摘要 |
<p>An apparatus and method are provided for secondary access authentication (45) of users who have been primarily authenticated by an operating system level authentication process. An authentication code is utilized that is secure while allowing users to publicly disclose the authentication code. Embedded within the authentication code may be restrictions as to specific host systems, dates and times of access, expiration information, and a key to ensure that changes are made at specified intervals. Further information may be embedded into the AC as such information is deemed necessary. The system also provides for automatic expiration of an application level password and/or application access in accordance with predetermined parameters. The authentication code may be used in conjunction with operating-system level authenticated user identification to validate the authentication code information without exposing the information to others.</p> |