DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This office action is in response to communication filed on 03/20/2025.
Status of claims in the instant application:
Claims 1-20 are pending.
Priority
This application is a CON of 18/098,325 filed on 01/18/2023 now Pat US 12284203 B2.
Information Disclosure Statement
Information Disclosure Statements (IDS) filed on 03/20/2025 have been considered, and a signed copies of the IDS forms have been attached to this office action.
Drawings
The drawings are objected to because text descriptions are not legible. For example, texts in FIG. 3 are not legible.
Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. Any amended replacement drawing sheet should include all of the figures appearing on the immediate prior version of the sheet, even if only one figure is being amended. The figure or figure number of an amended drawing should not be labeled as “amended.” If a drawing figure is to be canceled, the appropriate figure must be removed from the replacement sheet, and where necessary, the remaining figures must be renumbered and appropriate changes made to the brief description of the several views of the drawings for consistency. Additional replacement sheets may be necessary to show the renumbering of the remaining figures. Each drawing sheet submitted after the filing date of an application must be labeled in the top margin as either “Replacement Sheet” or “New Sheet” pursuant to 37 CFR 1.121(d). If the changes are not accepted by the examiner, the applicant will be notified and informed of any required corrective action in the next Office action. The objection to the drawings will not be held in abeyance.
Specification
Specification filed on 03/20/2025 has been inspected and it’s in compliance with MPEP 608.01.
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of U.S. Patent No. US 12284203. Although the claims at issue are not identical, they are not patentably distinct from each other because the claims of the instant application are anticipated by the claims of the issued patent US 12284203.
Instant Application
Reference Patent (US 12284203)
1. A computing platform comprising: at least one processor; a communication interface communicatively coupled to the at least one processor; and memory storing computer-readable instructions that, when executed by the at least one processor, cause the computing platform to: train, based on historical password hashes, an attack pattern analysis model, wherein training the attack pattern analysis model configures the attack pattern analysis model to output a behavior profile corresponding to a plurality of parameters and a cumulative attack score; extract, from network traffic of a network, a first password hash associated with a password failure rate spike; generate, based on inputting the first password hash into the attack pattern analysis model, a first behavior profile corresponding to a first plurality of parameters for the first password hash; generate, using the attack pattern analysis model, a first cumulative attack score corresponding to the first password hash and based on the first behavior profile corresponding to the first plurality of parameters; compare the first cumulative attack score to a threshold value, and in response: based on identifying that the first cumulative attack score is below the threshold value: send a notification to an enterprise user device; or based on identifying that the first cumulative attack score meets or exceeds the threshold value: identify the first password hash as an attacked hash; generate password complexity rules based on the attacked hash, wherein generating the password complexity rules updates a password enforcement policy preventing use of the attacked hash as a future password; and cause, based on generating the password complexity rules, storage of the password complexity rules at an attack pattern storage system; and update the attack pattern analysis model based on the attacked hash and the cumulative attack score.
4. The computing platform of claim 2, wherein the memory stores additional computer-readable instructions that, when executed by the at least one processor, cause the computing platform to: identify, based on monitoring the network traffic, the password failure rate spike.
1. A computing platform comprising: at least one processor; a communication interface communicatively coupled to the at least one processor; and memory storing computer-readable instructions that, when executed by the at least one processor, cause the computing platform to: train, based on historical password hashes, an attack pattern analysis model, wherein training the attack pattern analysis model configures the attack pattern analysis model to output, for a password hash, a behavior profile corresponding to a plurality of parameters and a cumulative attack score; monitor network traffic of a network, wherein monitoring the network traffic of the network comprises monitoring a password failure rate; identify, based on the monitoring of the password failure rate, a password failure rate spike; extract, from the network traffic of the network, a first password hash associated with the password failure rate spike; generate, based on inputting the first password hash into the attack pattern analysis model, a first behavior profile corresponding to a first plurality of parameters for the first password hash; generate, using the attack pattern analysis model, a first cumulative attack score corresponding to the first password hash based on the first behavior profile corresponding to the first plurality of parameters; compare the first cumulative attack score to a threshold value; based on identifying that the first cumulative attack score is below the threshold value: identify the first password hash as a secure hash, and send a notification to an enterprise user device; based on identifying that the first cumulative attack score meets or exceeds the threshold value: identify the first password hash as an attacked hash, generate password complexity rules based on the attacked hash, wherein generating the password complexity rules updates a password enforcement policy preventing use of the attacked hash as a future password, and cause, based on generating the password complexity rules, storage of the password complexity rules at an attack pattern storage system; and refine the attack pattern analysis model based on the attacked hash and the cumulative attack score.
