United States Patent
`.
`Nielsen
`
`[19]
`
`US006006333A
`N b
`P
`[11]
`atent urn er:
`[45] Date of Patent:
`
`6 006333
`,
`,
`Dec. 21, 1999
`
`[54] PASSWORD HELPER USINGACLIENT-SIDE
`MASTER PASSWORD WHICH
`AUTOMATICALLY PRESENTS THE
`APPROPRIATE SERVER-SIDE PASSWORD
`TO A PARTICULAR REMOTE SERVER
`
`[75] Inventor: Jakob Nielsen, Atherton, Calif.
`
`[73] Assignee: Sun Microsystems, Inc., Palo Alto,
`Calif.
`
`[21] Appl. No.: 08/615,660
`[22]
`Filed:
`Mar. 13, 1996
`
`[51] Int. Cl.6 .................................................... .. G06F 12/14
`[52] US. Cl. ......................... .. 713/202; 713/201; 709/203
`[58] Field of Search .......................... .. 395/187.01, 200.5,
`395/188.01, 200.33; 380/25; 713/202, 207;
`709/220, 203
`
`[56]
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`5,481,720
`5,560,008
`5,611,048
`5,623,637
`5,642,515
`5,655,077
`
`1/1996 Loucks ............................. .. 395/187.01
`9/1996 Johnson
`395/680
`3/1997 Jacobs .... ..
`395/18801
`4/1997 Jones
`395/491
`6/1997 Jones
`395/727
`8/1997 Jones ................................ .. 395/18701
`
`OTHER PUBLICATIONS
`
`Windows NT Resource Guide ISBN 1—55615—653—7, pp.
`31—43, 1995.
`Windows NT Networking Guide ISBN 1—55615—656—1, pp.
`53—78, 1995.
`
`Inside Windows NT, H. Custer, ISBN 1—55615—481—X
`pp.321—326, 1993.
`The UNIX Programming Environment, Kernighan & Pike,
`ISBN 0—13—937681—X, pp. 52—53.
`Microsoft Windows 95 Operating System, Microsoft Corp.
`(original retail release), Aug. 1995 .
`Microsoft Windows 95 Resource Kit, Microsoft Press, ISBN
`1—55615—678—2, Chapter 11, 1995.
`RFC 1510: The Kerberos Network Authenication Service
`(V5), Kohl, J., Sep. 1993.
`
`Primary Examiner—John W. Cabeca
`Assistant Examiner—Christopher S. Chow
`Attorney, Agent, or Firm—Townsend and Townsend and
`Crew LLP
`
`[57]
`
`ABSTRACT
`
`A user operating a client system may access a plurality of
`remote servers requiring passwords for access by employing
`a master password. The master password is used to decrypt
`a stored password for a particular remote server to which the
`client desires access. The client system maintains a database
`of encrypted passwords and user IDS for remote servers to
`which the user is registered. Although each remote server is
`accessed using a different password, the user need only
`remember one master password. Since only the master
`password need be remembered, the passwords particular to
`speci?c remote sites may be made more random and thus
`more secure. Implementation of the password management
`system need not require modi?cation of any remote servers.
`
`12 Claims, 5 Drawing Sheets
`
`START
`
`[302
`
`START WEB
`BROWSER
`‘[304
`l
`PROMPT USER
`FOR MASTER
`PASSWORD
`I
`NAVIGATE
`THROUGH
`WWW
`I
`RECEIVE
`AUTHENTICATION
`REQUEST
`
`306
`
`508
`
`PASSWORD IN
`DATABASE?
`
`SEND PASSWORD
`INFORMATION TO
`REMOTE SITE
`
`INHIBIT
`DISPLAY OF
`AUTH ENTICATIDN
`FORM
`
`Plaid Technologies Inc.
`Exhibit 1006
`
`Ex 1006-1
`
`

`
`U.S. Patent
`
`la2c.eD
`
`9991
`
`Sheet 1 of 5
`
`6,006,333
`
`:2:
`
`9..
`
`9%.
`
`N...
