 |
20020111934 | Narayan | Aug 2002 | A1 |
20020111941 | Roux et al. | Aug 2002 | A1 |
20020123994 | Schabes et al. | Sep 2002 | A1 |
20030004828 | Epstein | Jan 2003 | A1 |
20030050959 | Faybishenko et al. | Mar 2003 | A1 |
20030088544 | Kan et al. | May 2003 | A1 |
20030105959 | Matyas et al. | Jun 2003 | A1 |
20030149900 | Glassman et al. | Aug 2003 | A1 |
20030154406 | Honarvar et al. | Aug 2003 | A1 |
20030182584 | Banes et al. | Sep 2003 | A1 |
20030191627 | Au | Oct 2003 | A1 |
20040078775 | Chow et al. | Apr 2004 | A1 |
20040133812 | Ohmori et al. | Jul 2004 | A1 |
20040141508 | Schoeneberger et al. | Jul 2004 | A1 |
20040233040 | Lane et al. | Nov 2004 | A1 |
20040255169 | Little et al. | Dec 2004 | A1 |
20040260694 | Chaudhuri et al. | Dec 2004 | A1 |
20050004905 | Dresden | Jan 2005 | A1 |
20050015376 | Fraser et al. | Jan 2005 | A1 |
20050027583 | Smit et al. | Feb 2005 | A1 |
20050044156 | Kaminski et al. | Feb 2005 | A1 |
20050060643 | Glass et al. | Mar 2005 | A1 |
20050096012 | Borella et al. | May 2005 | A1 |
20050177750 | Gasparini et al. | Aug 2005 | A1 |
20050192792 | Carus et al. | Sep 2005 | A1 |
20050198537 | Rojewski | Sep 2005 | A1 |
20050235008 | Camping et al. | Oct 2005 | A1 |
20050246534 | Kirkup et al. | Nov 2005 | A1 |
20050251390 | Catchpole | Nov 2005 | A1 |
20050266387 | Rossides | Dec 2005 | A1 |
20050278292 | Ohi et al. | Dec 2005 | A1 |
20050287507 | Inandik | Dec 2005 | A1 |
20060026227 | Shaughnessy et al. | Feb 2006 | A1 |
20060037075 | Frattura et al. | Feb 2006 | A1 |
20060041932 | Cromer et al. | Feb 2006 | A1 |
20060235824 | Cheung et al. | Oct 2006 | A1 |
20060277157 | Seidl et al. | Dec 2006 | A1 |
20060282660 | Varghese et al. | Dec 2006 | A1 |
20060287984 | Chen et al. | Dec 2006 | A1 |
20060294390 | Navratil et al. | Dec 2006 | A1 |
20070050638 | Rasti | Mar 2007 | A1 |
20070061871 | Simpkins et al. | Mar 2007 | A1 |
20070074262 | Kikkoji et al. | Mar 2007 | A1 |
20070078973 | Kussmaul et al. | Apr 2007 | A1 |
20070088952 | Hewitt et al. | Apr 2007 | A1 |
20070106499 | Dahlgren et al. | May 2007 | A1 |
20070192248 | West | Aug 2007 | A1 |
20070196804 | Yoshimura et al. | Aug 2007 | A1 |
20070208948 | Costa-Requena et al. | Sep 2007 | A1 |
20070219781 | Roche et al. | Sep 2007 | A1 |
20070233611 | Boyd et al. | Oct 2007 | A1 |
20070234343 | Gouge et al. | Oct 2007 | A1 |
20070276623 | Kund et al. | Nov 2007 | A1 |
20070276653 | Greenwald et al. | Nov 2007 | A1 |
20070294229 | Au | Dec 2007 | A1 |
20080010678 | Burdette et al. | Jan 2008 | A1 |
20080016011 | Moore | Jan 2008 | A1 |
20080065471 | Reynolds et al. | Mar 2008 | A1 |
20080077799 | Labaton | Mar 2008 | A1 |
20080083021 | Doane et al. | Apr 2008 | A1 |
20080127296 | Carroll et al. | May 2008 | A1 |
20080133396 | De La Motte | Jun 2008 | A1 |
20080133671 | Kalaboukis | Jun 2008 | A1 |
20080147788 | Omoigui | Jun 2008 | A1 |
20080149518 | Macor | Jun 2008 | A1 |
20080153595 | Chickering et al. | Jun 2008 | A1 |
20080155619 | Constantinof | Jun 2008 | A1 |
