DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This office correspondence is in response to “Amendment and Response under 37 C.F.R. 1.111 filed on June 16, 2025 for application 18/364133 in response to a non-final office action dated May 2, 2025.
Claims 1 – 20 are pending.
Claims 1, 8, and 15 are amended.
Claims 1 – 20 are rejected.
Response to Arguments
Applicant’s arguments filed on 6/16/2025 have been fully considered.
In regard to claims 1, 3 – 4, 7 – 8, and 10 – 13 which were rejected under the ground of provisional non-statutory double patenting as being unpatentable over claims 1, 5 – 9, 11, and 13 – 14 of co-pending U.S. application 18/364190, the applicant states that a terminal disclaimer was filed (see applicant’s remarks page 8) but that is not shown in the file wrapper. As there is no terminal disclaimer that was accepted by the office, the double patenting rejections are not withdrawn.
In regard to claims 1 – 20 which were rejected under35 U.S.C. 103 at least one argument is persuasive to the rejection of claims from the last office action and said rejections are withdrawn, but applicant’s amendment necessitated a new search and consideration resulting in a new grounds of rejections for claims 1 – 20 under 35 U.S.C. 103. The examiner here now responds to each argument. Underlined text indicates claim language that was amended since the last office action
In regard to claims 1, 3 – 5, 7 – 8, 10 – 12, 13 – 15 and 17 – 20 the applicant argues that the combination of Demopoulos and Candelore , fails to teach, anticipate or suggest:
“instructing, by the one or more processors, the password entry UI element to hide the displayed user- selectable password reveal selector if a duration between the first time and the second time exceeds a predetermined threshold duration.” (as recited in claim 1 and substantially replicated in claims 8 and 15)
The applicant states:
“ . . . Applicant notes that the claim 1 recites a condition for hiding the displayed password reveal selector. In contrast, Demopoulos only teaches conditions for displaying the password reveal selector. For example, Demopoulos at Fig. 3 . . .depicts conditions (blocks 312 and 318) for displaying the password reveal selector (block 314) . . . As shown in FIG. 3, Demopoulos only teaches conditions for displaying the password reveal selector. Demopoulos does not teach and/or suggest a condition for hiding the displayed password reveal selector as recited in claim 1. . . . As described in para. [0025], Demopoulos only teaches conditions for displaying the password reveal selector. Demopoulos does not teach and/or suggest a condition for hiding the displayed
password reveal selector as recited in claim 1.
Demopoulos’s password reveal selector is initially concealed from view when the
password entry box is displayed, so that Demopoulos only needs to set conditions for displaying the password reveal selector. . . . As set forth in para. [0023], again, Demopoulos’ password selector is initially concealed, so that Demopoulos only need to set conditions for displaying the password reveal selector.
The Office action in page 16 states that “Candelore teaches if a duration between the first time and the second time exceeds a predetermined threshold duration”. Applicant respectfully disagrees and notes that the claim recited “first time” and the “second time” correspond to a first character entry and a second character entry, respectively. In contrast, Candelore’s “time interval” reflects a total time for a user to enter a whole password (e.g., a 5-character password takes 5 seconds and a 10-character password takes 10 seconds).. . . As set forth in above para. [0139], Candelore’s time interval is a time taken to enter a whole password, instead of a time between two character entries as recited in claim 1. . .
As set forth in above para. [0140]-[0141], Candelore’s time interval is again a time taken to enter a whole password, instead of a time between two character entries as recited in claim 1.
Therefore, Applicant respectfully submits that Candelore does not teach and/or suggest “a duration between the first time and the second time exceeds a predetermined threshold duration” as recited in claim 1.