`
`
`
`E2:2%:
`
`23.8.2.ex:222:2»<._._ma33mm
`
`8
`
`Ex 1006-2
`
`

`
`U.S. Patent
`
`Dec. 21, 1999
`
`Sheet 2 of5
`
`6,006,333
`
`[50
`
`REMOTE SERVER
`
`/52
`
`REMOTE SERVER
`
`[54
`
`REMOTE SERVER
`
`l f 0
`
`56
`
`CLIENT SYSTEM
`
`F/GI lB.
`
`Ex 1006-3
`
`

`
`U.S. Patent
`
`Dec. 21, 1999
`
`Sheet 3 0f 5
`
`6,006,333
`
`2 00 \
`
`URL
`
`202
`
`PASSWORD
`(ENCRYPTE D)
`20_4
`
`USER ID
`(ENCRYPTED)
`206
`
`FIG: 2.
`
`Ex 1006-4
`
`

`
`U.S. Patent
`
`Dec. 21, 1999
`
`Sheet 4 of5
`
`6,006,333
`
`PASSWORD m
`DATABASE?
`
`RFACSRTYEPQ
`PASSWORD AND
`USER |
`
`D
`
`/3'6
`‘
`SEND PASSWORD
`INFORMATION T0
`REMOTE SITE
`
`(
`
`START
`
`)
`
`[s02
`
`,
`sgggllsgg?
`
`PROMPT USER
`FOR MASTER
`PASSWORD
`
`7
`NAVIGATE
`nmousn
`WW
`
`[s04
`
`306
`
`508
`
`RECEIVE
`AUTHENTICATION
`REQUEST
`
`/ 3|0
`
`mmsn
`DISPLAY OF
`AUTHENTICATION
`roan
`
`F761 3.
`
`Ex 1006-5
`
`

`
`U.S. Patent
`
`Dec. 21, 1999
`
`Sheet 5 of5
`
`6,006,333
`
`[404
`
`DISPLAY
`AUTHENTICATION
`EDRM
`
`DIALOG BOX
`CHOICE?
`
`MAIIDAL
`REGISTER
`ENTRY
`AIID
`FORGET
`[428
`[422
`SEMD
`DISPLAY
`AUTHENTICATION
`AUTHENTICATION
`FAILED MESSAGE
`EDRM
`,424
`RETURN CONTROL
`TO DSER
`I
`STORE URL
`0N SENSITIVE
`LIST
`
`,426
`
`cAMcEL
`VISIT
`{408
`RETURNBROWSERTO
`PREV'OUS PAGE
`
`REGISTER
`AMD
`REMEMBER
`{410
`SEMD
`AUTHENTICATION
`FAILED MESSAGE
`
`4I2
`
`M
`
`RETURN CONTROL
`T0 USER
`I
`DISPLAY
`DIALOG BOX FOR
`EMIERIMSPASSIIDRD
`I
`,4Is
`DISPLAY
`PASSIIIDRD
`SUGGESTION
`I
`ENCRYPT
`PASSWORD AND
`DSER ID
`
`418
`
`[420
`STOREENCRYPTED
`PASSWORD
`AND USER ID
`
`FIG 4.
`
`Ex 1006-6
`
`

`
`6,006,333
`
`1
`PASSWORD HELPER USING A CLIENT-SIDE
`MASTER PASSWORD WHICH
`AUTOMATICALLY PRESENTS THE
`APPROPRIATE SERVER-SIDE PASSWORD
`TO A PARTICULAR REMOTE SERVER
`
`BACKGROUND OF THE INVENTION
`
`2
`and thus more secure. Implementation of this passWord
`management system does not require modi?cation of any
`remote servers.
`
`In one embodiment, the remote servers are controlled
`access WWW sites. The client system, coupled to the remote
`servers via the Internet, includes a WWW broWser. The
`WWW broWser is eXtended in accordance With the invention
`to incorporate special capabilities for assisting the user With
`accessing WWW sites Which require authentication. No
`modi?cation to the remote servers is required in this
`embodiment.