20080175377 | Merrill | Jul 2008 | A1 |
20080201132 | Brown et al. | Aug 2008 | A1 |
20080201133 | Cave et al. | Aug 2008 | A1 |
20080216172 | Forman et al. | Sep 2008 | A1 |
20080243811 | He et al. | Oct 2008 | A1 |
20080294637 | Liu | Nov 2008 | A1 |
20080307040 | So | Dec 2008 | A1 |
20080313461 | Detienne | Dec 2008 | A1 |
20080313721 | Corella | Dec 2008 | A1 |
20090012926 | Ishikawa et al. | Jan 2009 | A1 |
20090024385 | Hirsch | Jan 2009 | A1 |
20090064101 | Boss et al. | Mar 2009 | A1 |
20090067756 | Meyer et al. | Mar 2009 | A1 |
20090070311 | Feng | Mar 2009 | A1 |
20090089876 | Finamore et al. | Apr 2009 | A1 |
20090106134 | Royyuru | Apr 2009 | A1 |
20090106846 | Dupray et al. | Apr 2009 | A1 |
20090112828 | Rozenblatt | Apr 2009 | A1 |
20090119371 | Chang et al. | May 2009 | A1 |
20090141986 | Boncyk et al. | Jun 2009 | A1 |
20090144724 | Little | Jun 2009 | A1 |
20090150217 | Luff | Jun 2009 | A1 |
20090158030 | Rasti | Jun 2009 | A1 |
20090158406 | Jancula et al. | Jun 2009 | A1 |
20090171925 | Elder | Jul 2009 | A1 |
20090182728 | Anderson | Jul 2009 | A1 |
20090204594 | Akkiraju et al. | Aug 2009 | A1 |
20090220091 | Howard | Sep 2009 | A1 |
20090226872 | Gunther | Sep 2009 | A1 |
20090241183 | Boss et al. | Sep 2009 | A1 |
20090241201 | Wootton et al. | Sep 2009 | A1 |
20090248665 | Garg et al. | Oct 2009 | A1 |
20090271849 | Kodama et al. | Oct 2009 | A1 |
20090292687 | Fan et al. | Nov 2009 | A1 |
20090313696 | Himberger et al. | Dec 2009 | A1 |
20100019026 | Hochfield et al. | Jan 2010 | A1 |
20100049790 | Schreiber | Feb 2010 | A1 |
20100083371 | Bennetts et al. | Apr 2010 | A1 |
20100114989 | Cormode et al. | May 2010 | A1 |
20100161596 | Yan et al. | Jun 2010 | A1 |
20100161601 | Gruber | Jun 2010 | A1 |
20100169244 | Zeljkovic et al. | Jul 2010 | A1 |
20100169338 | Kenedy et al. | Jul 2010 | A1 |
20100180324 | Karur | Jul 2010 | A1 |
20100191686 | Wang et al. | Jul 2010 | A1 |
20100229223 | Shepard et al. | Sep 2010 | A1 |
20100235311 | Cao et al. | Sep 2010 | A1 |
20100262454 | Sommer et al. | Oct 2010 | A1 |
20100262463 | Tryfon | Oct 2010 | A1 |
20100273139 | Doppelt et al. | Oct 2010 | A1 |
20100279267 | Swanson | Nov 2010 | A1 |
20110202982 | Alexander et al. | Aug 2011 | A1 |
20120291137 | Walsh et al. | Nov 2012 | A1 |
20140324722 | Schechter et al. | Oct 2014 | A1 |
Number | Date | Country |
---|---|---|
WO2005045550(A2) | May 2005 | WO |
Entry |
---|
Innerhofer-Oberperffer, “Using Approximate String Matching Techniques to Join Street Names of Residential Addresses”, 2004. |
Cambridge University Press, “Edit Distance”, 2008. |
Asgharpour et al., “Adaptive Challenge Questions Algorithm in Password Reset/Recovery”. |
Rabkin, “Personal Knowledge questions for fallback authentication: Security questions in the era of Facebook”, 2008. |
Tsai et al., “Exploiting Full Parsing Information to Label Semantic Roles Using an Ensemble of ME and SVM via Integer Linear Programming”, 2005. |
Bojars et al., “Using the Sementic Web for linking and reusing data across Web 2.0 communities”, 2007. |
