System and methods for minimizing organization risk from users associated with a password breach
US10540493B1 · kind B1 · utility
Assignee
Inventor
Key dates
| Filing date | Sep 19, 2018 |
| Grant date | Jan 21, 2020 |
| Priority date | — |
| Expiry date | Sep 19, 2038 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/034
- WIPO fieldControl
- WIPO sectorInstruments
Abstract
System and methods are disclosed for organizations to run a test against an active directory list to see if any user-provided passwords have been part of an existing data breach. Utilizing information from such a test identifies users that have weak passwords, reused passwords or shared passwords that have been associated with an earlier breach. With this information, the organization can seek to reduce risk by training staff for this specific issue in a timely and appropriate manner to significantly reduce the risk of a future breach by those identified users. Training can be customized and targeted at those users who attempt to use passwords that have been associated with a breach (either of their own account or of another account on the same or related domain.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.