USRE44725E1 - Image or pictographic based computer login systems and methods - Google Patents

Image or pictographic based computer login systems and methods Download PDF

Info

Publication number
USRE44725E1
USRE44725E1 US13/409,877 US201213409877A USRE44725E US RE44725 E1 USRE44725 E1 US RE44725E1 US 201213409877 A US201213409877 A US 201213409877A US RE44725 E USRE44725 E US RE44725E
Authority
US
United States
Prior art keywords
image
user
input
shape
displayed
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active, expires
Application number
US13/409,877
Inventor
Erik L. Holt
Matthew E. Kowalczyk
Russell Humphries
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Microsoft Technology Licensing LLC
Original Assignee
Microsoft Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Microsoft Corp filed Critical Microsoft Corp
Priority to US13/409,877 priority Critical patent/USRE44725E1/en
Priority to US14/156,044 priority patent/USRE46301E1/en
Application granted granted Critical
Publication of USRE44725E1 publication Critical patent/USRE44725E1/en
Assigned to MICROSOFT TECHNOLOGY LICENSING, LLC reassignment MICROSOFT TECHNOLOGY LICENSING, LLC ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: MICROSOFT CORPORATION
Priority to US15/405,205 priority patent/USRE47518E1/en
Active legal-status Critical Current
Adjusted expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints

