CA2611549A1 - Method and system for providing a secure login solution using one-time passwords - Google Patents

Method and system for providing a secure login solution using one-time passwords Download PDF

Info

Publication number
CA2611549A1
CA2611549A1 CA 2611549 CA2611549A CA2611549A1 CA 2611549 A1 CA2611549 A1 CA 2611549A1 CA 2611549 CA2611549 CA 2611549 CA 2611549 A CA2611549 A CA 2611549A CA 2611549 A1 CA2611549 A1 CA 2611549A1
Authority
CA
Canada
Prior art keywords
user
login key
passcode
computer
key combination
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CA 2611549
Other languages
French (fr)
Other versions
CA2611549C (en
Inventor
Paul Plesman
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CA2611549A priority Critical patent/CA2611549C/en
Publication of CA2611549A1 publication Critical patent/CA2611549A1/en
Application granted granted Critical
Publication of CA2611549C publication Critical patent/CA2611549C/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2103Challenge-response

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)
  • Document Processing Apparatus (AREA)

Abstract

A method and system for a secure login solution for users logging into computers and systems that require authentication is provided incorporating one-time passwords. The method and system allows a user to establish a login key combination in relation to a login key structure. The login key combination is in association with an identification means, such as a username/ID, and allows the user to generate a one-time passcode in response to a random login key. The method and system is directed at situations where the user desires to log into a system from a computer or other electronic device that may not be secure, including for example from computers or devices other than the user's own and/or by using a communications connection that may not be secure, such as a wireless network connection. The method and system is simple and easy to implement and does not require the use of physical devices.

Claims (3)

1. A method for enabling a user to log into a system requiring authentication, the method comprising:

(a) providing a random login key to the user;

(b) receiving from the user identification means and a passcode, wherein the passcode is generated by the user in response to the random login key and is based on (i) a login key combination previously defined by the user, or (ii) a login key combination and PIN code previously defined by the user;

(c) and comparing the passcode to the random login key based on (i) the login key combination associated with the user; or (ii) the login key combination and the PIN code associated with the user;

and authenticate the user if the user supplied identification means and passcode are a match.
2. A system for authenticating a user on a computer, the system comprising:

(a) a display means linked to the computer, whereby the display means is operable to provide instructions to the user;

(b) an input means linked to the computer, whereby the input means enables the user to provide identification means and a passcode;

(c) a means for storing and retrieving the user's information, the user's information including the identification means and (i) a login key combination previously defined by the user; or (ii) a login key combination and PIN code previously defined by the user;

(d) and an authentication facility linked to the computer, the authentication facility being operable to provide instructions to the computer to:

(i) provide a random login key to the user via the display means;

(ii) receive from the user the identification means and the passcode, wherein the passcode is generated by the user in response to the random login key and is based on (A) the login key combination associated with the user; or (B) the login key combination and the PIN code associated with the user;

(iii) and compare the passcode to the random login key based on (A) the login key combination associated with the user; or (B) the login key combination and the PIN code associated with the user;

and authenticate the user if the user supplied identification means and the passcode are a match.
3. A computer program product, for use on a computer, the computer program product comprising:

(a) a computer usable medium; and (b) computer readable program code recorded or storable on the computer useable medium, the computer readable program code defining an authentication application on the computer that is operable on the computer to:

(i) provide a random login key to a user;

(ii) receive from the user identification means and a passcode, wherein the passcode is generated by the user in response to the random login key and is based on (A) a login key combination previously defined by the user; or (B) a login key combination and PIN code previously defined by the user;

(iii) and compare the passcode to the random login key based on (A) the login key combination associated with the user; or (B) the login key combination and PIN code associated with the user;

and authenticate the user if the user supplied identification means and the passcode are a match.
CA2611549A 2007-11-27 2007-11-27 Method and system for providing a secure login solution using one-time passwords Active CA2611549C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CA2611549A CA2611549C (en) 2007-11-27 2007-11-27 Method and system for providing a secure login solution using one-time passwords

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CA2611549A CA2611549C (en) 2007-11-27 2007-11-27 Method and system for providing a secure login solution using one-time passwords

Publications (2)

Publication Number Publication Date
CA2611549A1 true CA2611549A1 (en) 2009-05-27
CA2611549C CA2611549C (en) 2011-04-19

Family

ID=40673738

Family Applications (1)

Application Number Title Priority Date Filing Date
CA2611549A Active CA2611549C (en) 2007-11-27 2007-11-27 Method and system for providing a secure login solution using one-time passwords

Country Status (1)

Country Link
CA (1) CA2611549C (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8041954B2 (en) * 2006-12-07 2011-10-18 Paul Plesman Method and system for providing a secure login solution using one-time passwords
CN111324907A (en) * 2020-02-20 2020-06-23 深圳市春晖信档案技术服务有限公司 Intelligent archive management method, system and computer storage medium
CN115001832A (en) * 2022-06-10 2022-09-02 阿里云计算有限公司 Method and device for preventing password attack and electronic equipment

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104239762A (en) * 2014-09-16 2014-12-24 浪潮电子信息产业股份有限公司 Method for realizing secure login in Windows system

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8041954B2 (en) * 2006-12-07 2011-10-18 Paul Plesman Method and system for providing a secure login solution using one-time passwords
CN111324907A (en) * 2020-02-20 2020-06-23 深圳市春晖信档案技术服务有限公司 Intelligent archive management method, system and computer storage medium
CN115001832A (en) * 2022-06-10 2022-09-02 阿里云计算有限公司 Method and device for preventing password attack and electronic equipment
CN115001832B (en) * 2022-06-10 2024-02-20 阿里云计算有限公司 Method and device for preventing password attack and electronic equipment

Also Published As

Publication number Publication date
CA2611549C (en) 2011-04-19

Similar Documents

Publication Publication Date Title
US9104853B2 (en) Supporting proximity based security code transfer from mobile/tablet application to access device
EP2992472B1 (en) User authentication
CN103975615B (en) It is logged in the log-on message automatically generated via near-field communication
US7617523B2 (en) Fortified authentication on multiple computers using collaborative agents
US8606234B2 (en) Methods and apparatus for provisioning devices with secrets
CN101051908B (en) Dynamic cipher certifying system and method
CN102148685B (en) Method and system for dynamically authenticating password by multi-password seed self-defined by user
WO2016167932A3 (en) Authentication of a client device based on entropy from a server or other device
MY172709A (en) Method and system for abstracted and randomized one-time use passwords for transactional authentication
WO2013127292A1 (en) Login method and device, terminal and network server
CA2509204A1 (en) System and method of secure authentication information distribution
WO2011106716A1 (en) Security device provisioning
WO2007003997A3 (en) Using one-time passwords with single sign-on authentication
CN106796630B (en) User authentication
CN101997824A (en) Identity authentication method based on mobile terminal as well as device and system thereof
WO2016155220A1 (en) Single sign-on method, system and terminal
US10474804B2 (en) Login mechanism for operating system
WO2006086058B1 (en) Security system with remote communication
CN102624687A (en) Networking program user authentication method based on mobile terminal
Singhal et al. Software tokens based two factor authentication scheme
CA2611549A1 (en) Method and system for providing a secure login solution using one-time passwords
CN105187409B (en) A kind of device authorization system and its authorization method
CN102868705A (en) Device for achieving network login certification by using dynamic passwords and using method of device
CN203206256U (en) A mobile storage device
CN105281916A (en) Portable password system

Legal Events

Date Code Title Description
EEER Examination request