Authentication mechanism

摘要

A computer-implemented method for preventing password leakage into a non-password field includes detecting that a user of an electronic device has entered a character in a non-password field appearing on a display associated with the electronic device. The character is echoed to at least the display, and stored to provide a stored character string. The stored character string is compared to a set of valid entries for the non-password field, when length of the stored character string reaches a predetermined threshold value. An alert is transmitted when the stored character string fails to match at least a substring of an element of the set of valid entries for the non-password field.

主权项

1. A computer-implemented method for preventing password leakage into a user name field, comprising:
responsive to detecting, by a hardware processor, at least a character of a set of characters has been entered in a user name field appearing on a display associated with an electronic device, incrementing and storing a character count to provide a stored character string of the entered characters in the user name field;
responsive to the stored character string reaching a predetermined threshold value, comparing the stored character string to the set of valid user name entries corresponding to the user name field; andresponsive to determining that the stored character string fails to match a portion of any of the user name entries in the set of valid user name entries:clearing a display of the stored character string; locking out the user from the user name field until security has been re-established; transmitting by the hardware processor a first alert to the display associated with the electronic device, and transmitting by the hardware processor a second alert, wherein the second alert is transmitted to a mobile phone number associated with valid user names entries indicating a portion of a user password is at risk of being compromised.