Definitions

  • the present invention generally relates to systems, methods, and computer-readable media for providing an image or pictographic based login procedure for computer systems or networks. While useful in non-electronic ink environments, such systems and methods may find particular usefulness in login procedures for pen-based computing systems and/or other systems that accept electronic ink input.
  • GUIs graphical user interfaces
  • Typical computer systems are optimized for accepting user input from one or more discrete input devices, such as a keyboard for entering text and a pointing device, such as a mouse with one or more buttons, for operating the user interface.
  • a GUI is the user interface for the Windows® computer operating system (available from Microsoft Corporation of Redmond, Wash.).
  • the ubiquitous keyboard and mouse interface provides for fast creation and modification of documents, spreadsheets, database fields, drawings, photos, web pages, emails, and the like.
  • pen-based computing systems such as tablet personal computers (“tablet PCs”), personal digital assistants (“PDAs”), and the like
  • user input advantageously may be introduced as “electronic ink” using an electronic “pen” or stylus (e.g., mimicking writing with a pen or pencil on a piece of paper).
  • pen-based computing systems all user input is capable of being entered and manipulated using an electronic pen input device, and the user interface is fully controllable using only the electronic pen.
  • a pen-based computer system As pen-based computing systems become more popular, many computer activities such as access in a computer system become more difficult to implement. For example, in a computer system in which a user logs into an individualized account or inputs security information to enter a restricted site, a pen-based computer system creates difficulties for the user to conveniently and efficiently maneuver the pen or stylus to accomplish the task.
  • a display is presented to the user containing a field in which the user enters a userid and a field in which the user enters a corresponding password.
  • a user inputs information via a keyboard. Therefore, if inputting data via a keyboard is problematic (e.g., a keyboard is not available or not conveniently accessible), a user may not be able to input data as necessary. In such a system lacking a conveniently available keyboard, a user would be unable to successfully access information because of the inability to enter authentication information into the system.
  • a user In the traditional method of gaining access to a private account, a user typically enters a password via a keyboard.
  • a password that has a higher level of security i.e., a completely random string of characters that is not otherwise associated with the user
  • the user often forgets the password and must expend effort in having the password reset, obtaining the password from a system administrator, etc.
  • the user may select a password that is easy to remember, such as the user's date of birth.
  • passwords are easy to “crack” and provide very little security to the user. This defeats the purpose of having the security system in the first place.
  • Such systems and methods may include: (a) displaying a first image on a computer display screen; (b) receiving a first user input indicating a portion of the first image (e.g., via an electronic ink input system); (c) determining if the first user input corresponds to a first acceptable user input for user authentication (e.g., via a computer processor system); and (d) proceeding with a user authentication procedure when the first user input corresponds to the first acceptable user input for user authentication.
  • systems and methods in accordance with examples of this invention may further include: displaying a second image on the computer display screen; receiving a second user input indicating a portion of the second image; and determining if the second user input corresponds to a second acceptable user input for authentication. If desired, user access to the computer system or network may be allowed when the first and/or second user inputs correspond to the acceptable user inputs for user authentication.
  • aspects of the invention further relate to computer-readable media including computer-executable instructions stored thereon for providing image or pictographic based authentication procedures for computer systems or networks like those described above.
  • FIG. 1 illustrates a schematic diagram of an example general-purpose digital computing environment in which at least some aspects of the present invention may be implemented
  • FIG. 2 illustrates an example pen-based personal computing environment in which at least some aspects of the present invention may be implemented
  • FIG. 3 illustrates an example of one aspect of the present invention in which an image is selected for use as an authentication tool
  • FIGS. 4A , 4 B, and 4 C illustrate an example of one aspect of the invention in which a user selects a portion of an image on a display in a user authentication procedure.
  • aspects of the present invention relate to systems, methods, and computer-readable media for an image or pictographic login procedure.
  • the following description is divided into sub-sections to assist the reader.
  • the sub-sections include: Terms; General Description of Various Aspects of the Invention; Example Hardware; Example Systems, Methods, and Computer-Readable Media According to the Invention; and Conclusion.
  • Pen Any type of user input device useful in entering electronic ink into and/or otherwise manipulating or controlling an electronic document, a user interface, and/or a computer operating system.
  • pen any type of user input device useful in entering electronic ink into and/or otherwise manipulating or controlling an electronic document, a user interface, and/or a computer operating system.
  • pen and “stylus” may be used interchangeably in this specification.
  • Computer-Readable Medium means any available media that can be accessed by a user on a computer system.
  • “computer-readable media” may include computer storage media and communication media.
  • “Computer storage media” includes volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information, such as computer-readable instructions, data structures, program modules or other data.
  • “Computer storage media” includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology; CD-ROM, digital versatile disks (DVD) or other optical storage devices; magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices; or any other medium that can be used to store the desired information and that can be accessed by a computer.
  • Communication media typically embodies computer-readable instructions, data structures, program modules or other data in a modulated data signal, such as a carrier wave or other transport mechanism, and includes any information delivery media.
  • modulated data signal means a signal that has one or more of its characteristics set or changed in such a manner as to encode information in the signal.
  • communication media includes wired media, such as a wired network or direct-wired connection, and wireless media, such as acoustic, RF, infrared and other wireless media. Combinations of any of the above should also be included within the scope of “computer-readable media.”
  • aspects of the present invention relate to systems, methods, and computer-readable media for providing an image or pictographic based authentication procedure for computer systems or networks.
  • the authentication procedure of the present invention may be applied in any application where authorization of a user is desired. For example, a system may require authentication of a user before allowing the user to “log in” to the user's account. In this situation, a user desiring access to his personal account on a system may apply the authentication procedure of the present invention to gain access to the account while preventing other unauthorized users from accessing the account.
  • the authentication procedure of the present invention may be applied to accessing protected or private sites, for example, on an intranet or on the internet and/or for accessing or logging on to individual computers or systems, local area networks, wide area networks, or the like.
  • Methods in accordance with at least some examples of this invention may include: (a) displaying a first image on a computer display screen; (b) receiving a first user input indicating a portions of the first image; (c) determining if the first user input corresponds to a first acceptable login user input; and (d) proceeding with a user login procedure when the first user input corresponds to the first acceptable login user input.
  • methods in accordance with at least some examples of this invention further may include: displaying a second image on the computer display screen (the second image may be the same as the first image, an enlargement of part of the first image, a completely new image, etc.); receiving a second user input indicating a portion of the second image; and determining if the second user input corresponds to a second acceptable login user input. If desired, user access to the computer system or network may be allowed when the first and/or second user inputs correspond to the acceptable login user inputs.
  • Systems in accordance with at least some examples of this invention may include: (a) a computer display screen; (b) an input system for receiving user input (e.g., such as a digitizer for receiving electronic ink input); and (c) a processor system (e.g., including one or more processors) programmed and adapted to: (i) display a first image on a computer display screen, (ii) determine if a first user input indicating a portion of the first image corresponds to a first acceptable login user input, and (iii) proceed with a user login procedure when the first user input corresponds to the first acceptable login user input.
  • a processor system e.g., including one or more processors
  • the processor system when the system proceeds with the user login procedure, is further programmed and adapted to: (iv) display a second image on the computer display screen, and (v) determine if a second user input indicating a portion of the second image corresponds to a second acceptable login user input. If desired, the processor system may allow user access to the computer system or network when the first and/or second user inputs correspond to the acceptable login user inputs.
  • Systems and methods according to at least some examples of this invention may accept user input (e.g., the first and/or second user inputs described above) as electronic ink input.
  • user input e.g., the first and/or second user inputs described above
  • the various portions of the image may be “indicated” during the login procedure by drawing a predetermined shape at, near, or at least partially around the portion of the first image using electronic ink.
  • various other aspects or characteristics of the input may be controlled, varied, and/or selected as part of the login procedure without departing from the invention.
  • ink color, ink thickness, pen tip shape, or other ink characteristics may be varied; characteristics of the input shape or shapes drawn by the user may be varied; the number of times a portion of an image is encircled may be controlled or varied; directional characteristics (e.g., line direction, pen movement direction, etc.) of the input may be varied; initial image selection to initiate the login procedure may be required (e.g., from a pallet of displayed image thumbnails); intermediate image selection to continue the login procedure may be required (e.g., from a pallet of displayed image thumbnails); the location(s) and/or number of “breaks” in an encirculation or other input characteristic may be varied; the pictographic login features may be used in combination with other login procedures or features, such as password entry, image selection; etc.
  • Various other aspects of the input required during login may be varied, controlled, and used as part of the login security features without departing from this invention.
  • Still additional aspects of the invention relate to computer-readable media including computer-executable instructions stored thereon for providing image or pictographic based login procedures for computer systems or networks.
  • FIG. 1 illustrates a schematic diagram of a general-purpose digital computing environment that may be used to implement various aspects of the present invention.
  • a computer 100 includes a processing unit 110 , a system memory 120 , and a system bus 130 that couples various system components (including the system memory 120 ) to the processing unit 110 .
  • the system bus 130 may be any of several types of bus structures including a memory bus or memory controller, a peripheral bus, and a local bus using any of a variety of bus architectures.
  • the system memory 120 may include read only memory (“ROM”) 140 and random access memory (“RAM”) 150 .
  • ROM read only memory
  • RAM random access memory
  • a basic input/output system 160 (“BIOS”), which contains the basic routines that help to transfer information between elements within the computer 100 (such as during start-up), is stored in the ROM 140 .
  • the computer 100 also may include a hard disk drive 170 for reading from and writing to a hard disk (not shown), a magnetic disk drive 180 for reading from or writing to a removable magnetic disk 190 , and/or an optical disk drive 191 for reading from or writing to a removable optical disk 199 , such as a CD ROM or other optical media.
  • the hard disk drive 170 , magnetic disk drive 180 , and optical disk drive 191 are connected to the system bus 130 by a hard disk drive interface 192 , a magnetic disk drive interface 193 , and an optical disk drive interface 194 , respectively.
  • These drives and their associated computer-readable media provide nonvolatile storage of computer-readable instructions, data structures, program modules, and other data for the personal computer 100 . It will be appreciated by those skilled in the art that other types of computer-readable media that can store data that is accessible by a computer, such as magnetic cassettes, flash memory cards, digital video disks, BERNOULLI cartridges, random access memories, read only memories, and the like, also may be used in the example operating environment.
  • a number of program modules can be stored on the hard disk drive 170 , magnetic disk 190 , optical disk 199 , ROM 140 , or RAM 150 , including an operating system 195 , one or more application programs 196 , other program modules 197 , and program data 198 .
  • a user can enter commands and information into the computer 100 through input devices, such as a keyboard 101 and pointing device 102 (such as a mouse).
  • Other input devices may include a microphone, joystick, game pad, satellite dish, scanner, or the like.
  • serial port interface 106 may be connected to the processing unit 110 through a serial port interface 106 that is coupled to the system bus 130 , but they also may be connected by other interfaces, such as a parallel port, game port, or a universal serial bus (USB), and the like. Further still, these devices may be coupled directly to the system bus 130 via an appropriate interface (not shown).
  • USB universal serial bus
  • a monitor 107 or other type of display device also may be connected to the system bus 130 via an interface, such as a video adapter 108 .
  • personal computers typically include other peripheral output devices (not shown), such as speakers and printers.
  • a pen digitizer 165 and accompanying pen or stylus 166 are provided in order to digitally capture freehand input.
  • the pen digitizer 165 may be directly coupled to the processing unit 110 , or it may be coupled to the processing unit 110 in any suitable manner, such as via a parallel port or another interface and the system bus 130 as is known in the art.
  • the digitizer 165 is shown apart from the monitor 107 in FIG. 1 , the usable input area of the digitizer 165 may be co-extensive with the display area of the monitor 107 . Further still, the digitizer 165 may be integrated in the monitor 107 , or it may exist as a separate device overlaying or otherwise appended to the monitor 107 .
  • the computer 100 can operate in a networked environment using logical connections to one or more remote computers, such as a remote computer 109 .
  • the remote computer 109 can be a server, a router, a network PC, a peer device or other common network node, and it typically may include many or all of the elements described above relative to the computer 100 , although for simplicity, only a memory storage device 111 has been illustrated in FIG. 1 .
  • the logical connections depicted in FIG. 1 include a local area network (LAN) 112 and a wide area network (WAN) 113 .
  • LAN local area network
  • WAN wide area network
  • the computer 100 When used in a LAN networking environment, the computer 100 may be connected to the local area network 112 through a network interface or adapter 114 .
  • the personal computer 100 When used in a WAN networking environment, the personal computer 100 typically includes a modem 115 or other means for establishing a communications link over the wide area network 113 , such as the Internet.
  • the modem 115 which may be internal or external to the computer 100 , may be connected to the system bus 130 via the serial port interface 106 .
  • program modules depicted relative to the personal computer 100 may be stored in a remote memory storage device.
  • network connections shown are examples and other techniques for establishing a communications link between the computers can be used.
  • the existence of any of various well-known protocols such as TCP/IP, Ethernet, FTP, HTTP, UDP, and the like is presumed, and the system can be operated in a client-server configuration to permit a user to retrieve web pages from a web-based server.
  • Any of various conventional web browsers can be used to display and manipulate data on web pages.
  • FIG. 1 environment shows one example environment
  • other computing environments also may be used in systems and methods according to this invention.
  • one or more examples of the present invention may use an environment having fewer than all of the various aspects shown in FIG. 1 and described above, and these aspects may appear in various combinations and subcombinations that will be apparent to one of ordinary skill. Additional features from those shown in FIG. 1 also may be included in environments useful with this invention.
  • FIG. 2 illustrates a pen-based personal computer (“PC”) 201 that may be used in accordance with various aspects of the present inventions. Any or all of the features, subsystems, and functions in the system of FIG. 1 can be included in the computer of FIG. 2 .
  • the pen-based personal computer system 201 includes a large display surface 202 , e.g., a digitizing flat panel display, such as a liquid crystal display (“LCD”) screen, on which a plurality of windows 203 is displayed.
  • a digitizing flat panel display such as a liquid crystal display (“LCD”) screen
  • LCD liquid crystal display
  • stylus 204 a user can select, highlight, and write on the digitizing display area and thereby enter electronic ink data into the system.
  • suitable digitizing display panels include electromagnetic pen digitizers, such as pen digitizers available from Mutoh Co.
  • the pen-based computing system 201 interprets gestures made using stylus 204 in order to manipulate data, enter text as electronic ink, and execute conventional computer application tasks, such as creating, editing, and modifying spreadsheets, word processing programs, and the like.
  • the stylus 204 may be equipped with buttons or other features to augment its capabilities.
  • a stylus 204 could be implemented as a “pencil” or “pen,” in which one end constitutes a writing portion and the other end constitutes an “eraser” end 205 , and which, when moved across the display, indicates portions of electronic ink on the display that are to be erased.
  • Other types of input devices such as a mouse, trackball, keyboard, or the like also may be used.
  • a user's own finger could be used as an input device, e.g., for selecting or indicating portions of the displayed image on a touch-sensitive or proximity-sensitive display. Consequently, the term “user input device,” as used herein, is intended to have a broad definition and encompasses many variations on well-known input devices.
  • electronic ink e.g., of the type described above
  • pen-based computing systems that accept user input via an electronic pen and/or display at least some forms of input as “electronic ink,” e.g., of the type described above, have increased in popularity.
  • Use of electronic ink input as opposed to conventional pen and paper is advantageous in many respects.
  • electronic ink input may be electronically stored, filed, and cataloged for future use, which enables it to be easily maintained, located, and shared with others.
  • electronic ink input can be recognized and converted to conventional machine-generated text (e.g., text insertable into, readable by, and useful by conventional computers), it can be electronically stored, searched, and otherwise used on the computer, for example, in conventional word processing documents and programs, in spreadsheets, in email programs, in document management programs, in web browsers, and the like.
  • Handwriting recognition systems are commercially available that allow handwritten electronic ink input to be converted to machine-generated text.
  • One example of a handwriting recognizer is that provided with the Windows XP Tablet PC EditionTM operating system (available from Microsoft Corporation of Redmond, Wash.), although other handwriting recognizers also are known and may be used in computer systems in accordance with this invention.
  • pen-based computer operating systems provide an ink platform through direct modification of GINA.dll or as a set of component object model (“COM”) services that an operating system and/or an application program can use to capture, manipulate, recognize, and store ink and/or other pen actions or events.
  • the ink platform also may include a mark-up language including a language like the extensible markup language (“XML”). Additional examples of the ink platform may use the distributed component object model (“DCOM”) implementation. Yet further implementations may be used including the Win32 programming model and the .Net programming model from Microsoft Corporation. Such platforms are commercially available and known in the art.
  • Electronic ink data may be stored in an ink serialized format (“ISF”) or in any other suitable or desired manner, including in conventional manners known to those skilled in the art.
  • ISF ink serialized format
  • aspects of this invention may be used in conjunction with other types of pen-based computing systems and/or other devices that accept data as electronic ink and/or that accept, process, or display electronic pen or stylus input, such as: hand-held or palm-top computing systems; personal digital assistants; pocket personal computers; mobile and cellular telephones, pagers, and other communication devices; watches; appliances; and any other devices or systems that include monitors or other display devices and/or digitizers that present printed or graphical information to users and/or allow input using an electronic pen or stylus or that can process electronic ink collected by another device (e.g., a conventional desktop computer that can process electronic ink collected by a tablet PC).
  • a conventional desktop computer that can process electronic ink collected by a tablet PC
  • aspects of the present invention relate generally to systems and methods that may utilize an image in user authorization or authentication (e.g., secure website logins, computer system or network logins, and/or other security situations).
  • a user may select a preferred image, for example from a menu of possible image choices or a personal image provided by the user, which is presented to the user on a display.
  • the selected image when displayed to the user, may be used in any authorization or authentication procedure in which the identity of the user needs to be ascertained. For example, when a user logs onto a computer system, it is typically desired that security of the system be maintained so that user data is not compromised by other users. Thus, methods and systems are desired that safeguard individual user accounts for the respective user.
  • the image selected conforms to predetermined characteristics and specifications to be optimized for use as a user authentication tool.
  • the predetermined characteristics and specification of the selected image may be selected, for example, on the needs of the user in any given system or network and may include, but is not limited to, image complexity, size or resolution.
  • the image may contain a medium to high level of complexity such that a user may easily select a predetermined area in the image when a portion of the image is selected by the user for authentication.
  • increased complexity of the image increases accuracy of selection of the predetermined portion of the image, allowing the user to accurately pinpoint the portion of the image corresponding to the login selection.
  • a complex image also is advantageous from a security standpoint in that it prevents or inhibits unauthorized users from easily guessing the portion of the image to be indicated for successful login or authentication.
  • FIG. 3 illustrates an example of one aspect of the present invention in which an image is selected for use as an authentication tool.
  • a selection of images is presented to a user on a display such that the user may select a desired image for use in the authentication procedure.
  • Any number of images in any order or format may be used.
  • a display of multiple images may be presented on a display in a grid format (e.g., as thumbnail images) as illustrated in FIG. 3 .
  • a user could electronically page through a library of images (e.g., using a “NEXT” or “PREVIOUS” button) and select the authentication image from this library.
  • a user may import his/her own image, if desired.
  • a user-provided image should conform to minimum resolution and complexity standards to ensure that the image provides a high level of security and privacy in the login process.
  • FIGS. 4A , 4 B, and 4 C illustrate an example of one aspect of the invention in which a user selects a portion of an image on a display in a first step of user authentication according to the present invention.
  • FIG. 4A is an image previously selected by the user as a pictographic login image of the present invention, and when a procedure requiring user authentication is initiated (e.g., a computer is turned on access to a secure website or data file is requested, etc.), this image is displayed to this user.
  • the image has sufficient complexity and resolution to provide accuracy in selection of a portion of the image, reproducibility o f selection of the proper portion of the image, and facility of the user to identify the desired portion of the image to select.
  • the image selected in this example is an image of snow-covered mountains.
  • FIG. 4B is the display of FIG. 4A after the user has selected a portion of the image for login or authentication purposes.
  • User selection of a portion of the image may be accomplished by any variety of input devices such as but not limited to a mouse, a pen, a stylus, a finger, etc.
  • the user For proper authentication, the user must select the area of the image that has been designated as the area of the image to select for successful log in.
  • the area of the image to select for log-in has been previously selected by the user, and that same area of the image must be subsequently selected to successfully complete the log-in or authentication procedure.
  • There are many other features of the selection of the image portion that may optionally be used to increase privacy and security.
  • the shape used to select the portion of the image may also be set to require user input in a certain shape such that the user must not only select the proper portion of the image, but he/she also must select the portion of the image using a predetermined shape.
  • the predetermined shape used in the present example is a circle although the invention is not limited to any particular shape. Any shape may be used, and optionally required, for authentication, without departing from the invention.
  • Another potential method of enhancing security is to require preselected input characteristics relating to additional features of the image selection before authentication may be granted.
  • the direction of drawing the selection may be pre-selected such that the user may have to draw the image selection in a particular order or direction.
  • the direction of selecting the proper portion of the image may be optionally limited to drawing the selection in a clockwise direction or in a counter-clockwise direction.
  • the system may require user input of the selection to start at a particular spot on the circle (e.g., the 8 o'clock position) in order to successfully authenticate. In these ways, the user may be required to draw the selection in a predetermined manner or authentication may not occur.
  • the color of the electronic ink used for the selection may be optionally regulated in order to provide enhanced security.
  • the user may be required to draw the selection of the image with a particular color of ink, e.g., red, selected from a color pallet included with the authentication image. If this option is included in the authentication procedure, a user selecting the proper portion of the image may still fail to gain access or authorization if the user draws the selection with an improperly selected color. In this way, security is further increased such that an unauthorized person would have great difficulty in accessing the private account, data, or other information of another user.
  • a particular color of ink e.g., red
  • the selection of the portion of the image by the user may not be the precise preselected area identified by the user during the security system set-up procedure. Due to variability and inaccuracies of the input by a human user, an authorized user may fail to draw a selection around the precise desired area in the image. Rather, due to human error or slight variations in selecting the proper portion of the image, the selection may be slightly skewed from the precise location of the portion of the image. The tolerance of the skew may depend on the individual system or network and may be calculated or adjusted based on the needs of the user, for example.
  • the login and authentication method and system of the present invention provide for a tolerance in the selection of the portion of the image for user authorization.
  • the authorization process will proceed. Only if the selection is outside a predetermined tolerance level from the predetermined area will the system not permit the user to log in (or at least to continue into the login procedure).
  • This tolerance may depend on many factors such as the complexity of the image, the resolution of the image used for authentication, or the input means, to name a few.
  • systems and methods according to at least some examples of this invention may allow a user and/or a system administrator to select the tolerance level to maximize security while permitting authentication within an acceptable range of the pre-selected input.
  • the system and method of the present invention proceeds with the authorization procedure.
  • Proceeding with the authorization procedure may include any number of outcomes depending on the needs of the user or the parameters of the computer system.
  • the authorization procedure may proceed by completing the authorization process.
  • the computer may complete other login procedures (e.g., open windows to secure information, launch programs designated in a start-up menu, etc.).
  • the authorization procedure may proceed with other security and/or authentication steps that may be required by systems and methods according to at least some examples of this invention prior to full completion of authorization and login.
  • another image may optionally be displayed as part of the authorization process. In this example as illustrated in FIG. 4C , an enlarged portion of the previous image is displayed on the screen. Alternatively, a different image altogether may be used.
  • a second image is displayed after selection of the portion of the first image.
  • the second image contains a portion that is further used for authentication of the user. For example, if the user properly selected the correct portion of the first image (as shown in FIG. 4B ), the second image may appear, and proper selection by the user of a pre-selected portion in the second image enables continued authentication and/or login. For added security, a second image optionally still will be displayed even if the correct portion of the first image was not properly selected in the first step. In this way, an unauthorized user trying to compromise the system will not be tipped off as to whether the first selection was correct or erroneous immediately after the selection of a portion of the first image.
  • the user selects a portion of the second image.
  • there may be additional features to enhance security in selection of the portion of the second image including, but not limited to, specifying the color of the ink used to make the selection, restricting the manner or shape used in selecting the portion of the image, etc. If the user properly selects a pre-determined portion of the second image within an acceptable tolerance, the authentication process may continue.
  • the process repeats as described until the final image is properly processed and the proper portion of the final image is selected. If all of the selections were proper, the login and authentication process is complete and the user logs into the system under his Userid in his account. If any one selection was erroneous, login/authentication fails. A message may optionally be displayed to the user indicating that authorization has failed.
  • a traditional display in which a user is requested to input a userid and/or a password may be combined with the authentication method of the present invention to enhance security.
  • an unauthorized user may access the account if he/she is able to obtain the authorized user's password. By logging into the account improperly, the unauthorized user compromises security.
  • multiple forms of security used in conjunction can further prevent an unauthorized user from improperly gaining access to another user's account information.
  • information may be hidden within the image displayed.
  • steganography may be used in which information is hidden in the image such that only the user knows of the existence of the information.
  • key information of, but not limited to, the form (login name plus the key data) and hashed in one selection may be hidden steganographically into an image.
  • the hidden information such as the key code or login name, is selected. If a match occurs at the completion of the authorization process between the stored information (e.g., key or login name) and the steganographically hidden information selected by the user, login is successful.
  • Ink color (or other characteristics, such as thickness); shape(s) drawn; number of “encirculations;” directional characteristics (e.g., line direction, pen movement direction, etc.); position with respect to image (which may move from login to login); absolute position on the digitizer irrespective of image position; initial image selection by user; intermediate image selection by user; location(s) or number of “breaks” in an encirculation; use encirculation login in combination with other login procedures, such as password entry, image selection, etc.;
  • the present invention also relates to computer-readable media including computer-executable instructions stored thereon for performing various methods and operating various systems, including the systems and/or methods described above.
  • the computer-readable media may constitute computer-executable instructions stored on the various specific examples of computer-readable media described above.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • User Interface Of Digital Computer (AREA)

