Possession of synchronized data as authentication factor in online services

摘要

A user's possession of synchronized data is used as an authentication factor. When the user requests an authentication configuration change, an authentication server requests the user to prove possession of synchronized data for that user. The user launches an authentication module on a client device hosting a local copy of the synchronized data. The authentication module creates a hash of the local copy and transmits the hash to the authorization server. Upon successfully verifying the received hash using a server copy of the synchronized data, the authentication server considers the user authorized and thus allows the user to make the authorization configuration change.