摘要 |
A method of protecting username/password (U/P) credentials operates on a client computer that cooperates with an anti-phishing scheme that generates a client warning at the client computer when a suspected phishing website issues a U/P request. At the client computer, a set of S fake U/P credentials is generated when the client warning is heeded, or a set of (S−1) fake U/P credentials are derived from a client-supplied U/P credential provided after the client warning is ignored. The client computer then transmits to the suspected phishing website one of (i) the set of S fake U/P credentials, and (ii) the client-supplied U/P credential along with the set of (S−1) fake U/P credentials.
|