Applying a partial password in a multi-factor authentication scheme

摘要

A method includes transmitting a User ID and a full Password of a user of a client device to a server via the client device, and then establishing a network connection between the client device and the server after the User ID and the full Password. The method also includes receiving, from the server via the client device, an encrypted secret PIN (ESPIN) and a challenge for corresponding positions of a Partial Password, entering the Partial Password via the client device, and computing a secret PIN (SPIN) from the ESPIN via the client device in response to a correct entry of the Partial Password. The Additional Factor is unlocked using the SPIN, and the unlocked Additional Factor is transmitted to the server to request authentication of the user of the client device. The client device includes a processor and memory having instructions for the above method.

主权项

1. A method comprising:
transmitting a User ID and a full Password of a user of a client device to a server via the client device; establishing a network connection between the client device and the server after transmitting the User ID and the full Password; receiving, from the server via the client device, an encrypted secret PIN (ESPIN) and a challenge for corresponding positions of a Partial Password; receiving the Partial Password via the client device; computing a secret PIN (SPIN) from the ESPIN via the client device in response to a correct entry of the Partial Password into the client device; unlocking, via the client device, an Additional Factor using the SPIN; and transmitting the unlocked Additional Factor to the server to request an authentication by the server of the user of the client device.