| 发明名称 | Secure authentication systems and methods | ||
| 摘要 | Systems and methods are provided for authentication by combining a Reverse Turing Test (RTT) with password-based user authentication protocols to provide improved resistance to brute force attacks. In accordance with one embodiment of the invention, a method is provided for user authentication, the method including receiving a username/password pair associated with a user; requesting one or more responses to a first Reverse Turing Test (RTT); and granting access to the user if a valid response to the first RTT is received and the username/password pair is valid. | ||
| 申请公布号 | US9306938(B2) | 申请公布日期 | 2016.04.05 |
| 申请号 | US201414189152 | 申请日期 | 2014.02.25 |
| 申请人 | Intertrust Technologies Corporation | 发明人 | Pinkas Binyamin;Sander Tomas |
| 分类号 | H04L9/32;G06F7/04;G06K9/00;H04L29/06;G06F21/34;G06F21/62 | 主分类号 | H04L9/32 |
| 代理机构 | Finnegan, Henderson, Farabow, Garrett & Dunner, LLP | 代理人 | Finnegan, Henderson, Farabow, Garrett & Dunner, LLP |
| 主权项 | 1. A method for user authentication performed by a system comprising a processor and a non-transitory computer-readable storage medium storing instructions that, when executed by the processor, cause the system to perform the method, the method comprising: receiving a login request from a user attempting to access a resource; determining whether the user possesses a cookie indicating that the user has been previously authenticated; if the user possesses the cookie: receiving a username/password pair associated with the user, determining whether the username/password pair is valid, and selectively granting the user access to the resource if the username/password pair is valid; andif the user does not possess the cookie: receiving a username/password pair associated with the user, determining whether the username/password pair is valid, and requesting one or more responses to a first Reverse Turing Test (RTT) regardless of whether the username/password pair is valid. | ||
| 地址 | Sunnyvale CA US | ||