2. The computing platform of claim 1, wherein generating the password complexity rules comprises: retrieving, from the attack pattern storage system, a plurality of additional attacked hashes; identifying, based on the attacked hash and the plurality of additional attacked hashes, one or more requirements corresponding to password creation; and updating, based on the one or more requirements corresponding to password creation, the password enforcement policy, wherein updating the password enforcement policy is further based on the one or more requirements corresponding to password creation.
2. The computing platform of claim 1, wherein generating the password complexity rules comprises: retrieving, from the attack pattern storage system, a plurality of additional attacked hashes; identifying, based on the attacked hash and the plurality of additional attacked hashes, one or more requirements corresponding to password creation; and updating, based on the one or more requirements corresponding to password creation, the password enforcement policy, wherein updating the password enforcement policy is further based on the one or more requirements corresponding to password creation.
3. The computing platform of claim 2, wherein the one or more requirements corresponding to password creation comprise one or more of: restrictions on included terms, restrictions on certain alphanumeric sequences, numeral inclusion requirements, special character inclusion requirements, letter case requirements, recency restrictions, or length requirements.
3. The computing platform of claim 2, wherein the one or more requirements corresponding to password creation comprise one or more of: restrictions on included terms, restrictions on certain alphanumeric sequences, numeral inclusion requirements, special character inclusion requirements, letter case requirements, recency restrictions, or length requirements.
5. The computing platform of claim 1, wherein the memory stores additional computer-readable instructions that, when executed by the at least one processor, cause the computing platform to: receive, from the attack pattern storage system, the historical password hashes; and based on identifying the attacked hash, send, to the attack pattern storage system, one or more commands directing the attack pattern storage system to store the attacked hash.
5. The computing platform of claim 1, wherein the memory stores additional computer-readable instructions that, when executed by the at least one processor, cause the computing platform to: receive, from the attack pattern storage system, the historical password hashes; and based on identifying the attacked hash, send, to the attack pattern storage system, one or more commands directing the attack pattern storage system to store the attacked hash.
6. The computing platform of claim 1, wherein the memory stores additional computer-readable instructions that, when executed by the at least one processor, cause the computing platform to perform behavioral analysis, wherein performing behavioral analysis operations comprises: building, using the attacked hash and a plurality of additional attacked hashes, a network graph comprising a plurality of nodes and a plurality of edges, wherein each of the plurality of nodes corresponds to a parameter and each of the plurality of edges corresponds to a hash; shading, based on a concentration of the plurality of edges and the plurality of nodes, the network graph; and updating, based on the shading and the attacked hash, the first cumulative attack score.
6. The computing platform of claim 5, wherein performing behavioral analysis operations comprises: building, using the attacked hash and a plurality of additional attacked hashes, a network graph comprising a plurality of nodes and a plurality of edges, wherein each of the plurality of nodes corresponds to a parameter and each of the plurality of edges corresponds to a hash; shading, based on a concentration of the plurality of edges and the plurality of nodes, the network graph; and updating, based on the shading and the attacked hash, the first cumulative attack score.
7. The computing platform of claim 2, wherein the memory stores additional computer-readable instructions that, when executed by the at least one processor, cause the computing platform to: receive, from a user device, a proposed password; compare the proposed password to the updated password enforcement policy; identify, based on the comparing, whether the proposed password passes or fails a compliance check based on the updated password enforcement policy, and in response: based on identifying that the proposed password passes the compliance check, updating a user profile corresponding to the user device; or based on identifying that the proposed password fails the compliance check, rejecting the proposed password and sending the updated password enforcement policy to the user device.
7. The computing platform of claim 2, wherein the memory stores additional computer-readable instructions that, when executed by the at least one processor, cause the computing platform to: receive, from a user device, a proposed password; compare the proposed password to the updated password enforcement policy; identify, based on the comparing, whether the proposed password passes or fails a compliance check based on the updated password enforcement policy; based on identifying that the proposed password passes the compliance check, updating a user profile corresponding to the user device; and based on identifying that the proposed password fails the compliance check, rejecting the proposed password and sending the updated password enforcement policy to the user device.
8. The computing platform of claim 7, wherein the user profile corresponding to the user device comprises: a user identifier; and a password repository corresponding to one or more historical passwords.
8. The computing platform of claim 7, wherein the user profile corresponding to the user device comprises: a user identifier; and a password repository corresponding to one or more historical passwords.
