Method and system for securing access to passwords in a computing network environment

摘要

The present invention provides a method and system to secure the storage and retrieval of user and resource passwords in a distributed computing network environment. The system incorporates a password server. This server can be a stand-alone device or can be implemented in a server on a network. The password server contains software programs that store and distribute the passwords securely to proper applications (users). In the method of the present invention, the password server program stores the password in a file encrypted using the password server's public key. Only the password server has the corresponding private key. Therefore, no one except password server can decrypt the password. Applications can store their password in the password server after encrypting the password using password servers public key. The method of the present invention has an advantage over conventional password storage practices in that there is only the need to secure the password server in order to prevent lost or theft of passwords. Because user passwords usually reside on the same system as the application user, it is necessary to implement security measures to secure the password information stored on that machine.