Further, as detailed above, the Office action acknowledges that Candelore’s teaching specifically requires “re-entry of passwords and a typing behavior of the user to determine a time interval for valid entry, as taught by Candelore.” Office Action at page 17-18. Thus, as detailed above, Candelore’s “typing behavior of the user 112 based on a reception of the set of user inputs” is based on where each Candelore’s input of the set of user inputs is a whole password. Accordingly, a PHOSITA would readily understand that Candelore, as a whole, expressly teach the need for user to enter the whole passwords numerous times for Candelore to determine the user’s “typing behavior’. Accordingly, considering Candelore as a whole, a PHOSITA would readily understand that the Office Action’s combination of Demopoulos and Candelore would result in the alleged, combined implementation that would require numerous whole passwords entries by Demopoulos’ user before Demopoulos’s “password reveal selector 206” would be “ready” to perform based on Candelore’s requirement of first determining user’s “typing behavior”. Accordingly, based on Candelore’s requirement of first determining user’s “typing behavior,” Demopoulos’s “password reveal selector 206” in the Office Action’s alleged combination would never be even displayed until the user would enter the whole password numerous times to be allegedly sufficient to determine the user’s “typing behavior” — 1.e., rendering the Office Action’s alleged combination to be inoperative for Demopoulos’ intended purpose of presenting its “password reveal selector 206” based on a number of characters being typed by the user even during the password entry for the first time — i.e., irrespective of how a number of times the user would be required to enter the whole passwords. Thus, the Office Action’s alleged combination to be inoperative for Demopoulos’ intended purpose since no “password reveal selector 206” would be ever presented even if Demopoulos’ user enters more than a predetermined number of characters (e.g., more than 5 characters) when Demopoulos’ user would begin entering his or her password for the first time.
In addition, Candelore allegedly teaches using the time interval for the authentication of the user. For example, Candelore in FIG. 7 teaches:“[a]uthenticate user based on comparison of determined first time interval and the predefined time interval (716).” (Emphasis added).Accordingly, in FIG. 7, Candelore only teaches a way to authenticate user. . . . As set forth in above para. [0140], Candelore only teaches using the time delay information for authenticating the user. Candelore does not teach and/or suggest the claim recited “hid[ing] the displayed user-selectable password reveal selector if a duration between the first time and the second time exceeds a predetermined threshold duration.” . . .
As set forth in the above paragraph in pages 17-18, the Office action acknowledges that “[s]uch incorporation provides that a time interval could be implemented to measure when to enable a password reveal select”. (emphasis added.) In contrast, claim 1 requires when to hide (disable) the password reveal selector.
Since the condition for hiding the displayed password reveal selector, as recited in claim 1, is absent from both Demopoulos and Candelore individually, such claim limitation cannot be taught and/or suggested by their combination as well.
The above claim limitation of “to hide the displayed user-selectable password reveal selector ifa duration between the first time and the second time exceeds a predetermined threshold duration.” using duration of time to determine when to hide the displayed password reveal selector is similarly present in claims 8 and 15, thus are not taught and/or suggested by the cited references either alone or considered in combination.
In light of the above, it is respectfully believed that Applicant’s now clarified claims 1, 8 and 15, and claims 2-7 that depend on claim 1, claims 9-14 that depend on claim 8, and claims 16- 20 that depend on claim 15, are patentable under U.S.C. §103 . . .” (Applicant’s remarks 9 – 15)
In response to the applicant’s argument:
The applicant’s arguments regarding that the prior art Demopoulos teaches a condition for displaying but not a condition for hiding is not persuasive in light of the recited claim language which requires the password UI element hide the displayed user-selectable password reveal selector. In fact, Demopoulos teaches “ the password reveal selector 206 may be concealed for a password that is shorter in character length, such as for a password that only has four or five characters” and using a broadest reasonable interpretation (BRI) analysis, the teachings of Demopoulos maps to the claim limitation. The applicant also argues that Candolore fails to teach a duration between the first time and the second time exceeds a predetermined threshold duration because the claim construction corresponds to a first character entry and a second character entry, for a time duration but that Candolore’s time interval reflects a total time for entering a whole password. The examiner respectfully disagrees with the applicant’s interpretation as the citation of Candolore that discusses typing behavior provides that “ the circuitry 202A may be configured to monitor the typing behavior of the user 112 based on a reception of the set of user inputs. The typing behavior may include a time interval used, by the user 112, to enter a user input (i.e., a password associated with the user 112). The circuitry 202A may determine, at each instance of the reception of a user input, the time interval used to enter the user input”. One can interpret that user inputs could be a first entry character and a second entry character. However the examiner performed a new search and consideration to discover a new prior art citation Liu et al. (U.S. 2021/0144429 A1; herein referred to as Liu) which in combination with Demopoulos and Candelore provides a new ground of rejection for the amended claims as it provides a tighter mapping for hide the displayed user-selectable password reveal selector if a duration between the first time and the second time exceeds a predetermined threshold duration (see Liu Fig. 6 ¶¶ [0077-00078] as described in the rejections to the claims provided below). Therein the rejections of the prior office action are withdrawn but the new grounds of rejection under 35 USC 103 are described below.