9. The computing platform of claim 1, wherein the memory stores additional computer-readable instructions that, when executed by the at least one processor, cause the computing platform to: send, to the enterprise user device, one or more display commands directing the enterprise user device to display a user interface and requesting user input corresponding to a password hash designation; receive, based on requesting the user input corresponding to the password hash designation, the user input corresponding to the password hash designation from the enterprise user device; based on user input directing the computing platform to override the password hash designation, override the password hash designation; and based on user input directing the computing platform to confirm the password hash designation, confirm the password hash designation.
9. The computing platform of claim 1, wherein the memory stores additional computer-readable instructions that, when executed by the at least one processor, cause the computing platform to: send, to the enterprise user device, one or more display commands directing the enterprise user device to display a user interface and requesting user input corresponding to a password hash designation; receive, based on requesting the user input corresponding to the password hash designation, the user input corresponding to the password hash designation from the enterprise user device; based on user input directing the computing platform to override the password hash designation, override the password hash designation; and based on user input directing the computing platform to confirm the password hash designation, confirm the password hash designation.
10. The computing platform of claim 9, wherein the password hash designation comprises a secure hash designation or an attacked hash designation.
10. The computing platform of claim 9, wherein the password hash designation comprises a secure hash designation or an attacked hash designation.
11. The computing platform of claim 1, wherein extracting the first password hash comprises: identifying, based on the network traffic, a frequency score corresponding to the first password hash associated with the password failure rate spike, wherein the frequency score indicates a number of authentication attempts corresponding to the first password hash; comparing the frequency score to a failure rate threshold; and based on identifying that the frequency score meets or exceeds the failure rate threshold, storing the first password hash to the computing platform.
11. The computing platform of claim 1, wherein extracting the password hash comprises: identifying, based on the network traffic, a frequency score corresponding to the first password hash associated with the password failure rate spike, wherein the frequency score indicates a number of authentication attempts corresponding to the first password hash; comparing the frequency score to a failure rate threshold; and based on identifying that the frequency score meets or exceeds the failure rate threshold, storing the first password hash to the computing platform.
12. The computing platform of claim 11, wherein the frequency score comprises one or more of: an integer value, a binary value, a decimal value, a fractional value, or a percentile value.
12. The computing platform of claim 11, wherein the frequency score comprises one or more of: an integer value, a binary value, a decimal value, a fractional value, or a percentile value.
13. The computing platform of claim 1, wherein the first behavior profile comprises: a list of the first plurality of parameters; and values corresponding to the first plurality of parameters, wherein the values corresponding to the first plurality of parameters comprise one or more of: numerical values, percentile values, or binary values.
13. The computing platform of claim 1, wherein the first behavior profile comprises: a list of the first plurality of parameters; and values corresponding to the first plurality of parameters, wherein the values corresponding to the first plurality of parameters comprise one or more of: numerical values, percentile values, or binary values.
14. The computing platform of claim 13, wherein the first plurality of parameters comprises one or more of: data duplication, speed of interaction, typing pattern, error rate, vicinity of request source, mouse dynamics, event sequence analysis, request data patterns, browser configuration, operating system configuration, device battery level, request payload pattern, request timestamp duplication, request timestamp pattern, or trust of a source internet protocol.
14. The computing platform of claim 13, wherein the first plurality of parameters comprises one or more of: data duplication, speed of interaction, typing pattern, error rate, vicinity of request source, mouse dynamics, event sequence analysis, request data patterns, browser configuration, operating system configuration, device battery level, request payload pattern, request timestamp duplication, request timestamp pattern, or trust of a source internet protocol.
15. The computing platform of claim 1, wherein the password failure rate spike is associated with a password failure rate comprising an indicator of a number of failed authentication attempts corresponding to the first password hash and requested by a user.
15. The computing platform of claim 1, wherein the password failure rate comprises an indicator of a number of failed authentication attempts corresponding to the first password hash and requested by a user.
16. The computing platform of claim 1, wherein the memory stores additional computer-readable instructions that, when executed by the at least one processor, cause the computing platform to: identify, based on the network traffic, a device signature associated with the password failure rate spike; and configure, based on the device signature, a device attack list, wherein the device attack list causes the computing platform to: based on the device attack list, reject password change requests corresponding to user devices included in the device attack list.
16. The computing platform of claim 1, wherein the memory stores additional computer-readable instructions that, when executed by the at least one processor, cause the computing platform to: identify, based on the network traffic, a device signature associated with the password failure rate spike; and configure, based on the device signature, a device attack list, wherein the device attack list causes the computing platform to: based on the device attack list, reject password change requests corresponding to user devices included in the device attack list.