`AWWW broWser modi?ed in accordance With the inven
`tion may maintain a passWord database that includes entries
`holding the URL, encrypted user ID, and encrypted pass
`Word for a plurality of remote sites. When a neW broWsing
`session begins, the WWW broWser may prompt the user for
`the master passWord upon the start of a neW broWsing
`session and store it. Then, When an authentication request
`message is received from a remote site that the user is
`seeking to access, the broWser scans the passWord database
`for the URL of that remote site. If an entry is found, the
`broWser decrypts the passWord and user ID and forWards
`them to that remote site. This can all occur Without present
`ing the usual authentication form to the user. For enhanced
`security, instead of storing the master passWord, the broWser
`may prompt the user for it every time it is needed.
`If the broWser cannot ?nd an entry for the URL of a
`remote site, control may be returned to the user for the
`purpose of registration. To update the database, the broWser
`presents a screen for the user to enter the same passWord and
`user ID that he or she registers to the remote site. The
`broWser may suggest a passWord, providing a higher level of
`security in that passWords generated by the user are often
`easily guessed. The passWord and user ID input by the user
`are then encrypted using the master passWord and stored in
`the database along With the URL of the remote site.
`A further understanding of the nature and advantages of
`the inventions herein may be realiZed by reference to the
`remaining portions of the speci?cation and the attached
`draWings.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`FIG. 1A depicts a block diagram of a client computer
`system suitable for implementing the present invention.
`FIG. 1B depicts the interconnection of the client computer
`systems to remote servers.
`FIG. 2 depicts a table shoWing hoW passWord information
`may be stored in accordance With the present invention.
`FIG. 3 is a ?oWchart depicting hoW a user may be
`authenticated to a remote site in accordance With the present
`invention.
`FIG. 4 is a ?oWchart depicting hoW a user may be
`registered to a remote site in accordance With the present
`invention.
`
`10
`
`15
`
`25
`
`The present application relates to user authentication and
`more particularly to authenticating a user operating a client
`system to a plurality of remote servers, each of Which
`requiring a passWord for authentication.
`Many remotely accessible computer systems require user
`authentication. The user, presumably operating a client
`system, must be registered With the remote system and must
`type in his or her user ID and a passWord for that remote
`system every time it is accessed.
`One problem presented by the need for user authentica
`tion is that if the user accesses multiple remote systems, the
`user must remember numerous passWords and user IDs.
`Typical users confronted With this problem Will often try to
`use the same passWord for each remote system or Write
`doWn a list of passWords.
`Both of these makeshift solutions compromise security. If
`the same passWord is used for each remote system, a system
`administrator of one remote system Will be able to obtain
`passWords usable to access other remote systems. AWritten
`list of passWords is an obvious breach of security in that
`anyone With access to the list Will be able to access any of
`the remote systems.
`The problem of authenticating a user to a plurality of
`remote systems has become particularly apparent in light of
`the proliferation of limited access sites on the World Wide
`Web
`Before accessing a site, the user is presented
`35
`With an authentication form generated by his or her WWW
`broWser requesting a user ID and passWord. The user must
`register separately With each such site and maintain multiple
`passWords. Furthermore, When navigating through the
`WWW, he or she is frequently interrupted by authentication
`messages requesting a user ID and passWord.
`One knoWn partial solution is to remember the last user ID
`and passWord typed into a WWW broWser’s authentication
`form and provide these values as a default the neXt time the
`form is brought up. This facilitates navigation of the WWW
`45
`for users Who employ the same user ID and passWord for
`multiple sites since logging into subsequent sites after the
`?rst one can be done by simply accepting the default. Thus,
`the problem of interruption by authentication messages is
`partially ameliorated in that it is easy to respond to the
`messages. HoWever, the security problem presented by
`using a common passWord for multiple sites remains.
`What is needed is a convenient yet adequately secure
`system Whereby a user may access multiple remote servers
`that require passWords.
`
`55
`
`SUMMARY OF THE INVENTION
`
`By virtue of the present invention, a user operating a
`client system may access a plurality of remote servers
`requiring passWords for access by employing a master
`passWord. The master passWord is used to decrypt a stored
`passWord for a particular remote server to Which the client
`desires access. In one embodiment, the client system main
`tains a database of encrypted passWords and user IDs for
`remote servers to Which the user is registered. Since only the
`master passWord need be remembered, the passWords par
`ticular to speci?c remote sites may be made more random
`
`DESCRIPTION OF SPECIFIC EMBODIMENTS
`
`FIG. 1A depicts a block diagram of a client computer
`system 10 suitable for implementing the present invention.