Abstract

Image based login procedures for computer systems include: (a) displaying a first image on a computer screen; (b) receiving user input indicating a portion of the first image; (c) determining if the user input corresponds to a first acceptable user input for user authentication; and (d) proceeding with the authentication procedure when this user input corresponds to the first acceptable user input for user authentication. Additionally or optionally, when proceeding with this authentication procedure, the systems and methods further may include: displaying a second image on the screen; receiving new user input indicating a portion of the second image; and determining if this new input corresponds to a second acceptable user input for user authentication.

Description

CROSS-REFERENCE TO RELATED APPLICATIONS
This application is a reissue of U.S. application Ser. No. 11/073,742, filed Mar. 8, 2005, now U.S. Pat. No. 7,953,983 B2, issued May 31, 2011.
FIELD OF THE INVENTION
The present invention generally relates to systems, methods, and computer-readable media for providing an image or pictographic based login procedure for computer systems or networks. While useful in non-electronic ink environments, such systems and methods may find particular usefulness in login procedures for pen-based computing systems and/or other systems that accept electronic ink input.
BACKGROUND
Typical computer systems, especially computer systems using graphical user interfaces (“GUIs”), are optimized for accepting user input from one or more discrete input devices, such as a keyboard for entering text and a pointing device, such as a mouse with one or more buttons, for operating the user interface. An example of such a GUI is the user interface for the Windows® computer operating system (available from Microsoft Corporation of Redmond, Wash.). The ubiquitous keyboard and mouse interface provides for fast creation and modification of documents, spreadsheets, database fields, drawings, photos, web pages, emails, and the like.
Recently, however, pen-based computing systems, such as tablet personal computers (“tablet PCs”), personal digital assistants (“PDAs”), and the like, have been increasing in popularity. With pen-based computing systems, user input advantageously may be introduced as “electronic ink” using an electronic “pen” or stylus (e.g., mimicking writing with a pen or pencil on a piece of paper). Indeed, in at least some pen-based computing systems, all user input is capable of being entered and manipulated using an electronic pen input device, and the user interface is fully controllable using only the electronic pen.
As pen-based computing systems become more popular, many computer activities such as access in a computer system become more difficult to implement. For example, in a computer system in which a user logs into an individualized account or inputs security information to enter a restricted site, a pen-based computer system creates difficulties for the user to conveniently and efficiently maneuver the pen or stylus to accomplish the task.
In a typical computer system, a display is presented to the user containing a field in which the user enters a userid and a field in which the user enters a corresponding password. Typically, a user inputs information via a keyboard. Therefore, if inputting data via a keyboard is problematic (e.g., a keyboard is not available or not conveniently accessible), a user may not be able to input data as necessary. In such a system lacking a conveniently available keyboard, a user would be unable to successfully access information because of the inability to enter authentication information into the system.
In the traditional method of gaining access to a private account, a user typically enters a password via a keyboard. A password that has a higher level of security (i.e., a completely random string of characters that is not otherwise associated with the user) is typically difficult to remember. Thus, the user often forgets the password and must expend effort in having the password reset, obtaining the password from a system administrator, etc. To avoid this inconvenience, the user may select a password that is easy to remember, such as the user's date of birth. However, such passwords are easy to “crack” and provide very little security to the user. This defeats the purpose of having the security system in the first place. Thus, the typical computer user is caught in a dilemma of trying to maintain a high level of security while at the same time creating a password that the user can remember. Often, this balance is difficult to achieve. Therefore, a system and method for providing security is needed that is easy to use for the user with minimal demands on the user's memory while providing a high level of security against unauthorized users.
The above-noted issues associated with data input of security information, compromise of password security information or loss of security in computing systems can lead to user frustration. Accordingly, there is a need in the art for improved input of security information, e.g., for use with pen-based computing systems and in other situations where keyboards are inconvenient or unavailable.
SUMMARY
Aspects of the present invention relate to systems, methods, and computer-readable media for providing image or pictographic based login procedures for computer systems or networks. Such systems and methods may include: (a) displaying a first image on a computer display screen; (b) receiving a first user input indicating a portion of the first image (e.g., via an electronic ink input system); (c) determining if the first user input corresponds to a first acceptable user input for user authentication (e.g., via a computer processor system); and (d) proceeding with a user authentication procedure when the first user input corresponds to the first acceptable user input for user authentication. Additionally or optionally, when proceeding with the user authentication procedure, systems and methods in accordance with examples of this invention may further include: displaying a second image on the computer display screen; receiving a second user input indicating a portion of the second image; and determining if the second user input corresponds to a second acceptable user input for authentication. If desired, user access to the computer system or network may be allowed when the first and/or second user inputs correspond to the acceptable user inputs for user authentication. Aspects of the invention further relate to computer-readable media including computer-executable instructions stored thereon for providing image or pictographic based authentication procedures for computer systems or networks like those described above.
BRIEF DESCRIPTION OF THE DRAWINGS
The above and other objects, features, and advantages of the present invention will be more readily apparent and more fully understood from the following detailed description, taken in conjunction with the appended drawings, in which:
FIG. 1 illustrates a schematic diagram of an example general-purpose digital computing environment in which at least some aspects of the present invention may be implemented;
FIG. 2 illustrates an example pen-based personal computing environment in which at least some aspects of the present invention may be implemented;
FIG. 3 illustrates an example of one aspect of the present invention in which an image is selected for use as an authentication tool; and
FIGS. 4A, 4B, and 4C illustrate an example of one aspect of the invention in which a user selects a portion of an image on a display in a user authentication procedure.
When the same reference number is used in more than one of the attached drawings, it is intended to refer to the same or similar parts, features, or steps in the various different drawings.
DETAILED DESCRIPTION
As described above, aspects of the present invention relate to systems, methods, and computer-readable media for an image or pictographic login procedure. The following description is divided into sub-sections to assist the reader. The sub-sections include: Terms; General Description of Various Aspects of the Invention; Example Hardware; Example Systems, Methods, and Computer-Readable Media According to the Invention; and Conclusion.
I. Terms
The following terms are used in this specification and, unless otherwise specified or clear from the context, the terms have the meanings provided below:
“Pen”—Any type of user input device useful in entering electronic ink into and/or otherwise manipulating or controlling an electronic document, a user interface, and/or a computer operating system. The terms “pen” and “stylus” may be used interchangeably in this specification.
“Computer-Readable Medium” means any available media that can be accessed by a user on a computer system. By way of example, and not limitation, “computer-readable media” may include computer storage media and communication media. “Computer storage media” includes volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information, such as computer-readable instructions, data structures, program modules or other data. “Computer storage media” includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology; CD-ROM, digital versatile disks (DVD) or other optical storage devices; magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices; or any other medium that can be used to store the desired information and that can be accessed by a computer. “Communication media” typically embodies computer-readable instructions, data structures, program modules or other data in a modulated data signal, such as a carrier wave or other transport mechanism, and includes any information delivery media. The term “modulated data signal” means a signal that has one or more of its characteristics set or changed in such a manner as to encode information in the signal. By way of example, and not limitation, communication media includes wired media, such as a wired network or direct-wired connection, and wireless media, such as acoustic, RF, infrared and other wireless media. Combinations of any of the above should also be included within the scope of “computer-readable media.”
II. General Description of Various Aspects of the Invention
As generally described above, aspects of the present invention relate to systems, methods, and computer-readable media for providing an image or pictographic based authentication procedure for computer systems or networks. The authentication procedure of the present invention may be applied in any application where authorization of a user is desired. For example, a system may require authentication of a user before allowing the user to “log in” to the user's account. In this situation, a user desiring access to his personal account on a system may apply the authentication procedure of the present invention to gain access to the account while preventing other unauthorized users from accessing the account. Also, the authentication procedure of the present invention may be applied to accessing protected or private sites, for example, on an intranet or on the internet and/or for accessing or logging on to individual computers or systems, local area networks, wide area networks, or the like. Methods in accordance with at least some examples of this invention may include: (a) displaying a first image on a computer display screen; (b) receiving a first user input indicating a portions of the first image; (c) determining if the first user input corresponds to a first acceptable login user input; and (d) proceeding with a user login procedure when the first user input corresponds to the first acceptable login user input. Additionally or optionally, when proceeding with the user login procedure, methods in accordance with at least some examples of this invention further may include: displaying a second image on the computer display screen (the second image may be the same as the first image, an enlargement of part of the first image, a completely new image, etc.); receiving a second user input indicating a portion of the second image; and determining if the second user input corresponds to a second acceptable login user input. If desired, user access to the computer system or network may be allowed when the first and/or second user inputs correspond to the acceptable login user inputs.
Systems in accordance with at least some examples of this invention may include: (a) a computer display screen; (b) an input system for receiving user input (e.g., such as a digitizer for receiving electronic ink input); and (c) a processor system (e.g., including one or more processors) programmed and adapted to: (i) display a first image on a computer display screen, (ii) determine if a first user input indicating a portion of the first image corresponds to a first acceptable login user input, and (iii) proceed with a user login procedure when the first user input corresponds to the first acceptable login user input. In at least some examples of systems in accordance with this invention, when the system proceeds with the user login procedure, the processor system is further programmed and adapted to: (iv) display a second image on the computer display screen, and (v) determine if a second user input indicating a portion of the second image corresponds to a second acceptable login user input. If desired, the processor system may allow user access to the computer system or network when the first and/or second user inputs correspond to the acceptable login user inputs.
Systems and methods according to at least some examples of this invention may accept user input (e.g., the first and/or second user inputs described above) as electronic ink input. For example, the various portions of the image may be “indicated” during the login procedure by drawing a predetermined shape at, near, or at least partially around the portion of the first image using electronic ink. Of course, various other aspects or characteristics of the input may be controlled, varied, and/or selected as part of the login procedure without departing from the invention. For example, ink color, ink thickness, pen tip shape, or other ink characteristics may be varied; characteristics of the input shape or shapes drawn by the user may be varied; the number of times a portion of an image is encircled may be controlled or varied; directional characteristics (e.g., line direction, pen movement direction, etc.) of the input may be varied; initial image selection to initiate the login procedure may be required (e.g., from a pallet of displayed image thumbnails); intermediate image selection to continue the login procedure may be required (e.g., from a pallet of displayed image thumbnails); the location(s) and/or number of “breaks” in an encirculation or other input characteristic may be varied; the pictographic login features may be used in combination with other login procedures or features, such as password entry, image selection; etc. Various other aspects of the input required during login may be varied, controlled, and used as part of the login security features without departing from this invention.
Still additional aspects of the invention relate to computer-readable media including computer-executable instructions stored thereon for providing image or pictographic based login procedures for computer systems or networks.
III. Example Hardware
FIG. 1 illustrates a schematic diagram of a general-purpose digital computing environment that may be used to implement various aspects of the present invention. In FIG. 1, a computer 100 includes a processing unit 110, a system memory 120, and a system bus 130 that couples various system components (including the system memory 120) to the processing unit 110. The system bus 130 may be any of several types of bus structures including a memory bus or memory controller, a peripheral bus, and a local bus using any of a variety of bus architectures. The system memory 120 may include read only memory (“ROM”) 140 and random access memory (“RAM”) 150.
A basic input/output system 160 (“BIOS”), which contains the basic routines that help to transfer information between elements within the computer 100 (such as during start-up), is stored in the ROM 140. The computer 100 also may include a hard disk drive 170 for reading from and writing to a hard disk (not shown), a magnetic disk drive 180 for reading from or writing to a removable magnetic disk 190, and/or an optical disk drive 191 for reading from or writing to a removable optical disk 199, such as a CD ROM or other optical media. The hard disk drive 170, magnetic disk drive 180, and optical disk drive 191 are connected to the system bus 130 by a hard disk drive interface 192, a magnetic disk drive interface 193, and an optical disk drive interface 194, respectively. These drives and their associated computer-readable media provide nonvolatile storage of computer-readable instructions, data structures, program modules, and other data for the personal computer 100. It will be appreciated by those skilled in the art that other types of computer-readable media that can store data that is accessible by a computer, such as magnetic cassettes, flash memory cards, digital video disks, BERNOULLI cartridges, random access memories, read only memories, and the like, also may be used in the example operating environment.
A number of program modules can be stored on the hard disk drive 170, magnetic disk 190, optical disk 199, ROM 140, or RAM 150, including an operating system 195, one or more application programs 196, other program modules 197, and program data 198. A user can enter commands and information into the computer 100 through input devices, such as a keyboard 101 and pointing device 102 (such as a mouse). Other input devices (not shown) may include a microphone, joystick, game pad, satellite dish, scanner, or the like. These and other input devices may be connected to the processing unit 110 through a serial port interface 106 that is coupled to the system bus 130, but they also may be connected by other interfaces, such as a parallel port, game port, or a universal serial bus (USB), and the like. Further still, these devices may be coupled directly to the system bus 130 via an appropriate interface (not shown).
A monitor 107 or other type of display device also may be connected to the system bus 130 via an interface, such as a video adapter 108. In addition to the monitor 107, personal computers typically include other peripheral output devices (not shown), such as speakers and printers. In one example, a pen digitizer 165 and accompanying pen or stylus 166 are provided in order to digitally capture freehand input. Although a connection between the pen digitizer 165 and the serial port interface 106 is shown in FIG. 1, if desired, the pen digitizer 165 may be directly coupled to the processing unit 110, or it may be coupled to the processing unit 110 in any suitable manner, such as via a parallel port or another interface and the system bus 130 as is known in the art. Furthermore, although the digitizer 165 is shown apart from the monitor 107 in FIG. 1, the usable input area of the digitizer 165 may be co-extensive with the display area of the monitor 107. Further still, the digitizer 165 may be integrated in the monitor 107, or it may exist as a separate device overlaying or otherwise appended to the monitor 107.
The computer 100 can operate in a networked environment using logical connections to one or more remote computers, such as a remote computer 109. The remote computer 109 can be a server, a router, a network PC, a peer device or other common network node, and it typically may include many or all of the elements described above relative to the computer 100, although for simplicity, only a memory storage device 111 has been illustrated in FIG. 1. The logical connections depicted in FIG. 1 include a local area network (LAN) 112 and a wide area network (WAN) 113. Such networking environments are commonplace in offices, enterprise-wide computer networks, intranets, and the Internet, using both wired and wireless connections.
When used in a LAN networking environment, the computer 100 may be connected to the local area network 112 through a network interface or adapter 114. When used in a WAN networking environment, the personal computer 100 typically includes a modem 115 or other means for establishing a communications link over the wide area network 113, such as the Internet. The modem 115, which may be internal or external to the computer 100, may be connected to the system bus 130 via the serial port interface 106. In a networked environment, program modules depicted relative to the personal computer 100, or portions thereof, may be stored in a remote memory storage device.
It will be appreciated that the network connections shown are examples and other techniques for establishing a communications link between the computers can be used. The existence of any of various well-known protocols such as TCP/IP, Ethernet, FTP, HTTP, UDP, and the like is presumed, and the system can be operated in a client-server configuration to permit a user to retrieve web pages from a web-based server. Any of various conventional web browsers can be used to display and manipulate data on web pages.