The examiner recommends that the applicant review the specification for disclosure that if integrated into the independent claims would distinguish the amended claims from the cited prior art. The applicant is invited to contact the examiner for an interview to discuss how to move the prosecution forward.
Authorization for Internet Communications
The examiner encourages Applicant to submit an authorization to communicate with the examiner via the Internet by making the following statement (from MPEP 502.03):
“Recognizing that Internet communications are not secure, I hereby authorize the USPTO to communicate with the undersigned and practitioners in accordance with 37 CFR 1.33 and 37 CFR 1.34 concerning any subject matter of this application by video conferencing, instant messaging, or electronic mail. I understand that a copy of these communications will be made of record in the application file.”
Please note that the above statement can only be submitted via Central Fax (not Examiner's Fax), Regular postal mail, or EFS Web using PTO/SB/439.
Double Patenting
The non-statutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A non-statutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on non-statutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP §§ 706.02(l)(1) - 706.02(l)(3) for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based e-Terminal Disclaimer may be filled out completely online using web-screens. An e-Terminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about e-Terminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1, 3 – 4, 7 – 8, and 10 – 13 are rejected on the ground of provisional non-statutory obviousness-type double patenting as being unpatentable over Claims 1, 5 – 9, 11, and 13 – 14 of U.S. application 18/364190. Although the conflicting claims are not identical, they are not patently distinct from each other because both sets of claims are directed to the same invention. This is a provisional obviousness-type double patenting rejection since the claims directed to the same invention have not yet been patented.
In regard to claim 1:
Application 18/364133
Application 18/364190
1. A computer-implemented method comprising:
1. A computer-implemented method comprising:
instructing, by one or more processors, a display screen of a computing device to display a password entry user interface (UI) element configured for input of a plurality of password characters of a password,
instructing, by one or more processors, a display screen of a computing device to display a password entry user interface (UI) element configured for input of a plurality of password characters of a password,
wherein the password entry UI element comprises a user-selectable password reveal selector,
wherein the password entry UI element comprises a user-selectable password reveal selector,
wherein the user-selectable password reveal selector is operable to be toggled between a first state in which the plurality of password characters are obfuscated and a second state in which the plurality of password characters are revealed;
wherein the password reveal selector is operable to be toggled between a first state in which the plurality of password characters are obfuscated and a second state in which the plurality of password characters are revealed;
receiving, by one or more processors, a first entry of at least one password character of the plurality of password characters in the password entry UI element at a first time,
receiving, by one or more processors, an entry of at least one password character of the plurality of password characters in the password entry UI element,
wherein the first entry of the at least one password character of the plurality of password characters is obfuscated while displayed in the password entry UI element;
wherein the entry of the at least one password character of the plurality of password characters is obfuscated while displayed in the password entry UI element;
instructing, by the one or more processors, the password entry element to display the user- selectable password reveal selector upon receiving the first entry of at least one password character;
instructing, by the one or more processors, the password entry UI element to display the password reveal selector;
receiving, by the one or more processors, a second entry of at least one password character of the plurality of password characters in the password entry UI element at a second time; and
instructing, by the one or more processors, the password entry UI element to hide the displayed user- selectable password reveal selector if a duration between the first time and the second time exceeds a predetermined threshold duration.
detecting, by the one or more processors, a speed at which each character of the at least one password character of the plurality of password characters is entered into the password entry UI element;
instructing, by the one or more processors, the password entry UI element to hide the password reveal selector if a total speed at which each character the at least one password character of the plurality of password characters is entered is less than a predetermined threshold speed.
Application 18/364190 claim 1 (herein referred to as ‘190) fails to explicitly teach receiving, by the one or more processors, a second entry of at least one password character of the plurality of password characters in the password entry UI element at a second time ; and
instructing, by the one or more processors, the password entry UI element to hide the displayed user- selectable password reveal selector if a duration between the first time and the second time exceeds a predetermined threshold duration.