17. The computing platform of claim 1, wherein the threshold value is a configurable value configured by an enterprise user.
17. The computing platform of claim 1, wherein the threshold value is a configurable value configured by an enterprise user.
18. The computing platform of claim 1, wherein the first cumulative attack score comprises one or more of: an integer value, a percentage value, a decimal value, a hexadecimal value, or a binary value.
18. The computing platform of claim 1, wherein the first cumulative attack score comprises one or more of: an integer value, a percentage value, a decimal value, a hexadecimal value, or a binary value.
19. A method comprising: at a computing platform comprising at least one processor, a communication interface, and memory: training, based on historical password hashes, an attack pattern analysis model, wherein training the attack pattern analysis model configures the attack pattern analysis model to output a behavior profile corresponding to a plurality of parameters and a cumulative attack score; extracting, from network traffic of a network, a first password hash associated with a password failure rate spike; generating, based on inputting the first password hash into the attack pattern analysis model, a first behavior profile corresponding to a first plurality of parameters for the first password hash; generating, using the attack pattern analysis model, a first cumulative attack score corresponding to the first password hash and based on the first behavior profile corresponding to the first plurality of parameters; comparing the first cumulative attack score to a threshold value, and in response: based on identifying that the first cumulative attack score is below the threshold value: sending a notification to an enterprise user device; or based on identifying that the first cumulative attack score meets or exceeds the threshold value: identifying the first password hash as an attacked hash; generating password complexity rules based on the attacked hash, wherein generating the password complexity rules updates a password enforcement policy preventing use of the attacked hash as a future password; and causing, based on generating the password complexity rules, storage of the password complexity rules at an attack pattern storage system; and updating the attack pattern analysis model based on the attacked hash and the cumulative attack score.
19. A method comprising: at a computing platform comprising at least one processor, a communication interface, and memory: training, based on historical password hashes, an attack pattern analysis model, wherein training the attack pattern analysis model configures the attack pattern analysis model to output, for a password hash, a behavior profile corresponding to a plurality of parameters and a cumulative attack score; monitoring network traffic of a network, wherein monitoring the network traffic of the network comprises monitoring a password failure rate; identifying, based on the monitoring of the password failure rate, a password failure rate spike; extracting, from the network traffic of the network, a first password hash associated with the password failure rate spike; generating, based on inputting the first password hash into the attack pattern analysis model, a first behavior profile corresponding to a first plurality of parameters for the first password hash; generating, using the attack pattern analysis model, a first cumulative attack score corresponding to the first password hash based on the first behavior profile corresponding to the first plurality of parameters; comparing the first cumulative attack score to a threshold value; based on identifying that the first cumulative attack score is below the threshold value: identifying the first password hash as a secure hash, and sending a notification to an enterprise user device; based on identifying that the first cumulative attack score meets or exceeds the threshold value: identifying the first password hash as an attacked hash, generating password complexity rules based on the attacked hash, wherein generating the password complexity rules updates a password enforcement policy preventing use of the attacked hash as a future password, and causing, based on generating the password complexity rules, storage of the password complexity rules at an attack pattern storage system; and refining the attack pattern analysis model based on the attacked hash and the cumulative attack score.
20. One or more non-transitory computer-readable media storing instructions that, when executed by a computing platform comprising at least one processor, a communication interface, and memory, cause the computing platform to: train, based on historical password hashes, an attack pattern analysis model, wherein training the attack pattern analysis model configures the attack pattern analysis model to output a behavior profile corresponding to a plurality of parameters and a cumulative attack score; extract, from network traffic of a network, a first password hash associated with a password failure rate spike; generate, based on inputting the first password hash into the attack pattern analysis model, a first behavior profile corresponding to a first plurality of parameters for the first password hash; generate, using the attack pattern analysis model, a first cumulative attack score corresponding to the first password hash and based on the first behavior profile corresponding to the first plurality of parameters; compare the first cumulative attack score to a threshold value, and in response: based on identifying that the first cumulative attack score is below the threshold value: send a notification to an enterprise user device; or based on identifying that the first cumulative attack score meets or exceeds the threshold value: identify the first password hash as an attacked hash; generate password complexity rules based on the attacked hash, wherein generating the password complexity rules updates a password enforcement policy preventing use of the attacked hash as a future password; and cause, based on generating the password complexity rules, storage of the password complexity rules at an attack pattern storage system; and update the attack pattern analysis model based on the attacked hash and the cumulative attack score.