Risson et al., “Survey of research towards robust peer-to-peer networks: Search methods”, 2006. |
Rosenfield, “A maximum entropy approach to adaptive statistical language modelling”, 1996. |
Chen et al., “A maximum entropy approach to feature selection in knowledge-based authentication”, 2008. |
O'Gorman et al., “Query-directed passwords”, 2005. |
Chen et al., “Bayesian Networks for Knowledge-Based Authentication”, 2007. |
Merriam-Webster online dictionary, “computer”, 2015. |
“Account Password Recovery, Welcome to the Windows LiveID Account Recovery Help Page”, retrieved on May 25, 2010 at <<https://support.live.com/eform.aspx?productKey=wlidvalidation&ct=eformcs&scrx=1>>, Microsoft Corporation, 2010, pp. 1. |
Brainard, et al., “Fourth-Factor Authentication: Somebody You Know”, retrieved on May 24, 2010 at <<http://www.google.co.in/search?hl=en&source=hp&q=Fourth-factor+authentication%3A+somebody+you+know&aq=f&aqi=&aql=&oq=&gs—rfai=>>, ACM, Proceedings of Conference on Computer and Communications Security (CCS), Alexandria, VA, Oct. and Nov. 2006, pp. 168-178. |
Brostoff, et al., “Ten Strikes and you're out': Increasing the Number of Login Attempts can Improve Password Usability”, retrieved on May 24, 2010 at <<http://www.andrewpatrick.ca/CHI2003/HCISEC/hcisec-workshop-brostoff-2.pdf>>, John Wiley, Proceedings of Workshop on Human-Computer Interaction and Security Systems (CHI), Fort Lauderdale, FLA, Apr. 2003, pp. 1-4. |
“Contact Us—Google Accounts Help”, retrieved on May 25, 2010 at <<http://www.google.com/support/accounts/bin/request.py?h1=en&contact—type=ara&ctx=account&uses—apps=no&product=other&submit=continue>>, Google, 2010, pp. 1-2. |
“Hacker impersonated Palin, Stole E-Mail Password”, retrieved on May 24, 2010 at <<http://www.breitbart.com/article.php?id=D939AO101>>, The Associated Press, 2008, pp. 1-2. |
Jakobsson, et al., “Love and Authentication”, retrieved on May 24, 2010 at <<http://www.ravenwhite.com/files/chi08JSWY.pdf>>, ACM, Proceedings of Conference on Human Factors in Computing Systems (CHI), Florence, IT, Apr. 2008, pp. 197-200. |
“NetBank—Demos overview—Commonwealth Bank”, retrieved on May 24, 2010 at <<http://www.commbank.com.au/netbank/netcodesms/>>, Commonwealth Bank of Australia, 2010, pp. 1. |
Non-Final Office Action for U.S. Appl. No. 12/466,246, mailed on Oct. 11, 2011, Stuart Schechter, “Social Authentication for Account Recovery”, 29 pages. |
Podd, et al., “Cost-effective Computer Security: Cognitive and Associative Passwords”, retrieved on May 24, 2010 at <<http://www.computer.org/plugins/dl/pdf/proceedings/ozchi/1996/7525/00/75250304.pdf? template=1&loginState=1&userData=anonymous-IP%253A%253AAddress%253A%2B203.8.109.15%252C%2B%255B172.16.161.4%252C%2B203.8.109.15%252C%2B127.0.0.1%255D>>, IEEE Proceedings of Australian Conference on Computer-Human Interaction (OZCHI), Nov. 1996, pp. 304-305. |
