Secure password lock and recovery

Assignee

• International Business Machines Corporation · US

Inventors

• Simon D. McMahon · Queenscliff, AU
• Narayana Aditya Madineni · Dover, AU
• Michael W. Gray · Canungra, AU
• Leigh S. McLean · Gold Coast, AU
• Matthew Green · Gold Coast, AU
• Luvita Burgess · Brisbane, AU
• Stephen J. McKenzie · Austinville, AU
• Peter T. Waltenberg · Gold Coast, AU

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F2221/2131
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Secure password lock and recovery is provided. A user password is received to access a secure resource protected by a data processing system. It is determined whether a match exists between a retrieved user password verification string corresponding to a valid user password from a storage of a software token and a generated user password verification string corresponding to the user password. In response to determining that a match does not exist between the retrieved user password verification string and the generated user password verification string, it is determined whether a defined number of user password authentication attempts has been exceeded. In response to determining that the defined number of user password authentication attempts has been exceeded, the retrieved user password verification string is set to a preestablished sequence of values locking the valid user password on the storage of the software token. Access to the secure resource is denied.