摘要:
A method of detecting a fraudulent login attempt across a network is provided. The method includes (a) receiving, at some time, a login request from a client, the login request including (1) a username associated with a user account, (2) a static password associated with the user account, and (3) a one-time password provided by a token, (b) calculating whether the time is more than a predetermined amount of time after a most-recent login to the account, (c) when the time is more than the predetermined time since the most-recent login, accepting the login request according to a first mode, and (d) when the first time is not more than the predetermined time since the most-recent login, accepting the login request according to a second mode, the second mode rejecting a greater proportion of login attempts than the first mode rejects. An apparatus and computer program product are also provided.
摘要:
A furnace for alternatively burning solid or liquid fuels is disclosed. The furnace includes an oil burner and a solid fuel burner as well as a combustion chamber for the burning fuel. The hot combustion gases can be introduced through one of two sets of chimney gas flues, depending upon the fuel being burned. A tiltable flap at the inlet of the chimney gas flues controls which set of flues the gas passes through. At the outlet of the flues, a reversing chamber reverses the direction of the gases and directs them to a flue gas pipe for removing the combustion gases from the furnace. The position of the tiltable flap is controlled by a control means responsive to the sensed temperature of the gas leaving the furnace. The chimney gas flues define a heat exchanger and may be formed from flat plates or round ducts.
摘要:
In a system for disconnected authentication, verification records corresponding to given authentication token outputs over a predetermined period of time, sequence of events, and/or set of challenges are downloaded to a verifier. The records include encrypted or hashed information for the given authentication token outputs. In one embodiment using time intervals, for each time interval, token output data, a salt value, and a pepper value, are hashed and compared with the verification record for the time interval. After a successful comparison, a user can access the computer. A PIN value can also be provided as an input the hash function. A portion of the hash function output can be used as a key to decrypt an encrypted (Windows) password, or other sensitive information.
摘要:
An authentication method and system provides for a user requesting authentication where the authentication request includes Personally Identifiable Information (PPI) such as geolocation data. The user's device requesting authentication alters or encrypts the PII in order to prevent the PII's unintentional discovery by third parties or to comply with jurisdictional requirements for the safeguarding of PII. The receiving party saves the altered or encrypted PII for later use. In order to use the PII and perform calculations for authentication, the receiving party requests a trusted third party with knowledge of the methodology or key used to alter or encrypt the PII to perform calculations on the original values of the PII without saving the PII. The trusted third party returns a computed value to the receiving party where it is used to determine whether the user will be authenticated.
摘要:
A first cryptographic device is authenticated by a second cryptographic device. The second cryptographic device stores an alternative version of a secret value associated with the first cryptographic device as a countermeasure to compromise of the secret value. In conjunction with a protocol carried out between the first cryptographic device and the second cryptographic device, the second cryptographic device determines the secret value based at least in part on the alternative version of the secret value, and utilizes the determined secret value to authenticate the first cryptographic device. The alternative version of the secret value may comprise a randomly-skewed version of the secret value. For example, the secret value may comprise a key or other parameter of the first cryptographic device and the alternative version of the secret value may comprise a randomly-skewed version of the key or other parameter.
摘要:
A method includes (a) receiving, from an application server, a login message for a user, the login message including a user credential for a credential-based authentication (CBA), (b) forwarding the user credential to a CBA server for the CBA, (c) in response, receiving, an authentication decision message from the CBA server, (d) sending decision information from the authentication decision message received from the CBA server to a risk-based authentication (RBA) server, the RBA server being distinct from the CBA server, the decision information to be used by the RBA server in performing RBA authentication decisions, (e) if the authentication decision message is positive, then sending a challenge message to the application server to initiate RBA to be performed by the RBA server supplementary to the CBA, and (f) if the authentication decision message is negative, then sending a rejection message to the application server.
摘要:
There is disclosed a user authentication device for generating time-varying authentication information for authenticating a user in an authentication system. The device comprising at least one sensor for sensing at least one of a biometric measurement of the user and a characteristic of the environmental surroundings of the device.There is also disclosed an authentication system and a method for authenticating a user in an authentication system.
摘要:
A method is used in managing security and wireless signal detection. Information is gathered about analog signal reception at a receiver. Based on the information, a result is produced for use in determining location information at the receiver. The result is used to affect a security decision.
摘要:
A technique of knowledge-based authentication receives information from third parties as to a user's recent web history including purchase history at an on-line retailer or search engine queries to produce a challenge question to authenticate the user based on that recent web history.
摘要:
A processorless hardware token provides a one-time password for user authentication. The processorless hardware token contains a non-volatile memory upon which is stored a pre-produced sequence of one-time passwords. The processorless hardware token uses limited circuitry on a circuit board to read from the non-volatile memory and display a one-time password associated with a current interval. The displayed one-time password is then used for authentication by an authentication server that compares the one-time password displayed on the processorless hardware token with a one-time password retrieved from a copy of the pre-produced sequence of one-time passwords stored on the Authentication Server.