| 摘要 |
<p>A method includes receiving, via a server (14), a User ID and Password from a client device (12), and generating a Secret PIN (SPIN). Values for a Partial Password and an encrypted version of the SPIN (ESPIN) are determined. The method includes challenging a user of the client device (12) with a challenge that prompts the user to enter the Partial Password and an ESPIN. An Additional Factor, e.g., a One-Time Password from a Shared Secret, is locked using the SPIN. The Partial Password and challenge unlock the Additional Factor. The method includes authenticating the identity using the unlocked Additional Factor. A system includes a server (14) in communication with a client device (12), and a non-transitory memory device (20B) on which is recorded process instructions for authenticating the identity of a user of the client device (12). The server (14) executes the instructions to thereby authenticate the identity of the user using the unlocked Additional Factor.</p> |