Rabkin, “Personal Knowledge Questions for Fallback Authentication: Security Questions in the era of Facebook”, retrieved on May 24, 2010 at <<http://cups.cs.cmu.edu/soups/2008/proceedings/p13Rabkin.pdf>>, ACM, Proceedings of Symposium on Usable Privacy and Security (SOUPS), Pittsburgh, PA, Jul. 2008, pp. 13-23. |
Schechter, et al., “It's no secret, Measuring the Security and Reliability of Authentication via ‘Secret’ Questions”, retrieved on May 24, 2010 at <<http://guanotronic.com/˜serge/papers/oakland09.pdf>>, IEEE Symposium on Security and Privacy, May 2009, pp. 375-390. |
Vu, et al., “Improving Password Security and Memorability to Protect Personal and Organizational Information”, retrieved on May 24, 2010 at <<http://homes.cerias.purdue.edu/˜bhargav/pdf/VulJHCS07.pdf>>, Elsevier Ltd., International Journal of Human-Computer Studies, vol. 65, Aug. 2007, pp. 744-757. |
Zviran, et al., “User Authentication by Cognitive Passwords: an Empirical Assessment”, retrieved on May 24, 2010 at <<http://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=00128279>>, IEEE Proceedings of Conference on Information Technology, Jerusalem, IL, Oct. 1990, pp. 137-144. |
Fox, “It's all in the atmosphere”, 62 Fordham Law Review, vol. 62, 1993-1994, 7 pages. |
Garfinkel, “Email-Based Identification and Authentication: An Alternative to PKI?”, IEEE Security and Privacy, Nov. and Dec. 2003, 7 pages. |
Heilman, “Liability of the Trustee for the Acts of His Delegate”, Dickinson Law Review, Oct. 1947, 13 pages. |
Karnin et al., “On Secret Sharing Sytems”, IEEE Transaction on Information Theory, vol. IT-29, No. 1, Jan. 1983, 7 pages. |
Kent, “Privacy Enhancement for Internet Electronic Mail: Part II: Certificate Based Key Management”, retrieved Oct. 14, 2012, at <http://tools.ieti.org/htmal/rfc1422>, RFC 1422, Feb. 2003, 32 pages. |
Landru et al., “Protecting a Potential Pensioner's Pension—An Overview of Present and Proposed Law on Trustees' Fiduciary Obligations and Vesting”, Brooklyn Law Review, vol. 40, No. 3., Winter 1974, 61 pages. |
Office action for U.S. Appl. No. 12/466,246, mailed on Nov. 9, 2012, Schechter et al., “Social Authentication for Account Recovery”, 64 pages. |
Van Vesor Wolf etal., “Trustee Enviornmental Liability: Avoiding the Quagmire”, Enviornmental Claims Journal, vol. 6, Spring 1994, 1 page. |
Bellare, et al., “Encapsulated Key Escrow”, Technical Report, Massachusetts Institute of Technology, Available at <, http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.137.367>>, Nov. 1996, 28 pgs. |
Office Action for U.S. Appl. No. 12/466,246, mailed on Mar. 1, 2012, Stuart Schechter, “Social Authentication for Account Recovery”, 51 pgs. |
Schechter, et al., “Its Not What You Know, But Who You Know—A Social Approach to Last-Resort Authentication”, In the Proceedings of the 27th International Conference on Human Factors in Computing Systems, Apr. 2009, pp. 1983-1992. |
Office action for U.S. Appl. No. 12/466,246, mailed on Apr. 22, 2013, Schechter et al., “Social Authentication for Account Recovery”, 71pages. |
Number | Date | Country | |
---|---|---|---|
20100293608 A1 | Nov 2010 | US |