`Client computer system 10 includes a bus 12 Which inter
`connects major subsystems such as a central processor 14, a
`system memory 16 (typically RAM), an input/output (I/O)
`controller 18, an external device such as a display screen 24
`via display adapter 26, serial ports 28 and 30, a keyboard 32,
`a ?Xed disk drive 34, a ?oppy disk drive 36 operative to
`receive a ?oppy disk 38, and a CD-ROM player 40 operative
`
`65
`
`Ex 1006-7
`
`

`
`3
`to receive a CD-ROM 42. Many other devices can be
`connected such as a mouse 44 connected via serial port 28
`and a modem 46 connected via serial port 30. Modem 46
`may provide a direct connection to a remote server via a
`telephone link or to the Internet via a POP (point of
`presence). Alternatively, some other type of netWork inter
`face system (not shoWn) could be used.
`Many other devices or subsystems (not shoWn) may be
`connected in a similar manner. Also, it is not necessary for
`all of the devices shoWn in FIG. 1A to be present to practice
`the present invention, as discussed beloW. The devices and
`subsystems may be interconnected in different Ways from
`that shoWn in FIG. 1A. The operation of a computer system
`such as that shoWn in FIG. 1A is readily knoWn in the art and
`is not discussed in detail in this application. Code to imple
`ment the present invention may be operably disposed in
`system memory 16 or stored on storage media such as ?xed
`disk 34 or ?oppy disk 38.
`FIG. 1B depicts the interconnection of client computer
`system 10 to remote servers 50, 52, and 54. FIG. 1B depicts
`the Internet 56 interconnecting remote servers 50, 52, and
`54. Modem 42 or some other netWork interface provides the
`connection from client computer system 10 to the Internet
`56. Protocols for exchanging data via the Internet are Well
`knoWn and need not be discussed herein. Although FIG. 1B
`depicts the use of the Internet for exchanging data, the
`present invention is not limited to the Internet.
`One Well-knoWn application of the Internet is the World
`Wide Web
`Remote servers 50, 52, and 54 may
`each provide access to a Web site. To access WWW docu
`ments available on remote servers 50, 52, and 54, client
`computer system 10 operates a special broWser program.
`One preferred broWser used for this purpose is HotJavaTM, a
`broWser available from Sun MicrosystemsTM.
`The Web sites at remote servers 50, 52, and 54 may be
`controlled access Web sites. Whenever a user operating
`client computer system 10 attempts to access a controlled
`access Web site, the Web site forWards a request for authen
`tication to client computer system 10. Typically, the broWser
`Will respond to the authentication request by displaying an
`authentication form having entry ?elds for entering a pass
`Word and a user ID. After receiving input specifying the user
`ID and passWord, the broWser forWards this information to
`the Web site. If the passWord and user ID information are
`correct, the user is permitted access to the Web site. Con
`trolled access Web sites are usually structured to include a
`page that permits the user to register to the site by providing
`a passWord and user ID to be used in later accesses.
`The present invention provides a system for managing
`passWord access to a plurality of remote servers such as
`remote Web sites. This passWord management system is
`preferably implemented as an applet, e.g., a segment of
`executable computer code doWnloadable from a netWork
`and executed as part of a larger program, to be used in
`conjunction With HotJava® or other J ava-enhanced broWs
`ers. Of course, the passWord management features of the
`present invention could also be directly incorporated into a
`broWser program. The remote servers need not be modi?ed
`to provide these features.
`In accordance With the present invention, a user operating
`client computer system 10 need only remember a single
`master passWord that Will be used to access many remote
`servers. The passWord management system of the present
`invention maintains a database of passWords and user IDs as
`they are knoWn to the remote sites. This information is
`encrypted using the master passWord. When a request for
`
`5
`
`15
`
`25
`
`35
`
`45
`
`55
`
`65
`
`6,006,333
`
`4
`authentication is received, the system intercepts the request,
`inhibiting the broWser from displaying the usual authenti
`cation form, decrypts the needed passWord and user ID using
`the master passWord, and forWards the decrypted passWord
`and user ID to the requesting remote site. The remote site
`receives the decrypted passWord and user ID in the same
`Way it Would if this information had been input into the usual
`authentication form at client computer system 10.