Although the FIG. 1 environment shows one example environment, it will be understood that other computing environments also may be used in systems and methods according to this invention. For example, one or more examples of the present invention may use an environment having fewer than all of the various aspects shown in FIG. 1 and described above, and these aspects may appear in various combinations and subcombinations that will be apparent to one of ordinary skill. Additional features from those shown in FIG. 1 also may be included in environments useful with this invention.
FIG. 2 illustrates a pen-based personal computer (“PC”) 201 that may be used in accordance with various aspects of the present inventions. Any or all of the features, subsystems, and functions in the system of FIG. 1 can be included in the computer of FIG. 2. The pen-based personal computer system 201 includes a large display surface 202, e.g., a digitizing flat panel display, such as a liquid crystal display (“LCD”) screen, on which a plurality of windows 203 is displayed. Using stylus 204, a user can select, highlight, and write on the digitizing display area and thereby enter electronic ink data into the system. Examples of suitable digitizing display panels include electromagnetic pen digitizers, such as pen digitizers available from Mutoh Co. (now known as FinePoint Innovations Co.) or Wacom Technology Co. Other types of pen digitizers, e.g., optical digitizers, also may be used. The pen-based computing system 201 interprets gestures made using stylus 204 in order to manipulate data, enter text as electronic ink, and execute conventional computer application tasks, such as creating, editing, and modifying spreadsheets, word processing programs, and the like.
The stylus 204 may be equipped with buttons or other features to augment its capabilities. In one example, a stylus 204 could be implemented as a “pencil” or “pen,” in which one end constitutes a writing portion and the other end constitutes an “eraser” end 205, and which, when moved across the display, indicates portions of electronic ink on the display that are to be erased. Other types of input devices, such as a mouse, trackball, keyboard, or the like also may be used. Additionally a user's own finger could be used as an input device, e.g., for selecting or indicating portions of the displayed image on a touch-sensitive or proximity-sensitive display. Consequently, the term “user input device,” as used herein, is intended to have a broad definition and encompasses many variations on well-known input devices.
Recently, pen-based computing systems that accept user input via an electronic pen and/or display at least some forms of input as “electronic ink,” e.g., of the type described above, have increased in popularity. Use of electronic ink input as opposed to conventional pen and paper is advantageous in many respects. For example, electronic ink input may be electronically stored, filed, and cataloged for future use, which enables it to be easily maintained, located, and shared with others. Additionally, because electronic ink input can be recognized and converted to conventional machine-generated text (e.g., text insertable into, readable by, and useful by conventional computers), it can be electronically stored, searched, and otherwise used on the computer, for example, in conventional word processing documents and programs, in spreadsheets, in email programs, in document management programs, in web browsers, and the like. Handwriting recognition systems are commercially available that allow handwritten electronic ink input to be converted to machine-generated text. One example of a handwriting recognizer is that provided with the Windows XP Tablet PC Edition™ operating system (available from Microsoft Corporation of Redmond, Wash.), although other handwriting recognizers also are known and may be used in computer systems in accordance with this invention.
In various examples, pen-based computer operating systems provide an ink platform through direct modification of GINA.dll or as a set of component object model (“COM”) services that an operating system and/or an application program can use to capture, manipulate, recognize, and store ink and/or other pen actions or events. The ink platform also may include a mark-up language including a language like the extensible markup language (“XML”). Additional examples of the ink platform may use the distributed component object model (“DCOM”) implementation. Yet further implementations may be used including the Win32 programming model and the .Net programming model from Microsoft Corporation. Such platforms are commercially available and known in the art. Electronic ink data may be stored in an ink serialized format (“ISF”) or in any other suitable or desired manner, including in conventional manners known to those skilled in the art.
In addition to use with full performance pen-based computing systems or “tablet PCs” (e.g., convertible laptops or “slate” type tablet PCs), aspects of this invention may be used in conjunction with other types of pen-based computing systems and/or other devices that accept data as electronic ink and/or that accept, process, or display electronic pen or stylus input, such as: hand-held or palm-top computing systems; personal digital assistants; pocket personal computers; mobile and cellular telephones, pagers, and other communication devices; watches; appliances; and any other devices or systems that include monitors or other display devices and/or digitizers that present printed or graphical information to users and/or allow input using an electronic pen or stylus or that can process electronic ink collected by another device (e.g., a conventional desktop computer that can process electronic ink collected by a tablet PC).
Features of the invention now will be described in conjunction with the remaining figures, which illustrate various examples of the invention and/or contain information to help explain the invention. The specific figures and information contained in this detailed description should be construed as providing examples of the invention and not as limiting the invention.
IV. Example Systems, Methods, and Computer-Readable Media According to the invention
A. Examples of Environments and/or Input Situations that May Benefit from Implementation of Systems and Methods According to the Invention
As described above, aspects of the present invention relate generally to systems and methods that may utilize an image in user authorization or authentication (e.g., secure website logins, computer system or network logins, and/or other security situations). A user may select a preferred image, for example from a menu of possible image choices or a personal image provided by the user, which is presented to the user on a display. The selected image, when displayed to the user, may be used in any authorization or authentication procedure in which the identity of the user needs to be ascertained. For example, when a user logs onto a computer system, it is typically desired that security of the system be maintained so that user data is not compromised by other users. Thus, methods and systems are desired that safeguard individual user accounts for the respective user.
The image selected conforms to predetermined characteristics and specifications to be optimized for use as a user authentication tool. The predetermined characteristics and specification of the selected image may be selected, for example, on the needs of the user in any given system or network and may include, but is not limited to, image complexity, size or resolution. For example, the image may contain a medium to high level of complexity such that a user may easily select a predetermined area in the image when a portion of the image is selected by the user for authentication. Also, increased complexity of the image increases accuracy of selection of the predetermined portion of the image, allowing the user to accurately pinpoint the portion of the image corresponding to the login selection. A complex image also is advantageous from a security standpoint in that it prevents or inhibits unauthorized users from easily guessing the portion of the image to be indicated for successful login or authentication.
FIG. 3 illustrates an example of one aspect of the present invention in which an image is selected for use as an authentication tool. A selection of images is presented to a user on a display such that the user may select a desired image for use in the authentication procedure. Any number of images in any order or format may be used. For example, a display of multiple images may be presented on a display in a grid format (e.g., as thumbnail images) as illustrated in FIG. 3. As another potential option, a user could electronically page through a library of images (e.g., using a “NEXT” or “PREVIOUS” button) and select the authentication image from this library. Alternatively, a user may import his/her own image, if desired. However, for optimal performance, a user-provided image should conform to minimum resolution and complexity standards to ensure that the image provides a high level of security and privacy in the login process.
FIGS. 4A, 4B, and 4C illustrate an example of one aspect of the invention in which a user selects a portion of an image on a display in a first step of user authentication according to the present invention. FIG. 4A is an image previously selected by the user as a pictographic login image of the present invention, and when a procedure requiring user authentication is initiated (e.g., a computer is turned on access to a secure website or data file is requested, etc.), this image is displayed to this user. The image has sufficient complexity and resolution to provide accuracy in selection of a portion of the image, reproducibility o f selection of the proper portion of the image, and facility of the user to identify the desired portion of the image to select. As FIG. 4A illustrates, the image selected in this example is an image of snow-covered mountains.
FIG. 4B is the display of FIG. 4A after the user has selected a portion of the image for login or authentication purposes. User selection of a portion of the image may be accomplished by any variety of input devices such as but not limited to a mouse, a pen, a stylus, a finger, etc. For proper authentication, the user must select the area of the image that has been designated as the area of the image to select for successful log in. Thus, in this example, the area of the image to select for log-in has been previously selected by the user, and that same area of the image must be subsequently selected to successfully complete the log-in or authentication procedure. There are many other features of the selection of the image portion that may optionally be used to increase privacy and security. For example, the shape used to select the portion of the image may also be set to require user input in a certain shape such that the user must not only select the proper portion of the image, but he/she also must select the portion of the image using a predetermined shape. As will be shown, the predetermined shape used in the present example is a circle although the invention is not limited to any particular shape. Any shape may be used, and optionally required, for authentication, without departing from the invention.
Another potential method of enhancing security is to require preselected input characteristics relating to additional features of the image selection before authentication may be granted. For example, the direction of drawing the selection may be pre-selected such that the user may have to draw the image selection in a particular order or direction. In this example, the direction of selecting the proper portion of the image may be optionally limited to drawing the selection in a clockwise direction or in a counter-clockwise direction. As another example, the system may require user input of the selection to start at a particular spot on the circle (e.g., the 8 o'clock position) in order to successfully authenticate. In these ways, the user may be required to draw the selection in a predetermined manner or authentication may not occur. Also, the color of the electronic ink used for the selection may be optionally regulated in order to provide enhanced security. For example, the user may be required to draw the selection of the image with a particular color of ink, e.g., red, selected from a color pallet included with the authentication image. If this option is included in the authentication procedure, a user selecting the proper portion of the image may still fail to gain access or authorization if the user draws the selection with an improperly selected color. In this way, security is further increased such that an unauthorized person would have great difficulty in accessing the private account, data, or other information of another user.
To provide a high level of integrity of selection of the proper portion or area of the login image, the selection of the portion of the image by the user may not be the precise preselected area identified by the user during the security system set-up procedure. Due to variability and inaccuracies of the input by a human user, an authorized user may fail to draw a selection around the precise desired area in the image. Rather, due to human error or slight variations in selecting the proper portion of the image, the selection may be slightly skewed from the precise location of the portion of the image. The tolerance of the skew may depend on the individual system or network and may be calculated or adjusted based on the needs of the user, for example. Thus, the login and authentication method and system of the present invention provide for a tolerance in the selection of the portion of the image for user authorization. In this example, if the selection of the portion of the image for authorizations is not precisely correct but is still within an allowable range from the originally designated selection area, the authorization process will proceed. Only if the selection is outside a predetermined tolerance level from the predetermined area will the system not permit the user to log in (or at least to continue into the login procedure). This tolerance may depend on many factors such as the complexity of the image, the resolution of the image used for authentication, or the input means, to name a few. Optionally, if desired, systems and methods according to at least some examples of this invention may allow a user and/or a system administrator to select the tolerance level to maximize security while permitting authentication within an acceptable range of the pre-selected input.
After the user properly selects the predetermined portion of the image for authentication as indicated in FIG. 4B, the system and method of the present invention proceeds with the authorization procedure. Proceeding with the authorization procedure may include any number of outcomes depending on the needs of the user or the parameters of the computer system. For example, after the user properly selects the portion of the image for authorization in the first step, the authorization procedure may proceed by completing the authorization process. In that case, the computer may complete other login procedures (e.g., open windows to secure information, launch programs designated in a start-up menu, etc.). Alternatively, after the user properly selects the portion of the image for authorization in the first step, the authorization procedure may proceed with other security and/or authentication steps that may be required by systems and methods according to at least some examples of this invention prior to full completion of authorization and login. As one more specific example, after a successful initial authentication procedure, another image may optionally be displayed as part of the authorization process. In this example as illustrated in FIG. 4C, an enlarged portion of the previous image is displayed on the screen. Alternatively, a different image altogether may be used. By including additional layers of image selection (or other authentication procedures), privacy and security are markedly increased such that unauthorized users may have great difficulty in accessing the account, system, and/or network.
As FIG. 4C illustrates, a second image is displayed after selection of the portion of the first image. In this example, the second image contains a portion that is further used for authentication of the user. For example, if the user properly selected the correct portion of the first image (as shown in FIG. 4B), the second image may appear, and proper selection by the user of a pre-selected portion in the second image enables continued authentication and/or login. For added security, a second image optionally still will be displayed even if the correct portion of the first image was not properly selected in the first step. In this way, an unauthorized user trying to compromise the system will not be tipped off as to whether the first selection was correct or erroneous immediately after the selection of a portion of the first image.
In FIG. 4C, the user selects a portion of the second image. As in the selection of the first image, there may be additional features to enhance security in selection of the portion of the second image including, but not limited to, specifying the color of the ink used to make the selection, restricting the manner or shape used in selecting the portion of the image, etc. If the user properly selects a pre-determined portion of the second image within an acceptable tolerance, the authentication process may continue.
If there are further images from which to select a portion from, the process repeats as described until the final image is properly processed and the proper portion of the final image is selected. If all of the selections were proper, the login and authentication process is complete and the user logs into the system under his Userid in his account. If any one selection was erroneous, login/authentication fails. A message may optionally be displayed to the user indicating that authorization has failed.
Also, for added security, traditional methods of authentication may be combined with the authentication methods of the present invention. For example, a traditional display in which a user is requested to input a userid and/or a password may be combined with the authentication method of the present invention to enhance security. In a traditional system in which only a userid and password is used an unauthorized user may access the account if he/she is able to obtain the authorized user's password. By logging into the account improperly, the unauthorized user compromises security. However, in this example of the present invention in which authorization by image selection is combined by the traditional method(s) of authentication, multiple forms of security used in conjunction can further prevent an unauthorized user from improperly gaining access to another user's account information.
In another example of another aspect of the present invention, information may be hidden within the image displayed. There are many known method of hiding information within an image which may be incorporated in the present invention. For example, steganography may be used in which information is hidden in the image such that only the user knows of the existence of the information. For example, key information of, but not limited to, the form (login name plus the key data) and hashed in one selection may be hidden steganographically into an image. As the user selects the proper portion of each consecutive image, the hidden information, such as the key code or login name, is selected. If a match occurs at the completion of the authorization process between the stored information (e.g., key or login name) and the steganographically hidden information selected by the user, login is successful.
As referred to above, there are many potential features that may be included and/or varied in the authentication of the present invention. Some of these variations include:
Ink color (or other characteristics, such as thickness); shape(s) drawn; number of “encirculations;” directional characteristics (e.g., line direction, pen movement direction, etc.); position with respect to image (which may move from login to login); absolute position on the digitizer irrespective of image position; initial image selection by user; intermediate image selection by user; location(s) or number of “breaks” in an encirculation; use encirculation login in combination with other login procedures, such as password entry, image selection, etc.;
Finally, the present invention also relates to computer-readable media including computer-executable instructions stored thereon for performing various methods and operating various systems, including the systems and/or methods described above. The computer-readable media may constitute computer-executable instructions stored on the various specific examples of computer-readable media described above.
V. Conclusion
Various examples of the present invention have been described above, and it will be understood by those of ordinary skill that the present invention includes within its scope all combinations and subcombinations of these examples. Additionally, those skilled in the art will recognize that the above examples simply exemplify various aspects of the invention. The various specific steps and/or architectural elements described above can be changed, functions may be added, deleted, combined, and/or changed in order without departing from the invention. Thus, various changes and modifications may be made without departing from the spirit and scope of the invention, as defined in the appended claims.

