User policy manageable strength-based password aging

Assignee

• International Business Machines Corporation · US

Inventors

• Rhonda L. Childress · Austin, US
• Itzhack Goldberg · Hadera, IL
• Moriel Lechtman · Haifa, IL
• Yotam Medini · Or Akiva, IL

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F21/46
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

Password aging based on the strength of the password provides an incentive for users to generate and/or memorize more complex passwords. The strength of the password is computed from a formula that relates the length of the password and the types of characters contained in the password to a strength value, which can be performed using a lookup table having values for different characteristics of the password, determining partial strength values corresponding to the ranges in which the characteristics fall, and then adding the partial strength values. Alternatively, a separate password strength application may be used to provide the strength value, which is entered by the user or administrator generating a new password. Alternatively, the password may be generated based on a specified desired expiration period, with the strength computation performed to ensure that the strength is sufficient to merit the desired expiration period.