`FIG. 2 depicts a table 200 shoWing hoW passWord infor
`mation may be stored in accordance With the present inven
`tion. A table is stored having a separate entry for each of a
`plurality of controlled access Web sites. Each entry includes
`a netWork address 202 of the Web site, typically represented
`as the Universal Resource Locator (URL) Which speci?es
`the site access protocol and name of the site, e.g., “http://
`WWW.sun.com.” In contexts other than the WWW, some
`other address might be used. Each entry further includes the
`user ID 206 and passWord 204 used to log into that site. At
`least the passWord, and preferably also the user ID are
`encrypted using a master passWord as the encryption key.
`The particular encryption scheme and accompanying
`decryption scheme used are not important to the present
`invention. One example of a usable encryption scheme is
`DES. The passWord database of FIG. 2 is preferably stored
`on ?xed disk drive 34.
`FIG. 3 is a ?oWchart depicting hoW a user may be
`authenticated to a remote site in accordance With the present
`invention. The user begins a Web broWsing session by
`starting the Web broWser at step 302. Preferably, the pass
`Word management system of the present invention then
`prompts the user at step 304 for a master passWord Which is
`stored in system memory for later use in encryption and
`decryption of the passWord information stored in the data
`base of FIG. 2.
`For enhanced security, the user can choose by, e.g., setting
`a preference, to never store the master passWord and step
`304 is skipped. Instead, the user is prompted for the master
`passWord Whenever it is needed. This provides enhanced
`security in that unauthoriZed persons Will not be able to
`access remote sites When client computer system 10 is left
`unattended With its broWser softWare running.
`At step 306, the user navigates through the W with
`the assistance of the broWsing softWare in a manner under
`stood by those of skill in the art. At some point, the user
`attempts to access a controlled access Web site Which sends
`an authentication request to client computer system 10. The
`authentication request is received at step 308.
`BroWser programs Will generally respond to an authenti
`cation request by displaying an authentication form having
`entry ?elds for the user’s ID and passWord. HoWever, the
`passWord management system intercepts the request and
`responds to the authentication request at step 310 by inhib
`iting display of this form. Instead, the passWord manage
`ment system attempts to respond to the authentication
`request automatically.
`At step 312, the database of FIG. 2 is scanned for an entry
`having the URL of the Web site sending the authentication
`request. If an entry is found, the passWord management
`system decrypts the passWord and user ID information using
`the master passWord as a key at step 314. If the master
`passWord Was not entered at step 302 due to the preference
`setting, the user is prompted for it noW. If at step 312, no
`URL corresponding to the remote server requesting authen
`tication is found, the passWord management system carries
`out a series of steps related to registration that are discussed
`in reference to FIG. 4. At step 316, the passWord and user ID
`
`Ex 1006-8
`
`

`
`5
`information are decrypted and at step 314 are sent to the
`remote site as if this information had been entered in the
`usual authentication form.
`The user noW has access to the remote Web site. The user
`is preferably not even made aWare of the authentication
`steps. If the user noW selects a second controlled access Web
`site, the process depicted in FIG. 3 repeats.
`FIG. 4 is a ?oWchart depicting hoW a user may register to
`a remote site in accordance With the present invention. If at
`step 312, no entry has been discovered corresponding to the
`URL of the remote Web site, the passWord management
`system proceeds to step 402 Where it checks a list of
`sensitive URLs for Which the user has requested that the
`passWord management system remains inactive. If the URL
`15
`of the Web site requesting authentication is on this list, the
`normal authentication form is displayed for entry of the user
`ID and passWord particular to that site at step 404. This
`alloWs the user to maintain personal control of passWord
`information for particularly sensitive Web sites, e. g., bank or
`mutual fund Web sites Where he or she feels that even storage
`of the passWord in encrypted form does not provide
`adequate security. Of course, this step of checking against
`the list could be performed prior to scanning the passWord
`database at step 312.
`If at step 402 the Web site is not found on the sensitive list,
`execution proceeds to step 406 Where the passWord man
`agement system displays a dialog box With various options.
