公开(公告)号：US20090063850A1

公开(公告)日：2009-03-05

申请号：US11846965

申请日：2007-08-29

Applicant: Sharwan Kumar Joram ,  Grzegorz Pelechaty ,  Pawan Kumar Chauhan ,  Srikanth Vittal

Inventor： Sharwan Kumar Joram ,  Grzegorz Pelechaty ,  Pawan Kumar Chauhan ,  Srikanth Vittal

IPC: H04L9/32

CPC classification number: H04L9/3271 ,  G06F21/40 ,  G06F2221/2103 ,  H04L9/3228 ,  H04L63/0838 ,  H04L63/1483 ,  H04L2463/082

Abstract: The present invention describes a method and a system for multi-level authentication of a user and a server. The user registration process in the invention enables user to personalize the web page of the server. Further, the user authentication takes place in a multi-step process including entering credentials such as user ID, subset of user's password, subset of shared secret and a One Time Password (OTP). The system of the present invention provides various means of entering the said credentials which prevents phishing attacks.

Abstract translation: 本发明描述了一种用于用户和服务器的多级认证的方法和系统。 本发明中的用户注册过程使用户能够个性化服务器的网页。 此外，用户认证发生在多步骤过程中，包括输入诸如用户ID，用户密码子集，共享秘密子集和一次密码（OTP）等凭据。 本发明的系统提供了输入所述证书的各种方式，防止网络钓鱼攻击。