However the combination of Demopoulos, Candelore, and Liu teaches receiving, by the one or more processors, a second entry of at least one password character of the plurality of password characters in the password entry UI element at a second time (see Demopoulos ¶ [0026] “ . . .the selector display condition may be based on whether the width parameter 208 is a minimum of at least five password characters, and whether at least four password characters have been entered in the password entry box. . . “) (e.g. if at least four password characters , each one would have been entered at separate times, each character time 1 through time 4); and
instructing, by the one or more processors, the password entry UI element to hide the user- selectable password reveal selector (see Demopoulos ¶ [0026] “ . . . , the password reveal selector 206 may be concealed for a password that is shorter in character length, such as for a password that only has four or five characters. A minimum character length for passwords can optionally be specified by a developer, or may be a user-configurable parameter that a user of the computing device can manage. . . “; see Liu Fig. 6 ¶ [0078] “ . . . FIG. 6 illustrates an exemplary screen shot of a user interface dashboard when a user invokes an arc menu UI for inputting discrete user information. The arc menu UI may change dynamically to allow a user to “dial” the user's secret code, password or PIN to unlock a channel. As described, arc menu 602 may contextually change to display character entry 604 for four (4) characters secret code, password or PIN. The character ‘dialed” and selected into character entry is preferably displayed only while the user “dials” the arc dialer 603 and is changed to a hidden character symbol (for example “*”) to prevent the user's secret code or password from being exposed. . . .”) ) if a duration between the first time and the second time exceeds a predetermined threshold duration (e.g. time interval based on typing behavior – predefined time interval ) (see Candelore Fig. 7 ¶¶ [0139-0141] as described for the 35 USC 103 rejection for claim 1 described below); see Liu ¶ [0077] “ . . . A user may select their choice of character (for example “1”) by pressing on selection key, or by moving the character entry highlighter 515 to next character to the right by pressing on navigation key or by waiting for predetermined time (for example, 1 second) to elapse. . . .”)
It would have been obvious to one with ordinary skill in the art before the effective filing date of the applicant’s application to incorporate systems, devices, and methods for implementing a password reveal selector, where a password entry box is displayed for input of password characters of a password, and the password entry box includes a password reveal selector for user-selection to reveal the password, with password based authentication of users based on re-entry of passwords and a typing behavior of the user to determine a time interval, and a displayed character entry to be changed to a hidden character after a pre-determined time as taught by the combination Demopoulos, Candelore and Liu, into the claimed invention of Application 18/364190. Such incorporation enables the password reveal selector to be hidden if there is a delay between entering the characters of the password.
In regard to claim 3, see claim 5 of ‘190.
In regard to claim 4, see claim 6 of ‘190.
In regard to claim 7, see claim 7 of ‘190.
In regard to claim 8:
Application 18/364133
Application 18/364190
8. A computer-implemented method comprising:
8. A computer-implemented method comprising:
instructing, by one or more processors, a display screen of a computing device to display a password entry user interface (UI) element configured for input of a plurality of password characters of a password,
instructing, by one or more processors, a display screen of a computing device to display a password entry user interface (UI) element configured for input of a plurality of password characters of a password,
wherein the password entry UI element comprises a user-selectable password reveal selector,
wherein the password entry UI element comprises a user-selectable password reveal selector,
wherein the user-selectable password reveal selector is operable to be toggled between a first state in which the plurality of password characters are obfuscated and a second state in which the plurality of password characters are revealed;
wherein the password reveal selector is operable to be toggled between a first state in which the plurality of password characters are obfuscated and a second state in which the plurality of password characters are revealed;
receiving, by one or more processors, an entry of at least one password character of the plurality of password characters in the password entry UI element,
receiving, by one or more processors, an entry of at least one password character of the plurality of password characters in the password entry UI element,
wherein the entry of the at least one password character of the plurality of password characters is obfuscated while displayed in the password entry UI element;
wherein the entry of the at least one password character of the plurality of password characters is obfuscated while displayed in the password entry UI element;
instructing, by the one or more processors, the password entry UI element to display the user-selectable password reveal selector, upon receiving the entry of at least one password character;
instructing, by the one or more processors, the password entry UI element to display the password reveal selector;
receiving, by the one or more processors, a user selection of the user-selectable password reveal selector via a user input, wherein the user selection of the user-selectable password reveal selector is for a duration of time; and
instructing, by the one or more processors, the password entry UI element to hide the displayed user- selectable password reveal selector if the duration of time exceeds a predetermined threshold duration.
