Invisible password reset protocol
Abstract
Techniques are disclosed herein for facilitating invisible password reset protocols. More specifically, the techniques described herein eliminate the need for end users to have to periodically change their authentication information (e.g., password information). The mechanisms facilitate automated and invisible modification to a password without active participation by the end user. The mechanisms are made possible through the use of a credential-free or zero password login (ZPL) system. Among other benefits, the automation techniques discussed herein frequently change passwords and thus, reduce the chances that passwords are stolen and/or otherwise misused. As discussed herein, the credential-free or zero password login (ZPL) system also remembers and/or otherwise automatically provides users with authentication information (e.g., credentials) for a registered resource at the time of access time.
Claims
exact text as granted — not AI-modified1 - 20 . (canceled)
21 . A method of resetting an existing password required for accessing a user account associated with a protected resource, the method comprising:
detecting an indication to modify the existing password, wherein the existing password is required for accessing the protected resource; upon detecting the indication, reconstructing the existing password; determining a location in which to launch a browser session; launching a browser session in the location; directing the browser session to perform a series of operations for resetting the existing password according to a password reset configuration file associated with the protected resource; and resetting the existing password.
22 . The method of claim 21 , further comprising, in an administration system, configuring a password reset protocol.
23 . The method of claim 22 , further comprising, running a cron job to determine whether a password needs to be updated.
24 . The method of claim 21 , further comprising, upon determining a location in which to launch the browser session, waiting for a next access request from an access system, wherein a user establishes access to the protected resource.
25 . The method of claim 21 , further comprising, upon performing a series of operations for resetting the existing password, sending a verification code to a verification system.
26 . The method of claim 25 , further comprising, accessing the verification code and providing the verification code to the protected resource.
27 . The method of claim 21 , wherein the location is a protected resource access system.
28 . The method of claim 21 , wherein the browser session is a tab in an existing browser session.
29 . A credential management apparatus comprising:
one or more non-transitory computer readable storage media; one or more processors coupled to the one or more non-transitory computer readable media; and program instructions stored on the computer readable media, wherein the program instructions direct the one or more processors to:
detect a password modification request for a password associated with a protected resource;
access a configuration file associated with the protected resource;
in response to detecting the password modification request, reconstruct an existing password for accessing the protected resource;
determine whether a browser system can be launched;
upon determining the browser session can be launched, launch the browser session;
direct the browser session to perform a series of operations for resetting the password;
access a verification code, wherein the verification code is provided to a verification system by the protected resource upon the browser session performing the series of operations for resetting the password; and
provide the verification code to the protected resource to reset the password.
30 . The credential management apparatus of claim 29 , wherein upon determining the browser session can be launched, the program instructions direct a protected resource access system to launch the browser session.
31 . The credential management apparatus of claim 29 , wherein upon determining the browser session can be launched, the program instructions direct the one or more processors to launch the browser session in the credential management apparatus.
32 . The credential management apparatus of claim 29 , wherein upon determining the browser session can be launched, the program instructions direct the one or more processors to launch the browser session as a browser tab in an existing browser session.
33 . The credential management apparatus of claim 29 , wherein the program instructions further direct the one or more processors to run a cron job to identify if a password needs to be modified.
34 . The credential management apparatus of claim 29 , wherein the verification code is sent in an email to the verification system.
35 . The credential management apparatus of claim 34 , wherein the verification system is the email client of a user.
36 . A method comprising:
detecting a request to modify a password for accessing a protected resource; monitoring for an occurrence of a request to access the protected resource initiated by an access system; in response to the request to access the protected resource, directing the access system to launch a browser session; and directing the browser session to perform a series of operations to modify the password for accessing the protected resource.
37 . The method of claim 36 , further comprising verifying modifying the password through a verification system.
38 . The method of claim 37 , wherein verifying modifying the password comprises retrieving a verification code from the verification system and providing the code to the protected resource.
39 . The method of claim 36 , further comprising accessing a configuration file, wherein the configuration file contains information related to modifying the password of the protected resource.
40 . The method of claim 36 , wherein the request to modify the password is based on running a cron job to determine whether a password needs to be updated.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.