主权项 |
1. A method, comprising:
receiving, by an authentication computing system and from a client device, authentication credentials, received by the client device from a user, for a secure resource associated with the authentication computing system; receiving, by the authentication computing system and from the client device, a reusable user secret, received by the client device from the user via a prompt generated by the client device in response to the client device receiving the authentication credentials, for the authentication computing system, the reusable user secret being different from the authentication credentials; encrypting, by the authentication computing system and using a cryptographic key, first validation data comprising the authentication credentials and the reusable user secret; transmitting, by the authentication computing system and to the client device, the cryptographic key; receiving, by the authentication computing system and from the client device: a request to access the secure resource; data comprising the cryptographic key; and authentication data received by the client device from the user; and responsive to determining by the authentication computing system that the authentication data corresponds to a portion of the validation data, decrypted by the authentication computing system using the data comprising the cryptographic key, comprising the reusable user secret, authenticating, by the authentication computing system, the request using a portion of the validation data, decrypted by the authentication computing system using the data comprising the cryptographic key, comprising the authentication credentials. |