instructing, by the one or more processors, the password entry UI element to hide the password reveal selector if a duration between a first time at which a first character of the at least one password character of the plurality of password characters and a second time at which a last character of the at least one password character of the plurality of password characters is less than a predetermined threshold duration.
detecting, by the one or more processors, a time at which each character of the at least one password character of the plurality of password characters is entered into the password entry UI element;
Application 18/364190 claim 8 (herein referred to as ‘190) fails to explicitly teach receiving, by the one or more processors, a user selection of the user-selectable password reveal selector via a user input, wherein the user selection of the user-selectable password reveal selector is for a duration of time;
However Demopoulos and Liu teaches receiving, by the one or more processors, a user selection of the user-selectable password reveal selector via a user input, wherein the user selection of the user-selectable password reveal selector is for a duration of time (see Demopoulos ¶ [0029] “ . . . a user may select the password reveal selector 206 as shown at 222 and, as shown at 224, a message 226 is displayed to indicate that the password will be revealed after a timing delay. The timing delay before the password is revealed can be configurable from zero to any duration of time, such as a delay of a few seconds. For a timing delay of zero seconds, the password is revealed at approximately the same time as when the user selects or presses the password reveal selector. Alternatively or in addition, the password can be revealed in the password entry box for as long as the user-selection of the password reveal selector is received. For example, when the user presses to select the password reveal selector 206 as shown at 222 to initiate revealing the password in the password entry box, the password is revealed and displayed for viewing as shown at 228 for as long as the user-selection of the password reveal selector 206 is maintained (e.g., and optionally after the timing delay and/or message 226 is displayed). . . “see Liu ¶ [0077] “ . . . A user may select their choice of character (for example “1”) by pressing on selection key, or by moving the character entry highlighter 515 to next character to the right by pressing on navigation key or by waiting for predetermined time (for example, 1 second) to elapse. . . .” );
It would have been obvious to one with ordinary skill in the art before the effective filing date of the applicant’s application to incorporate systems, devices, and methods for implementing a password reveal selector, where a password entry box is displayed for input of password characters of a password, and the password entry box includes a password reveal selector for user-selection to reveal the password, and a displayed character entry to be changed to a hidden character after a pre-determined time as taught by Demopoulos and Liu, into the claimed invention of Application 18/364190. Such incorporation enables the password reveal selector to be available for a predetermined duration of time while keystrokes are being entered.
In regard to claim 10, see claim 13 of ‘190.
In regard to claim 11, see claim 14 of ‘190.
In regard to claim 12, see claim 11 of ‘190.
In regard to claim 13, see claim 9 of ‘190.
35 USC § 101 Analysis
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
The claimed invention is directed to statutory subject matter and are not rejected under 35 USC 101 because of a judicial exception.. A claim is non-statutory when it is directed to a judicial exception (e.g. either one of mathematical concepts, mental processes, or certain methods of organizing human activity) without significantly more. For this application, the claims are directed to non-abstract improvements in computer related technology. The claimed subject matter is integrated into a practical application under prong 2 of the Step 2A analysis as documented in MPEP 2016.04(d). The claimed invention is not directed to a judicial exception. Instead, the claimed invention is directed to a technological improvement for instructing a computing device to display a password entry element configured for input of a plurality of password characters of a password, where the password entry element includes a password reveal selector, where the password reveal selector is operable to be toggled between a first state in which the plurality of password characters are obfuscated and a second state in which the plurality of password characters are revealed. In an embodiment, the claims recite, receiving a first entry of the plurality of password characters in the password entry element at a first time, instructing the password entry element to display the password reveal selector, therein receiving a second entry of the plurality of password characters in the password entry element at a second time, and further instructing the password entry element to hide the password reveal selector if a duration between the first time and the second time exceeds a predetermined threshold duration. The ordered combination of the limitations in the claims provide a necessary and useful improvement for securely entering a password, as in some embodiments, the system may be configured to hide and/or show the password reveal selector based on various password reveal selector conditions or for example, the password reveal selector conditions may be time-based or based on manipulation of a display of a user computing device, so that the claimed invention provides a technically advantageous computer architecture that improves security when entering a password by providing conditions which must be met before a password may be displayed. Therein the claims are statutory.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1, 3 – 5, 7 – 8, 10 – 12, 13 – 15 and 17 – 20 are rejected under 35 U.S.C. 103 as being un-patentable over Demopoulos et al. (U.S. 2013/0067385 A1; herein referred to as Demopoulos) in view of Candelore (U.S. 2024/0193239 A1; herein referred to as Candelore) in further view of Liu et al. (U.S. 2021/0144429 A1; herein referred to as Liu).
