发明名称 |
Authentication mechanism |
摘要 |
A computer-implemented method for preventing password leakage into a non-password field includes detecting that a user of an electronic device has entered a character in a non-password field appearing on a display associated with the electronic device. The character is echoed to at least the display, and stored to provide a stored character string. The stored character string is compared to a set of valid entries for the non-password field, when length of the stored character string reaches a predetermined threshold value. An alert is transmitted when the stored character string fails to match at least a substring of an element of the set of valid entries for the non-password field. |
申请公布号 |
US9613206(B2) |
申请公布日期 |
2017.04.04 |
申请号 |
US201615149223 |
申请日期 |
2016.05.09 |
申请人 |
International Business Machines Corporation |
发明人 |
Chougle Abdullah Q.;Chougule Vishal V.;Jain Priyanka P.;Jain Vivek |
分类号 |
G06F21/00;G06F21/45;G06F21/60;H04L29/06;G06F21/31 |
主分类号 |
G06F21/00 |
代理机构 |
|
代理人 |
Restauro Brian M. |
主权项 |
1. A computer-implemented method for preventing password leakage into a user name field, comprising:
responsive to detecting, by a hardware processor, at least a character of a set of characters has been entered in a user name field appearing on a display associated with an electronic device, incrementing and storing a character count to provide a stored character string of the entered characters in the user name field;
responsive to the stored character string reaching a predetermined threshold value, comparing the stored character string to the set of valid user name entries corresponding to the user name field; andresponsive to determining that the stored character string fails to match a portion of any of the user name entries in the set of valid user name entries:clearing a display of the stored character string; locking out the user from the user name field until security has been re-established; transmitting by the hardware processor a first alert to the display associated with the electronic device, and transmitting by the hardware processor a second alert, wherein the second alert is transmitted to a mobile phone number associated with valid user names entries indicating a portion of a user password is at risk of being compromised. |
地址 |
Armonk NY US |