Claims (30)

The invention claimed is:
1. A user authentication method, comprising acts of:
displaying a first image on a display screen;
receiving a first user input comprising a first shape that is drawn around a portion of the displayed first image;
performing a first authentication step comprising verifying that the portion of the displayed first image around which the first shape is drawn, matches a designated portion of the first image that is predetermined for user authentication;
displaying a second image on the display screen, wherein displaying of the second image provides no indication of a result of the first authentication step;
receiving a second user input comprising a second shape that is drawn around a portion of the displayed second image;
performing a second authentication step comprising verifying that the portion of the displayed second image around which the second shape is drawn, matches a designated portion of the second image that is predetermined for user authentication; and
determining that a user is successfully authenticated upon successful completion of the first and second authentication steps;
wherein at least one of the fast or second authentication steps further comprising:
verifying that the respective first or second shape matches a predetermined shape, and
verifying that a direction in which the respective first or second shape is drawn matches a predetermined direction.
2. The method according to claim 1, further comprising an act of:
allowing the user to access a computer system when the user is determined to be successfully authenticated.
3. The method according to claim 1, wherein the second image is an enlargement of a part of the first image.
4. The method according to claim 1, wherein at least one of the first or the second user inputs include electronic ink input.
5. The method according to claim 1, wherein at least one of the first or second authentication steps further comprising verifying that a color used to draw the respective first or second shape matches a predetermined color.
6. The method according to claim 1, wherein at least one of the first or second authentication steps further comprising verifying that the respective first or second shape is drawn by starting at a predetermined spot of the predetermined shape.
7. A computer-readable storage medium device including computer-executable instructions stored thereon for performing steps of:
displaying a first image on a display screen;
receiving a first user input comprising a first shape that is drawn around a portion of the displayed first image;
performing a first authentication step comprising verifying that the portion of the displayed first image around which the first shape is drawn, matches a designated portion of the first image that is predetermined for user authentication;
displaying a second image on the display screen, wherein displaying of the second image provides no indication of a result of the first authentication step;
receiving a second user input comprising a second shape that is drawn around a portion of the displayed second image;
performing a second authentication step comprising verifying that the portion of the displayed second image around which the second shape is drawn, matches a designated portion of the second image that is predetermined for user authentication; and
determining that a user is successfully authenticated upon successful completion of the first and second authentication steps;
wherein at least one of the first or second authentication steps further comprising:
verifying that the respective first or second shape matches a predetermined shape, and
verifying that the direction in which the respective first or second shape is drawn matches a predetermined direction.
8. A system, comprising:
a display screen;
an input system for receiving user input; and
a processor system programmed to:
display a first image on the display screen in response to a first user's initiation of a procedure requiring authentication of the first user as an authorized user, wherein the first image comprises a designated portion of the first image that was previously selected by the authorized user as a portion of the first image that must be properly selected when the first image is displayed to the first user for user authentication;
receive a first user input via the input system, wherein the first user input indicates a user-selected portion of the displayed first image,
wherein the first user input comprises a shape that is drawn at least partially around the user-selected portion of the displayed first image; and
determine that the first user input constitutes a proper selection of the designated portion of the first image for or user authentication, when the first user it satisfies pre-specified conditions for proper selection of the designated portion of the first image;
wherein the pre-specified conditions include:
a first condition that the user-selected portion of the displayed first image corresponds to the designated portion of the first image at least within a permitted level of variation between the user-selected portion of the displayed first image and the designated portion of the first image,
a second condition that the shape that is drawn at least partially around the user-selected portion of the displayed first image matches a predetermined shape, and
a third condition that the shape that is drawn at least partially around the user-selected portion of the displayed first image is drawn by starting at a predetermined spot of the predetermined shape.
9. The system according to claim 8, wherein the processor system is further programmed to:
display a second image on the display screen, wherein
displaying the second image provides no indication of an improper selection of the designated portion of the first image, and further wherein the second image comprises a designated portion of the second image that was previously selected by the authorized user as a portion of the second image that must be properly selected when the second image is displayed to the first user for user authentication, and
receive a second user input via the input system, wherein the second user input indicates a user-selected portion of the displayed second image, and determine if the second user input constitutes a proper selection of the designated portion of the second image for user authentication.
10. The system according to claim 9, wherein when the second user input is determined to be a proper selection of the designated portion of the second image for user authentication, the processor system is further programmed to allow the first user to access a computer system.
11. The system according to claim 9, wherein the second image is an enlargement of a part of the first image.
12. The system according to claim 9, wherein the second user input includes electronic ink input comprising a shape that is drawn at least partially around the user-selected portion of the displayed second image.
13. The system according to claim 12, wherein the shape that is drawn at least partially around the user-selected portion of the displayed second image comprises a predetermined shape that is drawn as a condition for proper selection of the designated portion of the second image.
14. The system according to claim 8, wherein the processor system is further programmed to allow the first user to access a computer system.
15. A system, comprising:
a display screen; and
a processor configured to:
display a first image on the display screen in response to an initiation of an authentication procedure, wherein the first image comprises predesignated portions of the first image that were previously selected as portions of the first image to be selected when the first image is displayed for authentication;
receive a first input via an input system, wherein the first input indicates a first selected portion of the displayed first image, wherein the first input comprises a first shape;
receive a second input via the input system, wherein the second input indicates a second selected portion of the displayed first image, wherein the second input comprises a second shape; and
determine that the first input and the second input are part of proper selection of the predesignated portions of the first image for authentication when the first input and the second input satisfy pre-specified conditions for proper selection of the predesignated portions of the first image,
wherein the pre-specified conditions include:
a condition that each of the first input and the second input match a predetermined shape comprising at least one of: a straight line, a curved line, or a closed shape; and
a condition that a first direction that the first shape is drawn in the first input matches a first predetermined direction and that a second direction that the second shape is drawn in the second input matches a second predetermined direction.
16. The system according to claim 15, wherein the pre-specified conditions further include:
a condition that the first input and the second input are entered in an order that matches a predetermined order.
17. The system according to claim 15, wherein the first image is a user provided image.
18. The system according to claim 15, wherein the input system includes a touch input system.
19. The system according to claim 15, wherein the processor further configured to:
determine a first permitted level of variation of the first input based on at least one of: complexity of the first image, the resolution of the first image, the input means, or calculation based on user inputs; and
authenticate the first input based in part on the first permitted level of variation.
20. A system, comprising:
a display screen; and
a processor configured to:
display a first image on the display screen in response to an initiation of an authentication procedure, wherein the first image comprises a predesignated portion of the first image that was previously selected as a portion of the first image to be selected when the first image is displayed for authentication;
receive a first input via an input system, wherein the first input indicates a selected portion of the displayed first image, wherein the first input comprises a shape that is drawn at least partially around the selected portion of the displayed first image;
determine that the first input constitutes a proper selection of the predesignated portion of the first image for authentication when the first input satisfies pre-specified conditions for proper selection of the predesignated portion of the first image,
wherein the pre-specified conditions include:
a condition that the selected portion of the displayed first image corresponds to the predesignated portion of the first image at least within a permitted level of variation between the selected portion of the displayed first image and the predesignated portion of the first image,
a condition that the shape that is drawn at least partially around the selected portion of the displayed first image matches a predetermined shape, and
a condition that a direction in which the shape is drawn matches a direction characteristic of the predetermined shape.
21. The system according to claim 20, wherein the shape is a circle.
22. The system according to claim 20, wherein the first image is a user provided image.
23. The system according to claim 20, wherein the input system includes a touch input system.
24. The system according to claim 20, the processor further configured to:
require that a predetermined number of shapes is received via the input system for authentication.
25. The system according to claim 20, the pre-specified conditions further include:
a condition that the first input matches a predetermined shape comprising at least one of a curved line or a closed shape.
26. A method, comprising:
displaying a first image on a display screen in response to an initiation of an authentication procedure, wherein the first image comprises a predesignated portion of the first image that was previously selected as a portion of the first image to be selected when the first image is displayed for authentication;
receiving a first input via an input system, wherein the first input indicates a selected portion of the displayed first image, wherein the first input comprises a shape that is drawn at least partially around the selected portion of the displayed first image;
determining that the first input constitutes a proper selection of the predesignated portion of the first image for authentication when the first input satisfies pre-specified conditions for proper selection of the predesignated portion of the first image,
wherein the pre-specified conditions include:
a condition that the selected portion of the displayed first image corresponds to the predesignated portion of the first image at least within a permitted level of variation between the selected portion of the displayed first image and the predesignated portion of the first image,
a condition that the shape that is drawn at least partially around the selected portion of the displayed first image matches a predetermined shape, and
a condition that a direction in which the shape is drawn matches a direction characteristic of the predetermined shape.
27. The method of claim 26, wherein the shape is a circle.
28. The method of claim 26, wherein the first image is a user provided image.
29. The method of claim 26, wherein the input system includes a touch input system.
30. The method of claim 26, further comprising:
determining a first permitted level of variation of the first input based on at least one of: complexity of the first image, the resolution of the first image, the input means, or calculation based on user inputs; and
authenticating the first input based in part on the first permitted level of variation.
US13/409,877 2005-03-08 2012-03-01 Image or pictographic based computer login systems and methods Active 2028-05-21 USRE44725E1 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
US13/409,877 USRE44725E1 (en) 2005-03-08 2012-03-01 Image or pictographic based computer login systems and methods
US14/156,044 USRE46301E1 (en) 2005-03-08 2014-01-15 Image or pictographic based computer login systems and methods
US15/405,205 USRE47518E1 (en) 2005-03-08 2017-01-12 Image or pictographic based computer login systems and methods

