Showing papers on "Password strength published in 1993"

Cryptographic protocol for remote authentication

Abstract: A cryptographic communication system is disclosed which permits computer users to authenticate themselves to a computer system without requiring that the computer system keep confidential the password files used to authenticate the respective user's identities. The invention is useful in that it prevents a compromised password file from being leveraged by crafty hackers to penetrate the computer system.

Method for generating a password using public key cryptography

Abstract: In a communication system, a password that enables an embedded software program within a base station can be generated using public key cryptography in the following manner. A system controller (103) obtains a unique identification code and an embedded software code for the base station (101). Once obtained, the system controller (103) encrypts the unique identification code and the embedded software code using a private key to produce a password. The password is transferred to the base station (101) where, upon receipt, is decrypted using a public key to produce the unique identification code and the embedded software code. The base station (101) compares the unique identification code and an embedded unique identification code (107) and, when they substantially match, the base station (101) stores the password.

Using smart cards to authenticate remote passwords

Abstract: A remote password authentication scheme is a mechanism used to support a computer system to solve the privacy and security problems in a multi-user network. In this paper, we will propose a new remote password authentication scheme without password tables. By using our scheme, each legal user has his/her identity, password and smart card. Using his/her identity, password and smart card, the computer system can validate whether the login user is a legal one or not. In our scheme, intruders cannot derive any secret information from the public information. Besides, intruders are not able to find any password from previous intercepted messages. Also, the new scheme can withstand replaying attacks.

Method and system for proactive password validation

Abstract: An improved method for password validation comprising the steps of identifying bad passwords having one or more characters; computing a frequency of occurrence of bad password characters; computing a probability of occurrence T of the bad password characters within the bad passwords based upon the computed frequency of occurrence; identifying a proposed password having one or more characters; and comparing the proposed password characters with the probability of occurrence T of the bad password characters. The method further comprises the steps of establishing a validation threshold and validating the proposed password based upon the correspondence between (i) a value, BAp, reflecting the relationship between the probability of occurrence T of bad password characters within bad passwords and the proposed password characters and (ii) an established validation threshold. A Markov model is use to compute the probability of occurrence. The present invention also includes an improved password validation system.

Method and apparatus for suspending and resuming a keyboard controller

Abstract: A method and mechanism for suspending and resuming a keyboard controller. The present invention includes a method and mechanism for saving the state of an input device, such as a keyboard and/or mouse, such that the power to those devices may be removed. The keyboard controller of the present invention is capable of performing a password security function. The present invention allows the keyboard controller to be suspended and resumed without jeopardizing the password security function.

Password input device

Abstract: PURPOSE:To hold the secrecy of a password at the time of inputting the password by adopting software for variously changing the number of input keys and moving their positions. CONSTITUTION:In a transaction enabled state, an automatic teller machine(ATM) displays a transaction selecting screen. When a user selects a payment transaction, a display input screen is displayed to wait the input of a password. Similar operation is applied also to other operation such as a deposit transaction. On the display input screen, input keys 10 having numerals U to 9 are always moved on the input screen in the vertical and horizontal directions. The user depresses a required numeral while following the input keys 10 by his (or her) eyes. Since the input keys 10 are moved, the position of the depressing finger is not fixed on a specific position, so that a third man can not detect the inputted number from the movement of the finger. Consequently the password can be prevented from being leaked to other persons. The code keys 10 on the display input screen are moved in each input. In addition, plural identical code keys are prepared on the display input screen.

Password updating system

Abstract: PURPOSE:To secure the security of a system by setting password valid periods and updating periods for respective users from the frequency of access to the system, urging the change of a password to the user in advance based on the periods and performing the updating management of the password. CONSTITUTION:This system is constituted of a clock means 1, a comparison means 2 for comparing the valid period of the password and informing an updating processing means 5 of the updating request of the password, a password history storage means 4 for storing and managing the password and the valid period, the updating processing means 5 for checking an input password, requesting reinput when the same password is present, performing updating when the same one is not present, invalidating the password in the case of exceeding the updating period and validating the password, a period setting means 3 for setting the valid period and the updating setting period every time of setting the password by access frequency analysis and transmitting them to the password history storage means 4, a display means 7 for displaying the various kinds of messages and an input means 6 for inputting the various kinds of information.

Facsimile equipment with ciphering communication function

Abstract: PURPOSE: To improve a user interface and to keep the security with respect to the storage of a ciphering key by comparing a received password with a password registered in a password registration means and unlocking a lock means when both are coincident. CONSTITUTION: A control section 3 is provided with a nonvolatile memory 8, which stores a ciphering key required to cipher data by a ciphering communication equipment 5. When a password of the nonvolatile memory 8 is the same as a password stored in a password storage section 81, access of a ciphering key area 82 is permitted. When the password is forgotten, the forgotten password and the ciphering key protected by the password are all deleted by operating a specific switch of an operation section 9 to restore blank to the nonvolatile memory 8. COPYRIGHT: (C)1995,JPO

Password recognition system

Abstract: PURPOSE:To automatically change a password corresponding to an ID code by means of a date and time and to improve security. CONSTITUTION:A table showing password data corresponding to the ID code is provided in the memory (b) 12 of a host computer. Password data of the table changes the password at every month or every date and time. When the ID code is inputted from a terminal equipment 3, a central processing unit 14 decides a current password by time information from a timer device 13 and the table in the memory (B) 12, and security is checked by the password inputted from the terminal equipment 3 and the current password.

comments on “a password authentication scheme based on discrete logarithms“

Abstract: Wu and Chang [1] propose a password authentication scheme based on discrete logarithms. In this correspondence, we will show that anyone who gets two pairs of can break their scheme.

Dreams Come True with Password Genie

Abstract: Suggests that computer passwords can pose a major computer security risk, as password guessing is the most prevalent and effective method of system penetration. Introduces a new computer package which can address this problem by generating difficult‐to‐guess passwords by removing human judgement from the password construction process.