In regard to claim 1, Demopoulos teaches A computer-implemented method (see Figs. 3, 4 ¶ [0032] “ . . . Example methods 300 and 400 are described with reference to FIGS. 3 and 4 in accordance with one or more embodiments of a password reveal selector . . .”) comprising:
instructing, by one or more processors (see ¶ [0032] “ . . . A software implementation represents program code that performs specified tasks when executed by a computer processor. The example methods may be described in the general context of computer-executable instructions, which can include software, applications, routines, programs, objects, components, data structures, procedures, modules, functions, and the like. The program code can be stored in one or more computer-readable storage media devices, both local and/or remote to a computer processor. The methods may also be practiced in a distributed computing environment by multiple computer devices. Further, the features described herein are platform-independent and can be implemented on a variety of computing platforms having a variety of processors. . . .”) a display screen of a computing device to display a password entry user interface (UI) element configured for input of a plurality of password characters of a password (see ¶ [0021] “ . . . The text box control module includes a text box control 122 that can be instantiated as a text box 124, such as a password entry box, for display on the integrated display 114 of a computing device 102, or for display on the display device 110. The text box 124 can be implemented as any type of text entry box, password entry box, or form control that is instantiated in a user interface, such as a form, HTML page, or document to facilitate user input of character entries 126 (e.g., letters, numbers, and/or other alphanumeric characters). . . “),
wherein the password entry UI element comprises a user-selectable password reveal selector (see ¶ [0021] “ . . . the text box control 122 includes a password reveal selector 128 that can be incorporated as part of the text box control and bound to the text box control when instantiated in a user interface, such as in a form, page, or document that includes a text box 124 for character entries 126. . . .”),
wherein the user-selectable password reveal selector is operable to be toggled between a first state (e.g. password characters 210 for a password being obfuscated is the first state) in which the plurality of password characters are obfuscated and a second state in which the plurality of password characters are revealed (e.g. password character 210 revealed is second state) (see Fig. 2, ¶ [0028] “ . . . the password characters 210 for a password are initially obfuscated in the password entry box 204 to conceal the password from view and preclude others from obtaining the password from the user. The password reveal selector 206 of the password entry box 204 is implemented for user-selection to reveal the password in the password entry box. For example, on a touch-screen display, a user can press to select the password reveal selector 206 as shown at 222 to initiate revealing the password characters 210 in the password entry box. Alternatively, a user may select the password reveal selector by holding down a mouse button, with a keyboard shortcut, or other user-selectable mechanism. In implementations, the text box control module 120 at the computing device 102 initiates revealing the password (e.g., displaying the password characters) in the password entry box when a user-selection of the password reveal selector is received. . . .”; see ¶ [0030] “ . . . the password can be revealed in the password entry box 204 for a duration of time after a user-selection of the password reveal selector 206 is received. For example, the user can press to select the password reveal selector as shown at 222, and then release the selection. The password is then revealed and displayed for viewing in the password entry box as shown at 228 for a duration of time, which can be configurable from zero to any duration of time. For example, the password may be revealed for a few seconds. Alternatively, the password reveal selector 206 can be implemented as a toggle selector, and the password characters are revealed to display the password in the password entry box after a first user-selection of the password reveal selector is received. The password characters are then obfuscated again in the password entry box after a second user-selection of the password reveal selector is received to toggle the selector. . .” );
receiving, by one or more processors, a first entry of at least one password character of the plurality of password characters in the password entry UI element at a first time (see ¶ [0035] “ . . . , the password entry box 204 includes the password reveal selector 206, which is initially concealed from view when the password entry box is displayed because a password character of a password has not yet been received in the password entry box. When at least one password character 210 is received in the password entry box as shown at 212, the password reveal selector 206 is then displayed for user-selection to initiate revealing the password. . . .”),
wherein the first entry of the at least one password character of the plurality of password characters is obfuscated while displayed in the password entry UI element (see ¶ [0036] “. . . At block 306, password characters are received for display in the password entry box and, at block 308, the password characters are obfuscated when displayed in the password entry box. For example, the computing device 102 receives the character entries 126 for a password from any type of input device, such as a keyboard, mouse, on-screen keyboard, remote control device, game controller, or any other type of user-initiated and/or user-selectable input device. In the examples 200, the password entry box 204 includes password characters 210 that are obfuscated to conceal the entries from view and preclude others from obtaining the password. . . .”);