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US11/073,742 US7953983B2 (en) 2005-03-08 2005-03-08 Image or pictographic based computer login systems and methods
US13/409,877 USRE44725E1 (en) 2005-03-08 2012-03-01 Image or pictographic based computer login systems and methods

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US11/073,742 Reissue US7953983B2 (en) 2005-03-08 2005-03-08 Image or pictographic based computer login systems and methods

Related Child Applications (2)

Application Number Title Priority Date Filing Date
US11/073,742 Continuation US7953983B2 (en) 2005-03-08 2005-03-08 Image or pictographic based computer login systems and methods
US14/156,044 Continuation USRE46301E1 (en) 2005-03-08 2014-01-15 Image or pictographic based computer login systems and methods

Publications (1)

Publication Number Publication Date
USRE44725E1 true USRE44725E1 (en) 2014-01-21

Family

ID=36972393

Family Applications (4)

Application Number Title Priority Date Filing Date
US11/073,742 Ceased US7953983B2 (en) 2005-03-08 2005-03-08 Image or pictographic based computer login systems and methods
US13/409,877 Active 2028-05-21 USRE44725E1 (en) 2005-03-08 2012-03-01 Image or pictographic based computer login systems and methods
US14/156,044 Ceased USRE46301E1 (en) 2005-03-08 2014-01-15 Image or pictographic based computer login systems and methods
US15/405,205 Active 2028-05-21 USRE47518E1 (en) 2005-03-08 2017-01-12 Image or pictographic based computer login systems and methods

Family Applications Before (1)

Application Number Title Priority Date Filing Date
US11/073,742 Ceased US7953983B2 (en) 2005-03-08 2005-03-08 Image or pictographic based computer login systems and methods

Family Applications After (2)

Application Number Title Priority Date Filing Date
US14/156,044 Ceased USRE46301E1 (en) 2005-03-08 2014-01-15 Image or pictographic based computer login systems and methods
US15/405,205 Active 2028-05-21 USRE47518E1 (en) 2005-03-08 2017-01-12 Image or pictographic based computer login systems and methods

Country Status (1)

Country Link
US (4) US7953983B2 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8910253B2 (en) 2011-05-24 2014-12-09 Microsoft Corporation Picture gesture authentication
US9355239B2 (en) 2009-06-17 2016-05-31 Microsoft Technology Licensing, Llc Image-based unlock functionality on a computing device
US10127376B1 (en) * 2014-12-31 2018-11-13 EMC IP Holding Company LLC Graphical password generation
USRE47518E1 (en) 2005-03-08 2019-07-16 Microsoft Technology Licensing, Llc Image or pictographic based computer login systems and methods

Families Citing this family (89)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8640259B2 (en) 2005-01-20 2014-01-28 The Invention Science Fund I, Llc Notarizable electronic paper
US8281142B2 (en) 2005-01-20 2012-10-02 The Invention Science Fund I, Llc Notarizable electronic paper
US8063878B2 (en) 2005-01-20 2011-11-22 The Invention Science Fund I, Llc Permanent electronic paper
US7865734B2 (en) 2005-05-12 2011-01-04 The Invention Science Fund I, Llc Write accessibility for electronic paper
US7774606B2 (en) 2005-01-20 2010-08-10 The Invention Science Fund I, Inc Write accessibility for electronic paper
US7856555B2 (en) 2005-01-20 2010-12-21 The Invention Science Fund I, Llc Write accessibility for electronic paper
US7739510B2 (en) 2005-05-12 2010-06-15 The Invention Science Fund I, Inc Alert options for electronic-paper verification
US7669245B2 (en) * 2005-06-08 2010-02-23 Searete, Llc User accessibility to electronic paper
US20070083919A1 (en) * 2005-10-11 2007-04-12 Guy Heffez Secure Image Protocol
JP4887800B2 (en) * 2006-01-24 2012-02-29 富士ゼロックス株式会社 Document processing system
EP1835714B1 (en) * 2006-03-16 2014-05-07 Océ-Technologies B.V. Printing via kickstart function
US9189603B2 (en) 2006-05-24 2015-11-17 Confident Technologies, Inc. Kill switch security method and system
CA2649015C (en) 2006-05-24 2014-01-21 Vidoop, L.L.C. Graphical image authentication and security system
US8117458B2 (en) * 2006-05-24 2012-02-14 Vidoop Llc Methods and systems for graphical image authentication
US20070277224A1 (en) 2006-05-24 2007-11-29 Osborn Steven L Methods and Systems for Graphical Image Authentication
US20080028205A1 (en) * 2006-07-31 2008-01-31 Cui Qing Yang Method and apparatus for authenticating a user
US8301897B2 (en) * 2006-08-23 2012-10-30 Cisco Technology, Inc. Challenge-based authentication protocol
US8671444B2 (en) * 2006-10-06 2014-03-11 Fmr Llc Single-party, secure multi-channel authentication for access to a resource
US8434133B2 (en) * 2006-10-06 2013-04-30 Fmr Llc Single-party, secure multi-channel authentication
WO2008043090A1 (en) * 2006-10-06 2008-04-10 Fmr Corp. Secure multi-channel authentication
US8474028B2 (en) * 2006-10-06 2013-06-25 Fmr Llc Multi-party, secure multi-channel authentication
US20080104410A1 (en) * 2006-10-25 2008-05-01 Brown Daniel R Electronic clinical system having two-factor user authentication prior to controlled action and method of use
US20080115192A1 (en) * 2006-11-07 2008-05-15 Rajandra Laxman Kulkarni Customizable authentication for service provisioning
US8356333B2 (en) * 2006-12-12 2013-01-15 Bespoke Innovations Sarl System and method for verifying networked sites
US20080172750A1 (en) * 2007-01-16 2008-07-17 Keithley Craig J Self validation of user authentication requests
US20090121471A1 (en) * 2007-01-31 2009-05-14 Gaffney Gene F Method and system for producing documents, websites, and the like having security features
US7740281B2 (en) * 2007-01-31 2010-06-22 The Ergonomic Group Method and system for producing certified documents and the like
KR20090120475A (en) * 2007-02-05 2009-11-24 비둡 엘엘씨 Methods and systems for delivering sponsored out-of-band passwords
US20110047605A1 (en) * 2007-02-06 2011-02-24 Vidoop, Llc System And Method For Authenticating A User To A Computer System
US7266693B1 (en) * 2007-02-13 2007-09-04 U.S. Bancorp Licensing, Inc. Validated mutual authentication
WO2008109661A2 (en) * 2007-03-05 2008-09-12 Vidoop, Llc. Method and system for securely caching authentication elements
US20080231040A1 (en) * 2007-03-19 2008-09-25 Gaffney Gene F Security document with fade-way portion
US11257080B2 (en) 2007-05-04 2022-02-22 Michael Sasha John Fraud deterrence for secure transactions
US20090064321A1 (en) * 2007-08-29 2009-03-05 Dick Richard S Methods for Providing User Authentication in a Computer Network or System
WO2009039223A1 (en) * 2007-09-17 2009-03-26 Vidoop Llc Methods and systems for management of image-based password accounts
CN101499905A (en) * 2008-02-02 2009-08-05 诚实科技股份有限公司 Image password authentication system for mobile device and method therefor
US20090240578A1 (en) * 2008-03-18 2009-09-24 Christopher James Lee Methods and systems for graphical security authentication and advertising
US8726355B2 (en) * 2008-06-24 2014-05-13 Gary Stephen Shuster Identity verification via selection of sensible output from recorded digital data
US8086745B2 (en) * 2008-08-29 2011-12-27 Fuji Xerox Co., Ltd Graphical system and method for user authentication
US8621578B1 (en) 2008-12-10 2013-12-31 Confident Technologies, Inc. Methods and systems for protecting website forms from automated access
US8347103B2 (en) * 2009-01-13 2013-01-01 Nic, Inc. System and method for authenticating a user using a graphical password
GB0910545D0 (en) 2009-06-18 2009-07-29 Therefore Ltd Picturesafe
US8458774B2 (en) * 2009-11-02 2013-06-04 Authentify Inc. Method for secure site and user authentication
US8813183B2 (en) * 2010-02-11 2014-08-19 Antique Books, Inc. Method and system for processor or web logon
US20110231656A1 (en) * 2010-03-16 2011-09-22 Telcordia Technologies, Inc. System and methods for authenticating a receiver in an on-demand sender-receiver transaction
US8832810B2 (en) 2010-07-09 2014-09-09 At&T Intellectual Property I, L.P. Methods, systems, and products for authenticating users
US9141150B1 (en) * 2010-09-15 2015-09-22 Alarm.Com Incorporated Authentication and control interface of a security system
US8863271B2 (en) 2010-12-16 2014-10-14 Blackberry Limited Password entry using 3D image with spatial alignment
US8931083B2 (en) 2010-12-16 2015-01-06 Blackberry Limited Multi-layer multi-point or randomized passwords
US9258123B2 (en) 2010-12-16 2016-02-09 Blackberry Limited Multi-layered color-sensitive passwords
US8769641B2 (en) 2010-12-16 2014-07-01 Blackberry Limited Multi-layer multi-point or pathway-based passwords
US9135426B2 (en) 2010-12-16 2015-09-15 Blackberry Limited Password entry using moving images
US8650624B2 (en) 2010-12-16 2014-02-11 Blackberry Limited Obscuring visual login
US8631487B2 (en) 2010-12-16 2014-01-14 Research In Motion Limited Simple algebraic and multi-layer passwords
US8661530B2 (en) 2010-12-16 2014-02-25 Blackberry Limited Multi-layer orientation-changing password
US8650635B2 (en) 2010-12-16 2014-02-11 Blackberry Limited Pressure sensitive multi-layer passwords
US8635676B2 (en) 2010-12-16 2014-01-21 Blackberry Limited Visual or touchscreen password entry
US8745694B2 (en) 2010-12-16 2014-06-03 Research In Motion Limited Adjusting the position of an endpoint reference for increasing security during device log-on
US8769668B2 (en) 2011-05-09 2014-07-01 Blackberry Limited Touchscreen password entry
JP5143258B2 (en) * 2011-06-17 2013-02-13 株式会社東芝 Information processing apparatus, information processing method, and control program
US8627096B2 (en) * 2011-07-14 2014-01-07 Sensible Vision, Inc. System and method for providing secure access to an electronic device using both a screen gesture and facial biometrics
US9223948B2 (en) 2011-11-01 2015-12-29 Blackberry Limited Combined passcode and activity launch modifier
US8504842B1 (en) * 2012-03-23 2013-08-06 Google Inc. Alternative unlocking patterns
US8881251B1 (en) * 2012-05-30 2014-11-04 RememberIN, Inc. Electronic authentication using pictures and images
US8973095B2 (en) * 2012-06-25 2015-03-03 Intel Corporation Authenticating a user of a system via an authentication image mechanism
US9069932B2 (en) 2012-07-06 2015-06-30 Blackberry Limited User-rotatable three-dimensionally rendered object for unlocking a computing device
US20140195974A1 (en) * 2012-08-29 2014-07-10 Identity Validation Products, Llc Method and apparatus for using a finger swipe interface to control a system
US8752151B2 (en) * 2012-10-09 2014-06-10 At&T Intellectual Property I, L.P. Methods, systems, and products for authentication of users
US8694791B1 (en) 2012-10-15 2014-04-08 Google Inc. Transitioning between access states of a computing device
JP2014106813A (en) * 2012-11-28 2014-06-09 International Business Maschines Corporation Authentication device, authentication program, and authentication method
GB2509314B (en) * 2012-12-27 2014-11-26 Ziyad Saleh M Alsalloum Geographical passwords
US9172692B2 (en) 2013-03-14 2015-10-27 William M. Langley Systems and methods for securely transferring authentication information between a user and an electronic resource
WO2014165431A1 (en) 2013-04-05 2014-10-09 Antique Books, Inc. Method and system providing a picture password proof of knowledge
US9875351B2 (en) 2013-07-16 2018-01-23 Nokia Technologies Oy Methods, apparatuses, and computer program products for hiding access to information in an image
WO2015164476A2 (en) 2014-04-22 2015-10-29 Antique Books, Inc. Method and system of providing a picture password for relatively smaller displays
US9323435B2 (en) 2014-04-22 2016-04-26 Robert H. Thibadeau, SR. Method and system of providing a picture password for relatively smaller displays
WO2015187729A1 (en) 2014-06-02 2015-12-10 Antique Books, Inc. Device and server for password pre-verification at client using truncated hash
WO2015187713A1 (en) 2014-06-02 2015-12-10 Antique Books, Inc. Advanced proof of knowledge authentication
US11615663B1 (en) * 2014-06-17 2023-03-28 Amazon Technologies, Inc. User authentication system
US9497186B2 (en) 2014-08-11 2016-11-15 Antique Books, Inc. Methods and systems for securing proofs of knowledge for privacy
US9449166B2 (en) * 2014-12-05 2016-09-20 Intel Corporation Performing authentication based on user shape manipulation
WO2016191376A1 (en) 2015-05-22 2016-12-01 Antique Books, Inc. Initial provisioning through shared proofs of knowledge and crowdsourced identification
US10630675B2 (en) 2016-04-14 2020-04-21 Microsoft Technology Licensing, Llc Generating web service picture passwords with user-specific cypher keys
US10235532B2 (en) * 2016-09-23 2019-03-19 Harman International Industries, Incorporated Device access control
CN107026842B (en) * 2016-11-24 2020-04-24 阿里巴巴集团控股有限公司 Method and device for generating security problem and verifying identity
US10817066B2 (en) * 2016-12-05 2020-10-27 Google Llc Information privacy in virtual reality
US10333913B2 (en) 2017-05-15 2019-06-25 International Business Machines Corporation Dynamic object passwords
EP3895045A4 (en) * 2018-12-10 2022-09-07 Conflu3nce, Ltd. System and method for user recognition based on cognitive interactions
KR20220040761A (en) * 2020-09-24 2022-03-31 삼성전자주식회사 Electronic apparatus and method of controlling the same

