Systems and methods for protection against theft of user credentials

    公开(公告)号:US11997135B2

    公开(公告)日:2024-05-28

    申请号:US17136518

    申请日:2020-12-29

    IPC分类号: H04L29/00 H04L9/40

    CPC分类号: H04L63/1483

    摘要: A computer system is provided. The computer system includes a memory and at least one processor coupled to the memory and configured to protect against theft of user credentials. The at least one processor is further configured to recognize a uniform resource locator (URL) to which a web browser is navigating, as a URL for which protection is to be provided. The recognition is based on an absence of the URL from a history of visited URLs for which a password has been entered. The at least one processor is further configured to extract a character sequence of selected length that is entered into a field of a website associated with the recognized URL; compare an encryption of the character sequence to entries in a list of encrypted partial passwords of the same selected length; and perform a security action in response to a match resulting from the comparison.

    Systems and methods for protection against theft of user credentials

    公开(公告)号:US11741200B2

    公开(公告)日:2023-08-29

    申请号:US17340188

    申请日:2021-06-07

    摘要: A computer system is provided. The computer system includes a memory and at least one processor coupled to the memory and configured to receive a sequence of characters within a field of a web browser, the field being associated with a password entry field served to the web browser from a website. The processor is further configured to store the received sequence of characters and send an alternate sequence of characters to the website. The processor is further configured to encrypt the received sequence of characters to generate a received encrypted partial password and compare the received encrypted partial password to one or more entries in a list of encrypted partial passwords. The processor is further configured to, in response to the comparison resulting in a difference, delete the previously sent alternate sequence of characters, and send the stored sequence of characters to the website.

    SYSTEMS AND METHODS TO SECURE AUTHENTICATION DATA FOR ACCESSING RESOURCES IN A DISTRIBUTED MANNER

    公开(公告)号:US20230122215A1

    公开(公告)日:2023-04-20

    申请号:US17501500

    申请日:2021-10-14

    摘要: Described embodiments provide systems and methods for securely storing private information of a user on a device of the user. A server may register a mobile device to store credentials of a user thereon, based on authentication of the user of the mobile device. The server may encrypt credentials of the user using a key of the server. The server may send the encrypted credentials to the registered mobile device for storage thereon without the key. The server may send a code to an endpoint device to initiate authentication of the user with use of the mobile device. The server may receive the encrypted credentials from the mobile device in response to the authentication. The server may decrypt the encrypted credentials using an encryption key of the server. The server may send the decrypted credentials to the endpoint device to authenticate the user at the endpoint device.

    SYSTEMS AND METHODS FOR PROTECTION AGAINST THEFT OF USER CREDENTIALS

    公开(公告)号:US20220207121A1

    公开(公告)日:2022-06-30

    申请号:US17340188

    申请日:2021-06-07

    摘要: A computer system is provided. The computer system includes a memory and at least one processor coupled to the memory and configured to receive a sequence of characters within a field of a web browser, the field being associated with a password entry field served to the web browser from a website. The processor is further configured to store the received sequence of characters and send an alternate sequence of characters to the website. The processor is further configured to encrypt the received sequence of characters to generate a received encrypted partial password and compare the received encrypted partial password to one or more entries in a list of encrypted partial passwords. The processor is further configured to, in response to the comparison resulting in a difference, delete the previously sent alternate sequence of characters, and send the stored sequence of characters to the website.

    Modification of application-provided turn servers

    公开(公告)号:US11277379B2

    公开(公告)日:2022-03-15

    申请号:US16872797

    申请日:2020-05-12

    摘要: Techniques are provided for modifying a list of Traversal Using Relays around Network Address Translators (TURN) servers within a host application. A custom-modified browser is configured to add and/or remove TURN servers underneath a variety of host applications, including, for example, JavaScript WebRTC applications. In some cases, certain applications are permitted and/or denied use of certain TURN servers, based on local administrative policy. In accordance with another embodiment of the present disclosure, a host application can be configured or otherwise modified to use certain TURN servers on certain networks, for example, to prevent traffic from using a TURN server outside a General Data Protection Regulation (GDPR) region.

    Local model processing and remote verification

    公开(公告)号:US12093356B2

    公开(公告)日:2024-09-17

    申请号:US17171243

    申请日:2021-02-09

    摘要: A method may include receiving, by a computing system and from a first device, first data. The first data may be based at least in part on a first output from a first instance of a model processed by the first device. The method may further include receiving, by the computing system and from the first device, second data that was processed by the first instance of the model to produce the first output. The method may also include processing, by the computing system, the second data with at least a portion of a second instance of the model to produce a second output. The method may additionally include determining, by the computing system, third data based at least in part on the second output. Further, the method may include determining, by the computing system, that the third data is consistent with the first data.

    PASSWORDLESS LOGIN
    9.
    发明申请

    公开(公告)号:US20220303268A1

    公开(公告)日:2022-09-22

    申请号:US17232550

    申请日:2021-04-16

    摘要: A computer system is provided. The computer system includes a memory, a network interface, and at least one processor coupled to the memory and the network interface. The at least one processor is configured to receive, via the network interface, a signed response to a challenge, verify the signed response using a public key associated with a mobile computing device, and log a user account associated with the public key into an application in response to verification of the signed response, thereby allowing access to the application.

    LOCAL MODEL PROCESSING AND REMOTE VERIFICATION

    公开(公告)号:US20220222326A1

    公开(公告)日:2022-07-14

    申请号:US17171243

    申请日:2021-02-09

    摘要: A method may include receiving, by a computing system and from a first device, first data. The first data may be based at least in part on a first output from a first instance of a model processed by the first device. The method may further include receiving, by the computing system and from the first device, second data that was processed by the first instance of the model to produce the first output. The method may also include processing, by the computing system, the second data with at least a portion of a second instance of the model to produce a second output. The method may additionally include determining, by the computing system, third data based at least in part on the second output. Further, the method may include determining, by the computing system, that the third data is consistent with the first data.