`Four possible options are:
`a) cancel the visit to the site;
`b) register With the site and have the passWord manage
`ment system remember the user ID and passWord;
`c) register With the site Without having the passWord
`management system remember the user ID and pass
`Word; and
`d) manual entry of user ID and passWord.
`If the user chooses option a), the passWord management
`system directs the broWser to return to the previously
`displayed page at step 408.
`If the user chooses option b), the passWord management
`system sends an authentication failed message to the remote
`server requesting authentication at step 410. Then at step
`412, control of the broWser is returned to the user so that he
`or she can register. The user Will typically be able to navigate
`to a registration screen Where he or she can enter a user ID
`and passWord and often other information required for
`registration. At step 414, the passWord management system
`overlays a modeless (the user is free to visit other WindoWs
`before dismissing the dialog box) dialog box With ?elds into
`Which the user Would input the passWord and user ID under
`Which he or she is registered to the remote site. Typically, the
`user Will simply cut and paste this information from the
`remote server site’s registration form into the dialog box
`presented by the passWord management system. In an alter
`native embodiment, the passWord management system auto
`matically intercepts the user’s passWord information as it is
`input into the registration form. Optionally, at step 416, the
`passWord management system generates and displays a
`suggestion for the passWord. Such an automatically gener
`ated passWord Will typically be less easily guessed and thus
`more secure than one chosen by the user.
`Encryption of the passWord and user ID using the master
`passWord as a key occurs at step 418. If the master passWord
`has not been stored previously, the user is prompted for it at
`this point. Then at step 420, the encrypted passWord and user
`ID are stored With the URL of the remote site in the database
`of FIG. 2.
`
`65
`
`25
`
`35
`
`45
`
`55
`
`6,006,333
`
`6
`If the user chooses option c), the passWord management
`system sends an authentication failed message to the remote
`server requesting authentication at step 422. Then at step
`424, the passWord management system returns control to the
`user for registration at the remote site. Unlike option b), the
`passWord management system does not seek to record the
`user ID and passWord employed to register. Instead, at step
`426, the passWord management system stores the URL of the
`remote site requesting authentication on the sensitive list of
`sites for Which the user Wishes to maintain personal control
`of the passWord information.
`If the user chooses option d), the passWord management
`system simply displays the usual authentication form at step
`428 to alloW the user to manually enter a user ID and
`passWord.
`As can be seen from the above, the present invention
`provides a convenient system for managing passWord infor
`mation for access to multiple controlled access remote
`servers. The user need only remember a single master
`passWord. Since only the master passWord need be
`remembered, the passWords particular to speci?c remote
`sites may be made more random and thus more secure. Once
`the master passWord is entered, the user may seamlessly
`navigate through controlled access Web sites for Which the
`passWord information is already stored. Implementation of
`the passWord management system does not necessarily
`require modi?cation of any remote servers.
`Those of skill in the art Will appreciate that the security
`provided by the passWord management system is not abso
`lute in that encryption could be overcome and the stored
`passWord information discovered. HoWever, typical users
`are likely to react to the need to remember passWords at
`multiple sites by either Writing the passWords doWn in a
`central location or using the same passWord for each site.
`The passWord management system of the present invention
`provides signi?cant security advantages over either of these
`“real-World” passWord management scenarios. Furthermore,
`the passWord management system may be implemented so
`that the user may retain personal control over passWords for
`particularly sensitive sites.
`In the foregoing speci?cation, the invention has been
`described With reference to speci?c exemplary embodiments
`thereof. It Will, hoWever, be evident that various modi?ca
`tions and changes may be made thereunto Without departing
`from the broader spirit and scope of the invention as set forth
`in the appended claims.
`The present invention is not limited to the WWW or the
`Internet. Remote servers could be identi?ed Within a pass
`Word database With identi?ers other than their URLs. A
`database of dial-up bulletin boards could be maintained With
`telephone numbers identifying each remote server. A mixed
`database could also be maintained including both Web sites
`and other remote servers requiring passWords for access.
`User ID information and passWord information need not
`both be encrypted. Furthermore, the system of the present
`invention is not limited in application to sites that require
`both a user ID and a passWord for access.