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5559961A (en) 1994-04-04 1996-09-24 Lucent Technologies Inc. Graphical password
US6118872A (en) 1997-09-05 2000-09-12 Fujitsu Limited Apparatus and method for controlling secret data by using positions of input image points on an image and a sequence of the positions
DE10024179A1 (en) 2000-05-17 2001-11-22 Gero Decker Access control method acts as an alternative to existing password systems, etc. and uses selection of an area of a mathematical image, e.g. a fractal image, that is then used as a password type area to gain access
US20040010722A1 (en) 2002-07-10 2004-01-15 Samsung Electronics Co., Ltd. Computer system and method of controlling booting of the same
US20040034801A1 (en) * 2001-02-15 2004-02-19 Denny Jaeger Method for creating and using computer passwords
US20040260955A1 (en) 2003-06-19 2004-12-23 Nokia Corporation Method and system for producing a graphical password, and a terminal device
US6958759B2 (en) 2001-08-28 2005-10-25 General Instrument Corporation Method and apparatus for preserving, enlarging and supplementing image content displayed in a graphical user interface
US7243239B2 (en) 2002-06-28 2007-07-10 Microsoft Corporation Click passwords
US7536556B2 (en) 2001-07-27 2009-05-19 Yulia Vladimirovna Fedorova Method and device for entering a computer database password

