Detecting and preventing password leakage using a device-level network filter
US11146533B1 · kind B1 · utility
Assignee
Inventor
Key dates
| Filing date | Mar 25, 2019 |
| Grant date | Oct 12, 2021 |
| Priority date | — |
| Expiry date | Dec 31, 2039 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/1441
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A user name, password and associated domain are stored for each account managed by a password manager on a computing device. A device-level network extension filters network traffic. Passwords are identified in outbound network traffic. Target domains to which identified passwords are being transmitted are compared to stored domains associated with the identified passwords. Based on results of these comparisons, it is determined whether attempts to transmit passwords to target domains are legitimate or not. In response to determining that a specific attempt to transmit a password to a target domain is legitimate, the transmission is allowed to proceed. Responsive to determining that a given attempt to transmit a password to a target domain is not legitimate, a corresponding security action is taken. For example, the connection over which the non-legitimate password transmission attempt is being made can be terminated, or the transmission attempt can be blocked.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.