instructing, by the one or more processors, the password entry element to display the user- selectable password reveal selector upon receiving the first entry of at least one password character (e.g. at least one password character) (see ¶ [0025] “. . . the password reveal selector of a password entry box can be displayed based on a selector display condition, such as based on whether the width parameter (e.g., the width of a password entry box) is at least a minimum number. For example, the password entry box 204 may have a width parameter 208 of ten characters, which indicates that the password entry box can have ten password characters. The selector display condition may then be based on whether the width parameter is at least five password characters, in which case, the password reveal selector 206 is displayed when at least one password character is received in the password entry box. When at least one password character 210 is received in the password entry box, the password reveal selector 206 is then displayed for user-selection as shown at 212 . . .” see also ¶¶ [0037-0040];
receiving, by the one or more processors, a second entry of at least one password character of the plurality of password characters in the password entry UI element at a second time (see ¶ [0026] “ . . .the selector display condition may be based on whether the width parameter 208 is a minimum of at least five password characters, and whether at least four password characters have been entered in the password entry box. . . “) (e.g. if at least four password characters , each one would have been entered at separate times, each character time 1 through time 4) ; and
instructing, by the one or more processors, the password entry UI element to hide (see ¶ [0026] “ . . . , the password reveal selector 206 may be concealed for a password that is shorter in character length, such as for a password that only has four or five characters. A minimum character length for passwords can optionally be specified by a developer, or may be a user-configurable parameter that a user of the computing device can manage. . . “)
Demopoulos fails to explicitly teach hide the displayed user- selectable password reveal selector if a duration between the first time and the second time exceeds a predetermined threshold duration.
However Candelore teaches if a duration between the first time and the second time exceeds a predetermined threshold duration (e.g. time interval based on typing behavior – predefined time interval ) (see Fig. 7 ¶¶ [0139-0141] “ . . . At 704, a typing behavior of the user 112 may be monitored based on a reception of the set of user inputs. In at least one embodiment, the circuitry 202A may be configured to monitor the typing behavior of the user 112 based on a reception of the set of user inputs. The typing behavior may include a time interval used, by the user 112, to enter a user input (i.e., a password associated with the user 112). The circuitry 202A may determine, at each instance of the reception of a user input, the time interval used to enter the user input. The circuitry 202A may generate a record, associated with the user 112, based on the time interval determined at each instance of the reception of user inputs during a monitoring period. The record may be indicative of variations in the time interval used to enter user inputs during the monitoring period. In an embodiment, each entry in the record may constitute a time interval used to enter a user input that corresponds to the correct password (i.e., the pre-stored password). The time interval used to enter a user input that does not correspond to the correct password may not be included in the record. At 706, time delay information, indicative of a predefined time interval associated with a password entry for the authentication of the user 112, may be determined based on the monitored typing behavior. In at least one embodiment, the circuitry 202A may be configured to determine, based on the typing behavior, the time delay information that may be indicative of the predefined time interval associated with the password entry for the authentication of the user 112. The time delay information may correspond to the time interval used for entry of a user input (i.e., a password associated with the user 112). The predefined time interval may be determined based on the generated record of variations of the time interval used for entry of the password during the monitoring period. The record of variations may correspond to a variation of amount of time taken by the user 112 to enter user inputs during the monitoring period. The variations in the time interval in the entries of the record may be based on inclusion of “entry of the password” as a user activity associated with the user 112. The time interval recorded (during the monitoring period) across entries may be stable if the “entry of the password” is frequently or consistently included in the user activity. On the other hand, the time interval recorded (during the monitoring period) across entries may have variations if the “entry of the password” is not included frequently or consistently in the user activity. In accordance with an embodiment, the predefined time interval may be determined based on a set of entries of the record in which the time interval is stable. For example, the predefined time interval may be determined as “4” seconds. . . “).
It would have been obvious to one with ordinary skill in the art before the effective filing date of the applicant’s application to incorporate systems, devices, and methods for password based authentication of users based on re-entry of passwords and a typing behavior of the user to determine a time interval for valid entry, as taught by Candelore, into systems, devices, and methods for implementing a password reveal selector, where a password entry box is displayed for input of password characters of a password, and the password entry box includes a password reveal selector for user-selection to reveal the password, as taught by Demopoulos. Such incorporation provides that a time interval could be implemented to measure when to enable a password reveal select.