Family Cites Families (118)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5485531A (en) 1987-12-17 1996-01-16 Fuji Electric Co., Ltd. Character-feature extraction device
US5224179A (en) 1988-12-20 1993-06-29 At&T Bell Laboratories Image skeletonization method
US5465084A (en) 1990-03-27 1995-11-07 Cottrell; Stephen R. Method to provide security for a computer and a device therefor
GB9125540D0 (en) 1991-11-30 1992-01-29 Davies John H E Access control systems
US5539840A (en) 1993-10-19 1996-07-23 Canon Inc. Multifont optical character recognition using a box connectivity approach
US5599610A (en) 1994-02-04 1997-02-04 Fabrite Laminating Corp. Trilaminate fabric for surgical gowns and drapes
US5778069A (en) 1996-04-10 1998-07-07 Microsoft Corporation Non-biased pseudo random number generator
US6075905A (en) 1996-07-17 2000-06-13 Sarnoff Corporation Method and apparatus for mosaic image construction
US6209104B1 (en) 1996-12-10 2001-03-27 Reza Jalili Secure data entry and visual authentication system and method
US6278453B1 (en) 1997-06-13 2001-08-21 Starfish Software, Inc. Graphical password methodology for a microprocessor device accepting non-alphanumeric user input
US6185316B1 (en) 1997-11-12 2001-02-06 Unisys Corporation Self-authentication apparatus and method
US20010044906A1 (en) 1998-04-21 2001-11-22 Dimitri Kanevsky Random visual patterns used to obtain secured access
US6516092B1 (en) 1998-05-29 2003-02-04 Cognex Corporation Robust sub-model shape-finder
US6788304B1 (en) 1998-06-11 2004-09-07 Evans & Sutherland Computer Corporation Method and system for antialiased procedural solid texturing
US7219368B2 (en) * 1999-02-11 2007-05-15 Rsa Security Inc. Robust visual passwords
US6393305B1 (en) 1999-06-07 2002-05-21 Nokia Mobile Phones Limited Secure wireless communication user identification by voice recognition
WO2001077792A2 (en) * 2000-04-07 2001-10-18 Rsa Security Inc. System and method for authenticating a user
US20010037468A1 (en) 2000-04-11 2001-11-01 Gaddis M. Norton Method and apparatus for creating unique image passwords
US6934860B1 (en) * 2000-05-08 2005-08-23 Xerox Corporation System, method and article of manufacture for knowledge-based password protection of computers and other systems
US6720860B1 (en) 2000-06-30 2004-04-13 International Business Machines Corporation Password protection using spatial and temporal variation in a high-resolution touch sensitive display
US6948068B2 (en) 2000-08-15 2005-09-20 Spectra Systems Corporation Method and apparatus for reading digital watermarks with a hand-held reader device
US6959394B1 (en) 2000-09-29 2005-10-25 Intel Corporation Splitting knowledge of a password
US6868190B1 (en) 2000-10-19 2005-03-15 Eastman Kodak Company Methods for automatically and semi-automatically transforming digital image data to provide a desired image look
US20020141643A1 (en) * 2001-02-15 2002-10-03 Denny Jaeger Method for creating and operating control systems
US7279646B2 (en) 2001-05-25 2007-10-09 Intel Corporation Digital signature collection and authentication
JP2003091509A (en) 2001-09-17 2003-03-28 Nec Corp Personal authentication method for portable communication equipment and program describing the same
US20030093699A1 (en) 2001-11-15 2003-05-15 International Business Machines Corporation Graphical passwords for use in a data processing network
US6687390B2 (en) 2001-12-04 2004-02-03 Applied Neural Conputing Ltd. System for and method of web signature recognition system based on object map
US7970240B1 (en) * 2001-12-17 2011-06-28 Google Inc. Method and apparatus for archiving and visualizing digital images
US6985628B2 (en) 2002-01-07 2006-01-10 Xerox Corporation Image type classification using edge features
US7394346B2 (en) 2002-01-15 2008-07-01 International Business Machines Corporation Free-space gesture recognition for transaction security and command processing
JP2003271965A (en) 2002-03-19 2003-09-26 Fujitsu Ltd Program, method and device for authentication of hand- written signature
US7383570B2 (en) 2002-04-25 2008-06-03 Intertrust Technologies, Corp. Secure authentication systems and methods
KR20020077838A (en) 2002-08-09 2002-10-14 박승배 Password system solving the controversial point of the password-exposure by the observation of other people
FI20021682A (en) 2002-09-20 2004-03-21 Nokia Corp Procedure for opening an appliance's locking position and electronic appliance
DE10253714A1 (en) 2002-11-18 2004-06-09 Siemens Ag Method for processing data packets in a data network with a mobility function
US7388571B2 (en) 2002-11-21 2008-06-17 Research In Motion Limited System and method of integrating a touchscreen within an LCD
US20040169638A1 (en) 2002-12-09 2004-09-02 Kaplan Adam S. Method and apparatus for user interface
US8224887B2 (en) 2003-03-26 2012-07-17 Authenticatid, Llc System, method and computer program product for authenticating a client
US20050008148A1 (en) 2003-04-02 2005-01-13 Dov Jacobson Mouse performance identification
US7389123B2 (en) 2003-04-29 2008-06-17 Sony Ericsson Mobile Communications Ab Mobile apparatus with remote lock and control function
US20040230843A1 (en) 2003-08-20 2004-11-18 Wayne Jansen System and method for authenticating users using image selection
BRPI0417353A (en) 2003-12-05 2007-07-31 New Jersey Tech Inst system and method for hiding robust reversible data and spatial domain data retrieval
US7180500B2 (en) 2004-03-23 2007-02-20 Fujitsu Limited User definable gestures for motion controlled handheld devices
US20050212760A1 (en) 2004-03-23 2005-09-29 Marvit David L Gesture based user interface supporting preexisting symbols
US7365737B2 (en) 2004-03-23 2008-04-29 Fujitsu Limited Non-uniform gesture precision
US7519223B2 (en) 2004-06-28 2009-04-14 Microsoft Corporation Recognizing gestures and using gestures for interacting with software applications
US7831294B2 (en) * 2004-10-07 2010-11-09 Stereotaxis, Inc. System and method of surgical imagining with anatomical overlay for navigation of surgical devices
US7257241B2 (en) 2005-01-07 2007-08-14 Motorola, Inc. Dynamic thresholding for a fingerprint matching system
CA2495445A1 (en) 2005-01-29 2005-07-13 Hai Tao An arrangement and method of graphical password authentication
US8145912B2 (en) 2005-03-01 2012-03-27 Qualcomm Incorporated System and method for using a visual password scheme
US7953983B2 (en) 2005-03-08 2011-05-31 Microsoft Corporation Image or pictographic based computer login systems and methods
US7743256B2 (en) 2005-05-02 2010-06-22 Vince Yang Method for verifying authorized access
US20070016958A1 (en) 2005-07-12 2007-01-18 International Business Machines Corporation Allowing any computer users access to use only a selection of the available applications
US7751598B2 (en) 2005-08-25 2010-07-06 Sarnoff Corporation Methods and systems for biometric identification
US7489804B2 (en) 2005-09-26 2009-02-10 Cognisign Llc Apparatus and method for trajectory-based identification of digital data content
JP4839758B2 (en) 2005-09-28 2011-12-21 大日本印刷株式会社 User switching management system for shared terminal equipment
US7840204B2 (en) 2005-11-22 2010-11-23 Kyocera Corporation System and method for unlocking wireless communications device
US7657849B2 (en) * 2005-12-23 2010-02-02 Apple Inc. Unlocking a device by performing gestures on an unlock image
US8117458B2 (en) 2006-05-24 2012-02-14 Vidoop Llc Methods and systems for graphical image authentication
US20070277224A1 (en) 2006-05-24 2007-11-29 Osborn Steven L Methods and Systems for Graphical Image Authentication
US20110031139A1 (en) 2006-07-26 2011-02-10 James Joseph Macor Protection, authentication, identification device for a physical object specimen
KR100856919B1 (en) 2006-12-01 2008-09-05 한국전자통신연구원 Method and Apparatus for user input based on gesture
US7793108B2 (en) 2007-02-27 2010-09-07 International Business Machines Corporation Method of creating password schemes for devices
WO2008109661A2 (en) 2007-03-05 2008-09-12 Vidoop, Llc. Method and system for securely caching authentication elements
JP2008217716A (en) 2007-03-07 2008-09-18 Sharp Corp Authentication device, image forming apparatus, authentication system, authentication program, recording medium and authentication method
US8145677B2 (en) 2007-03-27 2012-03-27 Faleh Jassem Al-Shameri Automated generation of metadata for mining image and text data
US7765266B2 (en) 2007-03-30 2010-07-27 Uranus International Limited Method, apparatus, system, medium, and signals for publishing content created during a communication
US7941834B2 (en) 2007-04-05 2011-05-10 Microsoft Corporation Secure web-based user authentication
US20080263361A1 (en) 2007-04-20 2008-10-23 Microsoft Corporation Cryptographically strong key derivation using password, audio-visual and mental means
JP2010528382A (en) 2007-05-30 2010-08-19 ペィエエムスィイー・ネットワークス・デンマーク・エペイエス Secure login protocol
KR100815530B1 (en) 2007-07-20 2008-04-15 (주)올라웍스 Method and system for filtering obscene contents
US20090038006A1 (en) 2007-08-02 2009-02-05 Traenkenschuh John L User authentication with image password
US8090201B2 (en) 2007-08-13 2012-01-03 Sony Ericsson Mobile Communications Ab Image-based code
US8266682B2 (en) 2007-08-20 2012-09-11 Ebay Inc. System and methods for weak authentication data reinforcement
WO2009039223A1 (en) 2007-09-17 2009-03-26 Vidoop Llc Methods and systems for management of image-based password accounts
CN104200145B (en) 2007-09-24 2020-10-27 苹果公司 Embedded verification system in electronic device
TWI374658B (en) 2007-09-29 2012-10-11 Htc Corp Image process method
US8150807B2 (en) 2007-10-03 2012-04-03 Eastman Kodak Company Image storage system, device and method
US8700911B2 (en) 2007-11-28 2014-04-15 Hewlett-Packard Development Company, L.P. Authentication system and method
KR100933679B1 (en) 2007-12-28 2009-12-23 성균관대학교산학협력단 Graphic password input device and method of embedded system using wheel interface
CN101499905A (en) 2008-02-02 2009-08-05 诚实科技股份有限公司 Image password authentication system for mobile device and method therefor
US8024775B2 (en) * 2008-02-20 2011-09-20 Microsoft Corporation Sketch-based password authentication
US20090244013A1 (en) 2008-03-27 2009-10-01 Research In Motion Limited Electronic device and tactile touch screen display
US20090259855A1 (en) 2008-04-15 2009-10-15 Apple Inc. Code Image Personalization For A Computing Device
US8174503B2 (en) * 2008-05-17 2012-05-08 David H. Cain Touch-based authentication of a mobile device through user generated pattern creation
US8683582B2 (en) 2008-06-16 2014-03-25 Qualcomm Incorporated Method and system for graphical passcode security
CN101296457A (en) 2008-06-25 2008-10-29 深圳华为通信技术有限公司 Screen operation method and device
EP2146490A1 (en) 2008-07-18 2010-01-20 Alcatel, Lucent User device for gesture based exchange of information, methods for gesture based exchange of information between a plurality of user devices, and related devices and systems
US20100031200A1 (en) * 2008-07-30 2010-02-04 Arima Communications Corp. Method of inputting a hand-drawn pattern password
JP5349893B2 (en) 2008-10-15 2013-11-20 キヤノン株式会社 Information processing apparatus and information processing apparatus control method
US8543415B2 (en) 2008-11-26 2013-09-24 General Electric Company Mobile medical device image and series navigation
US9116569B2 (en) 2008-11-26 2015-08-25 Blackberry Limited Touch-sensitive display method and apparatus
US8384679B2 (en) 2008-12-23 2013-02-26 Todd Robert Paleczny Piezoelectric actuator arrangement
TW201026004A (en) 2008-12-30 2010-07-01 yi-hong Zheng Method of judging gesture command by Hamilton linking-type sub-picture and device thereof
US8347103B2 (en) 2009-01-13 2013-01-01 Nic, Inc. System and method for authenticating a user using a graphical password
US20100186074A1 (en) 2009-01-16 2010-07-22 Angelos Stavrou Authentication Using Graphical Passwords
JP2010211433A (en) 2009-03-10 2010-09-24 Hitachi Ltd Authentication system
US8458485B2 (en) * 2009-06-17 2013-06-04 Microsoft Corporation Image-based unlock functionality on a computing device
GB0910545D0 (en) 2009-06-18 2009-07-29 Therefore Ltd Picturesafe
US8818274B2 (en) 2009-07-17 2014-08-26 Qualcomm Incorporated Automatic interfacing between a master device and object device
CN101901194A (en) 2009-08-31 2010-12-01 深圳市朗科科技股份有限公司 Storage equipment capable of restricting functions according to geographic position and method thereof
WO2011049292A2 (en) 2009-10-22 2011-04-28 (주)소프트크림 Method for inputting a password using a touch screen
KR101142796B1 (en) 2009-10-22 2012-05-08 이병철 Password Input Method Based on touch screen
US9292731B2 (en) 2009-12-30 2016-03-22 Intel Corporation Gesture-based signature authentication
CN201569981U (en) 2009-12-30 2010-09-01 刘坤 Three dimensional gesture computer input system
US8813183B2 (en) 2010-02-11 2014-08-19 Antique Books, Inc. Method and system for processor or web logon
JP5513957B2 (en) 2010-04-02 2014-06-04 株式会社ジャパンディスプレイ Display device, authentication method, and program
CN201821481U (en) 2010-04-20 2011-05-04 苏州瀚瑞微电子有限公司 Touch earphone device
US8286102B1 (en) 2010-05-27 2012-10-09 Adobe Systems Incorporated System and method for image processing using multi-touch gestures
GB201018970D0 (en) 2010-11-10 2010-12-22 Tricerion Ltd User authentication system and method thereof
US8536978B2 (en) 2010-11-19 2013-09-17 Blackberry Limited Detection of duress condition at a communication device
EP2466513B1 (en) 2010-12-16 2018-11-21 BlackBerry Limited Visual or touchscreen password entry
EP2466518B1 (en) 2010-12-16 2019-04-24 BlackBerry Limited Password entry using 3d image with spatial alignment
US20120166944A1 (en) 2010-12-23 2012-06-28 Stephen Hayden Cotterill Device, Method, and Graphical User Interface for Switching Between Two User Interfaces
AU2011202415B1 (en) 2011-05-24 2012-04-12 Microsoft Technology Licensing, Llc Picture gesture authentication
TWI418100B (en) 2011-12-26 2013-12-01 Compal Electronics Inc Electronic device
US8504842B1 (en) * 2012-03-23 2013-08-06 Google Inc. Alternative unlocking patterns

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5559961A (en) 1994-04-04 1996-09-24 Lucent Technologies Inc. Graphical password
US6118872A (en) 1997-09-05 2000-09-12 Fujitsu Limited Apparatus and method for controlling secret data by using positions of input image points on an image and a sequence of the positions
DE10024179A1 (en) 2000-05-17 2001-11-22 Gero Decker Access control method acts as an alternative to existing password systems, etc. and uses selection of an area of a mathematical image, e.g. a fractal image, that is then used as a password type area to gain access
US20040034801A1 (en) * 2001-02-15 2004-02-19 Denny Jaeger Method for creating and using computer passwords
US7536556B2 (en) 2001-07-27 2009-05-19 Yulia Vladimirovna Fedorova Method and device for entering a computer database password
US6958759B2 (en) 2001-08-28 2005-10-25 General Instrument Corporation Method and apparatus for preserving, enlarging and supplementing image content displayed in a graphical user interface
US7243239B2 (en) 2002-06-28 2007-07-10 Microsoft Corporation Click passwords
US7734930B2 (en) 2002-06-28 2010-06-08 Microsoft Corporation Click passwords
US20040010722A1 (en) 2002-07-10 2004-01-15 Samsung Electronics Co., Ltd. Computer system and method of controlling booting of the same
US20040260955A1 (en) 2003-06-19 2004-12-23 Nokia Corporation Method and system for producing a graphical password, and a terminal device

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
Ian Jermyn, Alain May, Fabian Monrose, Michael Riter, Avi Rubin, "The Design and Analysis of Graphical Passwords", Aug. 1999, Proceedings of the 8th USENIX Security Symposium, pp. 1-15.

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
USRE47518E1 (en) 2005-03-08 2019-07-16 Microsoft Technology Licensing, Llc Image or pictographic based computer login systems and methods
US9355239B2 (en) 2009-06-17 2016-05-31 Microsoft Technology Licensing, Llc Image-based unlock functionality on a computing device
US9946891B2 (en) 2009-06-17 2018-04-17 Microsoft Technology Licensing, Llc Image-based unlock functionality on a computing device
US8910253B2 (en) 2011-05-24 2014-12-09 Microsoft Corporation Picture gesture authentication
US10127376B1 (en) * 2014-12-31 2018-11-13 EMC IP Holding Company LLC Graphical password generation

Also Published As

Publication number Publication date
US7953983B2 (en) 2011-05-31
USRE46301E1 (en) 2017-02-07
USRE47518E1 (en) 2019-07-16
US20060206717A1 (en) 2006-09-14

Similar Documents

Publication Publication Date Title
USRE47518E1 (en) Image or pictographic based computer login systems and methods
US11989394B2 (en) Device, method, and graphical user interface for manipulating user interfaces based on fingerprint sensor inputs
Jansen Authenticating users on handheld devices
US8683582B2 (en) Method and system for graphical passcode security
US9280281B2 (en) System and method for providing gesture-based user identification
US20140029811A1 (en) User-authenticating, digital data recording pen
US7484106B2 (en) Pre-login data access
US20160156473A1 (en) Token Authentication for Touch Sensitive Display Devices
US20180137268A1 (en) Authentication screen
US8914865B2 (en) Data storage and access facilitating techniques
JP5332956B2 (en) Information processing apparatus, item display control method, item use control method, and program
US9424416B1 (en) Accessing applications from secured states
KR102629007B1 (en) Method and ststem for user authentication
US20220383319A1 (en) Multi-factor authentication security system and method for verifying identification using evolving personal data combined with biometrics
US20170244863A1 (en) Information processing apparatus, conference support method, and conference support program
TWI767623B (en) Method for protecting application program of electronic computing devices
US20220129529A1 (en) Biometric-validated character password authentication procedure
JP2023083484A (en) Information processing device, information processing method, and program
WO2018189718A1 (en) Configurable multi-dot based authentication system and method thereof
WO2019239424A1 (en) Electronic device and multi-type and multi-locking methods thereof

Legal Events

Date Code Title Description
AS Assignment

Owner name: MICROSOFT TECHNOLOGY LICENSING, LLC, WASHINGTON

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:MICROSOFT CORPORATION;REEL/FRAME:034544/0541

Effective date: 20141014

REMI Maintenance fee reminder mailed
FPAY Fee payment

Year of fee payment: 4

SULP Surcharge for late payment
MAFP Maintenance fee payment

Free format text: PAYMENT OF MAINTENANCE FEE, 8TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1552); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

Year of fee payment: 8

MAFP Maintenance fee payment

Free format text: PAYMENT OF MAINTENANCE FEE, 12TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1553); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

Year of fee payment: 12