Patent · US Active

Cross-site, TOTP-based two factor authentication

US9596223B1 · kind B1 · utility

24Cited by

3References

18Claims

0Family size

Assignee

LogMeIn, Inc. · US

Inventors

Csaba Mezei · Szeged, HU
Gyula Magyar · Budapest, HU
Kornel Pal · Budapest, HU

Key dates

Filing date	May 10, 2016
Grant date	Mar 14, 2017
Priority date	—
Expiry date	May 10, 2036

Classification

Technology area (CPC H)Electricity
CPC primaryH04W12/77
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A host machine has a web browser. A user of the host machine also has a mobile device. A time-based, one-time password (TOTP) authentication scheme leverages a plug-in associated with the browser to automatically inject a received TOTP code into an element of an HTML-based TOTP authentication page, and to programmatically submit the HTML form (e.g., by mimicking the “click to submit” button on the TOTP form). Typically, the TOTP code is obtained following a successful completion of a push notification interaction between a cloud service, which stores TOTP shared secrets that are used to generate the TOTP codes, and the user of the mobile device.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.