Compromised password mitigation
US-9379896-B1 · Jun 28, 2016 · US
Compromised authentication information clearing house
US9870464B1 · US · B1
| Field | Value |
|---|---|
| Publication number | US-9870464-B1 |
| Application number | US-201615351801-A |
| Country | US |
| Kind code | B1 |
| Filing date | Nov 15, 2016 |
| Priority date | Dec 15, 2014 |
| Publication date | Jan 16, 2018 |
| Grant date | Jan 16, 2018 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Techniques for maintaining potentially compromised authentication information for a plurality of accounts may be provided. An individual piece of authentication information may be associated with one or more tags that indicate access rights with respect to requestors that also provide and maintain other potentially compromised authentication information. A subset of the potentially compromised authentication information may be determined based on the one or more tags in response to a request from a requestor for the potentially compromised authentication information. In an embodiment, the subset of the potentially compromised authentication information may be provided to the requestor.
First claim
Opening claim text (preview).
What is claimed is: 1. A computer-implemented method, comprising: maintaining, by a computer system, first information including a first set of passwords that have been marked as potentially subject to compromise for a first plurality of accounts and first password characteristics for the first set of passwords; receiving second information including a second set of passwords that have been marked as potentially subject to compromise for a second plurality of accounts and second password characteristics for the second set of passwords; updating the first set of passwords included in the first information to incorporate the second set of passwords included in the second information; determining that a password included in the updated first set of passwords is being utilized by an account of the first plurality of accounts; generating, by the computer system, a password requirement comprising a password structure, the password requirement determined based at least in part on the updated first password characteristics for the updated first set of passwords; generating a recommendation indicating that the password being utilized by the account be changed to adhere to the password requirement; providing the recommendation to a device of a user of the account; receiving, from the device of the user of the account, an updated password for the account; and determining a security score for the updated password based at least in part on adherence of the updated password to the password requirement. 2. The computer-implemented method of claim 1 , wherein generating the recommendation indicating that the password being utilized by the account be changed is further based at least in part on a type of the account, the type of the account changing the password structure. 3. The computer-implemented method of claim 1 , wherein generating the recommendation includes determining a time period that the password requirement is valid for the account based at least in part on the updated first password characteristics for the updated first set of passwords. 4. The computer-implemented method of claim 1 , wherein determining that the password included in the updated first set of passwords is being utilized by the account of the first plurality of accounts includes using a string comparison, a sub-string comparison, a hash value comparison, or an incremental comparison. 5. The computer-implemented method of claim 1 , wherein providing the recommendation to the device of the user of the account includes providing the recommendation to an authentication information management application implemented on the device of the user. 6. A computer system, comprising: a processor; and memory including computer-executable instructions that, when executed by the processor, cause the system to at least: maintain first information including a first set of passwords that have been marked as potentially subject to compromise for a first plurality of accounts and first password characteristics for the first set of passwords; receive second information including a second set of passwords that have been marked as potentially subject to compromise for a second plurality of accounts and second password characteristics for the second set of passwords; determine that a password included in the first set of passwords is being utilized by an account of the first plurality of accounts based at least in part on the first information and the second information; generate a password requirement for the account that comprises a password structure based at least in part on the first password characteristics and the second password characteristics; transmit the password requirement to a device of a user of the account; receive, from the device of the user of the account, an updated password for the account; and determine a security score for the updated password based at least in part on adherence of the updated password to the password requirement. 7. The system of claim 6 , wherein the user of the account is prohibited from utilizing the account until the password requirement is satisfied for the account. 8. The system of claim 6 , wherein generating the password requirement for the account is further based at least in part on an entropic distance of the password structure to the password for the account. 9. The system of claim 6 , wherein the computer-executable instructions that, when executed by the processor, cause the system to further set the updated password for the account based at least in part on the security score exceeding a threshold for the account. 10. The system of claim 9 , wherein the threshold is specified by a provider of the account. 11. The system of claim 6 , wherein generating the password requirement for the account is further based at least in part on a type of the account.
Assignees
Inventors
Classifications
- G06F21/46Primary
by designing passwords or checking the strength of passwords · CPC title
- H04L63/083Primary
using passwords (cryptographic mechanisms or cryptographic arrangements for entity authentication using a predetermined code H04L9/3226) · CPC title
applying security measure for e-commerce · CPC title
Countermeasures against malicious traffic (countermeasures against attacks on cryptographic mechanisms H04L9/002) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9870464B1 cover?
- Techniques for maintaining potentially compromised authentication information for a plurality of accounts may be provided. An individual piece of authentication information may be associated with one or more tags that indicate access rights with respect to requestors that also provide and maintain other potentially compromised authentication information. A subset of the potentially compromised …
- Who is the assignee on this patent?
- Amazon Tech Inc
- What technology area does this patent fall under?
- Primary CPC classification G06F21/46. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Jan 16 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).