摘要 |
A method is described for controlling user access to a remote service over a network, such as the Internet. In an initial log-in procedure, the user enters a user name and user password over the network, and the service validates the combination of the user name and user password. If validation of the combination of the user name and user password is successful, the service sends a one-time password to the user via a wireless messaging service, to a portable device personal to the user. The portable device may be the user's mobile phone and the message may be an SMS message. A supplementary log-in procedure is then performed, in which the user enters the received one-time password over the network, and the service validates the one-time password. If validation of the one-time password is successful, the user is allowed to access the service over the network.
|