Method for providing a secure non-reusable one-time password
US5768373A · kind A · utility
Assignee
Inventors
Key dates
| Filing date | May 6, 1996 |
| Grant date | Jun 16, 1998 |
| Priority date | — |
| Expiry date | May 6, 2016 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/2131
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
The present invention is directed toward providing a secure method to access data when the user has lost or forgotten the user password. In accordance with the invention and in a system where decryption of an access key will give access to data, two encrypted versions of the access key are created. A first version is formed using a key formed with the user password. A second version is formed using a public key from a public-private key pair. Generally, data access can be had by decrypting the first encrypted version of the access key with the password key. However, if the password is forgotten, access to data can be accomplished by decrypting the second encrypted version of the access key with the private key from the public-private key pair. One embodiment of the invention requires the private key to be stored at a remote site and for decryption using the private key to take place at the remote site. In this manner the user can gain access to data without significantly compromising the data security.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.