The combination of Demopoulos and Candelore fails to explicitly teach hide the user- selectable password reveal selector (see Liu Fig. 6 ¶ [0078] “ . . . FIG. 6 illustrates an exemplary screen shot of a user interface dashboard when a user invokes an arc menu UI for inputting discrete user information. The arc menu UI may change dynamically to allow a user to “dial” the user's secret code, password or PIN to unlock a channel. As described, arc menu 602 may contextually change to display character entry 604 for four (4) characters secret code, password or PIN. The character ‘dialed” and selected into character entry is preferably displayed only while the user “dials” the arc dialer 603 and is changed to a hidden character symbol (for example “*”) to prevent the user's secret code or password from being exposed. . . .”) if a duration between the first time and the second time exceeds a predetermined threshold duration see Liu ¶ [0077] “ . . . A user may select their choice of character (for example “1”) by pressing on selection key, or by moving the character entry highlighter 515 to next character to the right by pressing on navigation key or by waiting for predetermined time (for example, 1 second) to elapse. . . .” ).
It would have been obvious to one with ordinary skill in the art before the effective filing date of the applicant’s application to incorporate systems, devices, and methods for an intuitive user interface to enable a character entry to be changed to a hidden character when displayed after a pre-determined time, as taught by Liu, into systems, devices, and methods for implementing a password reveal selector, where a password entry box is displayed for input of password characters of a password, and the password entry box includes a password reveal selector for user-selection to reveal the password, with password based authentication of users based on re-entry of passwords and a typing behavior of the user to determine a time interval for valid entry as taught by the combination Demopoulos and Candelore. Such incorporation enables the password reveal selector to be available for a predetermined duration of time while keystrokes are being entered.
In regard to claim 3, the combination of Demopoulos, Candelore and Liu teaches wherein the user-selectable password reveal selector moves from the first state to the second state upon a user selection of the user-selectable password reveal selector (see Demopoulos ¶ [0030] “ . . . the password reveal selector 206 can be implemented as a toggle selector, and the password characters are revealed to display the password in the password entry box after a first user-selection of the password reveal selector is received. The password characters are then obfuscated again in the password entry box after a second user-selection of the password reveal selector is received to toggle the selector. . . “; see also Demopoulos ¶¶ [0048-0049] “ . . . a user can initiate revealing the password by selecting the password reveal selector a first time, and then while the password characters of the password are revealed and viewable, select the password reveal selector a second time to initiate obfuscating the password characters so that they are no longer viewable on the display. If the password is revealed based on a toggle selection of the password reveal selector (i.e., yes from block 418), then at block 420, a determination is made as to whether a toggle user-selection of the password reveal selector has been received . . .” )
In regard to claim 4, the combination of Demopoulos, Candelore, and Liu teaches wherein the user-selectable password reveal selector remains in the second state until a user selection is removed from the user-selectable password reveal selector (see Demopoulos ¶¶ [0046-0047] “ . . . At block 412, a determination is made as to whether the password characters continue to be revealed based on a continued user-selection of the password reveal selector. For example, when the user presses to select the password reveal selector 206 as shown at 222 to initiate revealing the password in the password entry box 204, the password is revealed and displayed for viewing as shown at 228 for as long as the user-selection of the password reveal selector 206 is maintained. If the password characters continue to be revealed based on a continued user-selection of the password reveal selector (i.e., yes from block 412), then at block 414, a determination is made as to whether the user-selection of the password reveal selector is still being received as described with reference to block 402. If the user-selection of the password reveal selector is still being received (i.e., yes from block 414), then the method continues at block 406 to reveal the password in the password entry box. If the user-selection of the password reveal selector is not still being received (i.e., no from block 414), then at block 416, the password characters that are displayed in the password entry box are obfuscated so that the password is no longer viewable on the display. . .”)
In regard to claim 5, the combination of Demopoulos, Candelore, and Liu teaches wherein the user-selectable password reveal selector is displayed after the first entry of the at least one password character of the plurality of password characters is received in the password entry UI element (see Demopoulos ¶ [0035] “ . . . the password reveal selector is conceal