Who is the assignee on this patent?

Jakobsson Bjorn Markus, Paypal Inc

What technology area does this patent fall under?

Primary CPC classification G06F21/46. Mapped technology areas include Physics.

When was this patent published?

Publication date Tue Oct 18 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Password check by decomposing password

US9471772B2 · US · B2

Patent metadata
Field	Value
Publication number	US-9471772-B2
Application number	US-201213460378-A
Country	US
Kind code	B2
Filing date	Apr 30, 2012
Priority date	Jun 1, 2011
Publication date	Oct 18, 2016
Grant date	Oct 18, 2016

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

A proposed password is decomposed into basic components to determine and score transitions between the basic components and create a password score that measures the strength of the proposed password based on rules, such as concatenation, insertion, and replacement. The proposed password is scored against all known words, such as when a user is first asked to create a password for an account or access. The proposed password can also be scored against one or more previous passwords for the user, such as when the user is asked to change the user's previous password, to determine similarity between the two passwords.

First claim

Opening claim text (preview).

What is claimed is: 1. A system, comprising: a non-transitory memory; and one or more hardware processors coupled to the non-transitory memory and configured to read instructions from the non-transitory memory to cause the system to perform operations comprising: receiving, by a service provider, a password from a user; decomposing the password into components contained in the password; determining whether the password is formed by the components using one or more rules of concatenation, insertion, and replacement; determining a score for the password based on the one or more rules used for forming the password with at least one rule having a different weighting than another rule; and comparing the score to a threshold score. 2. The system of claim 1 , wherein the operations further comprise accepting the password if the score is greater than or equal to the threshold score. 3. The system of claim 1 , wherein the components comprise known words, names, numbers, and characters. 4. The system of claim 1 , wherein the password is formed using all the rules. 5. The system of claim 1 , wherein none of the rules have the same weight. 6. The system of claim 1 , wherein the password is a proposed password by the user. 7. The system of claim 1 , wherein an initial score is assigned to the password based on types of individual characters used for forming the password and wherein the score is determined by updating the initial score based on whether the password is formed by the components using the one or more of the rules of concatenation, insertion, and replacement. 8. The system of claim 1 , wherein the operations further comprise comparing similarities between the password and a second password for the user, determining a similarity score between the password and the second password based on the comparing; and comparing the similarity score to a threshold. 9. The system of claim 1 , wherein the password is flagged by the service provider if the score is below the threshold score. 10. A system, comprising: a non-transitory memory; and one or more hardware processors coupled to the non-transitory memory and configured to read instructions from the non-transitory memory to cause the system to perform operations comprising: receiving a first password from a user; retrieving a second password for the user; decomposing the first and the second passwords into components contained in the passwords; determining whether the passwords are formed by the components using one or more rules of concatenation, insertion, and replacement; comparing similarities between the first password and the second password comprising identifying rules and components of the first and second passwords, comparing similarities of the rules and the components, and determining a first similarity score for the rules and a second similarity score for the components; determining a score between the first password and the second password based on the comparing; and comparing the score to a threshold score. 11. The system of claim 10 , wherein the operations further comprise accepting the first password if the score is greater than or equal to the threshold score. 12. The system of claim 10 , wherein the score is based on a function of the first and second similarity scores. 13. The system of claim 10 , wherein the operations further comprise retrieving a previously used third password by the user, comparing similarities between the first password and the second and third passwords, and determining a score between the first password and the second and third passwords. 14. The system of claim 12 , wherein the operations further comprise determining a strength score for the first password and the score is further based on a function of the strength score. 15. The system of claim 10 , wherein the first password is flagged by the service provider if the score is below the threshold score. 16. A non-transitory machine-readable medium having stored thereon machine-readable instructions executable to cause a machine to perform operations comprising: receiving, by a service provider, a password from a user; decomposing the password into components contained in the password; determining whether the password is formed by the components using one or more rules of concatenation, insertion, and replacement; determining a score for the password based on the one or more rules with at least one rule having a different weighting than another rule; and comparing the score to a threshold score. 17. The non-transitory machine-readable medium of claim 16 , wherein the operations further comprise accepting the password if the score is greater than or equal to the threshold score. 18. The non-transitory machine-readable medium of claim 16 , wherein the password is formed using all the rules. 19. The non-transitory machine-readable medium of claim 16 , wherein an initial score is assigned to the password based on types of individual characters used for forming the password and wherein the score is determined by updating the initial score based on whether the password is formed by the components using the one or more of the rules of concatenation, insertion, and replacement. 20. The non-transitory machine-readable medium of claim 16 , wherein the password is a proposed password by the user. 21. The non-transitory machine-readable medium of claim 16 , wherein the operations further comprise comparing similarities between the password and a second password for the user, determining a similarity score between the password and the second password based on the comparing; and comparing the similarity score to a threshold. 22. The non-transitory machine-readable medium of claim 16 , wherein the password is flagged by the service provider if the score is below the threshold score. 23. A non-transitory machine-readable medium having store thereon machine-readable instructions executable to cause a machine to perform operations comprising: receiving a first password from a user; retrieving a second password for the user; decomposing the first and the second passwords into components contained in the passwords; determining whether the passwords are formed by the components using one or more rules of concatenation, insertion, and replacement; comparing similarities between the first password and the second password comprising identifying rules and components of the first and second passwords, comparing similarities of the rules and the components, and determining a first similarity score for the rules and a second similarity score for the components; determining a score between the first password and the second password based on the comparing; and comparing the score to a threshold score. 24. The non-transitory machine-readable medium of claim 23 , wherein the operations further comprise accepting the first password if the score is greater than or equal to the threshold score. 25. The non-transitory machine-readable medium of claim 23 , wherein the score is based on a function of the first and second similarity scores. 26. The non-transitory machine-readable medium of claim 23 , wherein the operations further comprise retrieving a previously used third password by the user, comparing similarities between the first password and the second and third passwords, and determining a score between the first password and the second and third passwords.

Assignees

Inventors

Jakobsson Bjorn Markus

Classifications

H04L63/06
for supporting key management in a packet data network (cryptographic mechanisms or cryptographic arrangements for key management H04L9/08) · CPC title
H04L63/083
using passwords (cryptographic mechanisms or cryptographic arrangements for entity authentication using a predetermined code H04L9/3226) · CPC title
A61B90/37
Surgical systems with images on a monitor during operation · CPC title
G01B9/02044
Imaging in the frequency domain, e.g. by using a spectrometer · CPC title
G01B9/02089
Displaying the signal, e.g. for user interaction · CPC title

Patent family

Related publications grouped by family.

View patent family 57542413

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US9471772B2 cover?: A proposed password is decomposed into basic components to determine and score transitions between the basic components and create a password score that measures the strength of the proposed password based on rules, such as concatenation, insertion, and replacement. The proposed password is scored against all known words, such as when a user is first asked to create a password for an account or…
Who is the assignee on this patent?: Jakobsson Bjorn Markus, Paypal Inc
What technology area does this patent fall under?: Primary CPC classification G06F21/46. Mapped technology areas include Physics.
When was this patent published?: Publication date Tue Oct 18 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).