`Furthermore, the ?oWcharts described herein are illustra
`tive of merely the broad logical How of steps to achieve a
`method of the present invention and that steps may be added
`to, or taken aWay from, the ?oWchart Without departing from
`the scope of the invention. Further, the order of execution of
`steps in the ?oWcharts may be changed Without departing
`from the scope of the invention. Additional considerations in
`implementing the method described by the ?oWchart may
`dictate changes in the selection and order of steps.
`In general, the ?oWcharts in this speci?cation include one
`or more steps performed by softWare routines executing in
`
`Ex 1006-9
`
`

`
`6,006,333
`
`7
`a computer system. The routines may be implemented by
`any means as is known in the art. For example, any number
`of computer programming languages, such as Java scripting
`language, “C”, Pascal, FORTRAN, assembly language, etc.,
`may be used. Further, various programming approaches
`such as procedural, object oriented or arti?cial intelligence
`techniques may be employed.
`Many such changes or modi?cations Will be readily
`apparent to one of ordinary skill in the art. The speci?cation
`and draWings are, accordingly, to be regarded in an illus
`trative rather than a restrictive sense, the invention being
`limited only by the provided claims and their full scope of
`equivalents.
`What is claimed is:
`1. In a netWork, a method of supporting registration of a
`user of a client system to a remote server comprising:
`searching a plurality of netWork addresses for a remote
`server requesting authentication;
`receiving, at said client system, user input specifying a
`user ID and a passWord used to register to said remote
`server;
`encrypting said passWord using a master passWord as a
`key;
`storing said passWord in encrypted form in a database
`along With a netWork address of said remote server.
`searching a list of sensitive netWork addresses for said
`netWork address; and
`if said netWork address is found during said searching,
`displaying an authentication form.
`2. The method of claim 1 Wherein said storing further
`comprises storing said user ID in said database along With
`said netWork address and said passWord in encrypted form.
`3. The method of claim 1 further comprising:
`encrypting said user ID using said master passWord as a
`key; and
`Wherein said storing further comprises storing said user
`ID in encrypted form in said database along With said
`netWork address and said passWord in encrypted form.
`4. The method of claim 1 Wherein said netWork address of
`said remote server is a URL.
`5. The method of claim 1 further comprising:
`displaying a dialog boX having entry ?elds for entering
`said user ID and said passWord; and
`Wherein said receiving comprises receiving said user ID
`and said passWord into said dialog box.
`
`10
`
`15
`
`3O
`
`8
`6. The method of claim 5 Wherein said displaying further
`comprises:
`generating a suggested passWord; and
`displaying said suggested passWord.
`7. Software on a storage medium for, in conjunction With
`a netWork, supporting registration of a user of a client
`system to a remote server, said softWare comprising:
`softWare for searching a plurality of netWork addresses for
`a remote server requesting authentication;
`softWare for receiving, at said client system, user input
`specifying a user ID and a passWord used to register to
`said remote server;
`softWare for encrypting said passWord using a master
`passWord as a key;
`softWare for storing said passWord in encrypted form in a
`database along With a netWork address of said remote
`server;
`softWare for searching a list of sensitive netWork
`addresses for said netWork address; and
`softWare for displaying an authentication form.
`8. The softWare of claim 7 Wherein said storing softWare
`comprises softWare for storing said user ID in said database
`along With said netWork address and said passWord in
`encrypted form.
`9. The softWare of claim 7 further comprising:
`softWare for encrypting said user ID using said master
`passWord as a key; and
`Wherein said storing softWare further comprises softWare
`for storing said user ID in encrypted form in said
`database along With said netWork address and said
`passWord in encrypted form.
`10. The softWare of claim 7 Wherein said netWork address
`of said remote server is a URL.
`11. The softWare of claim 7 further comprising:
`softWare for displaying a dialog boX having entry ?elds
`for entering said user ID and said passWord; and
`Wherein said receiving softWare comprises softWare for
`receiving said user ID and said passWord into said
`dialog boX.
`12. The softWare of claim 11 Wherein said displaying
`softWare further comprises:
`softWare for generating a suggested passWord; and
`softWare for displaying said suggested passWord.
`
`Ex 1006-10