20. One or more non-transitory computer-readable media storing instructions that, when executed by a computing platform comprising at least one processor, a communication interface, and memory, cause the computing platform to: train, based on historical password hashes, an attack pattern analysis model, wherein training the attack pattern analysis model configures the attack pattern analysis model to output, for a password hash, a behavior profile corresponding to a plurality of parameters and a cumulative attack score; monitor network traffic of a network, wherein monitoring the network traffic of the network comprises monitoring a password failure rate; identify, based on the monitoring of the password failure rate, a password failure rate spike; extract, from the network traffic of the network, a first password hash associated with the password failure rate spike; generate, based on inputting the first password hash into the attack pattern analysis model, a first behavior profile corresponding to a first plurality of parameters for the first password hash; generate, using the attack pattern analysis model, a first cumulative attack score corresponding to the first password hash based on the first behavior profile corresponding to the first plurality of parameters; compare the first cumulative attack score to a threshold value; based on identifying that the first cumulative attack score is below the threshold value: identify the first password hash as a secure hash, and send a notification to an enterprise user device; based on identifying that the first cumulative attack score meets or exceeds the threshold value: identify the first password hash as an attacked hash, generate password complexity rules based on the attacked hash, wherein generating the password complexity rules updates a password enforcement policy preventing use of the attacked hash as a future password, and cause, based on generating the password complexity rules, storage of the password complexity rules at an attack pattern storage system; and refine the attack pattern analysis model based on the attacked hash and the cumulative attack score
Allowable Subject Matter
Claims 1-20 are allowed over prior arts of record.
As allowable subject matter has been indicated, applicant's reply must either comply with all formal requirements or specifically traverse each requirement not complied with. See 37 CFR 1.111(b) and MPEP § 707.07(a).
Applicant’s response must address double patenting rejection.
Reasons for allowance will be furnished upon allowance.
Pertinent Prior Arts
The following prior arts made of record and not relied upon are considered pertinent to applicant's disclosure.
US 20200351299 A1; Burch et al.: Burch discloses methods and systems to respond to incorrect passwords being entered for usernames in attempts to access a computing system, each incorrect password is one-way hashed. The hashed incorrect passwords are stored within a database. High-frequency hashed incorrect passwords are determined from the stored hashed incorrect passwords. Each high-frequency hashed incorrect password corresponds to an incorrect password that was entered more than a threshold number of the attempts, regardless of the username for which the incorrect password was entered in any attempt. That the computing system is being subjected to a cyber attack is detected based on the determined high-frequency hashed incorrect passwords.
US 20170214712 A1; MAXWELL et al.: MAXWELL discloses systems and methods are disclosed for analyzing a plurality of failed login records that correspond to failed login attempts detected by a computing system, to identify suspicious patterns of activity that can facilitate the supplementation of password blacklists for improving account security. To accomplish the foregoing, failed login records that include information associated with failed login attempts are obtained for analysis. The failed login records are analyzed to identify a set of failed login records that show initial characteristics of a suspicious pattern of activity. The information included in the set of failed login records are further analyzed to determine whether a suspicious pattern of activity is actually present. When a suspicious pattern of activity is identified in the set of failed login records, the passwords used in the failed login attempts are stored in password blacklists associated with the account identifier(s) with which the passwords were used.
US 20220182397 A1; ROMERO ZAMBRANO et al.: ROMERO ZAMBRANO discloses methods and systems to detect identity spray attacks, where a machine learning model classifies account access attempts as authorized or unauthorized, based on dozens of different pieces of information (machine learning model features). Boosted tree, neural net, and other machine learning model technologies may be employed. Model training data may include user agent reputation data, IP address reputation data, device or agent or location familiarity indications, protocol identifications, aggregate values, and other data. Account credential hash sets or hash lists may serve as model inputs. Hashes may be truncated to further protect user privacy. Classifying an access attempt as unauthorized may trigger application of multifactor authentication, password change requirements, account suspension, or other security enhancements. Statistical or heuristic detections may supplement the model. However, the model may adapt to changed attacker behavior through retraining with updated data, making the model-based approach more effective over time than rigid statistical or heuristic detection approaches.
US 20180322275 A1; Li et al.: Li discloses methods, apparatus, systems and articles of manufacture to manage password security. An example apparatus includes means for invoking a provisional transmission block of a password associated with a user in response to detecting entry of the password, the password identified as new or changing and means for identifying a service category type associated with the password, the service category type associated with a threshold, the threshold determined by a security risk for the service category. The apparatus further includes means for retrieving a list of password hash values associated with previously used passwords associated with the user, means for comparing the list of password hash values to a hash of the password to determine a count of a number of times the hash value of the password matches a hash value on the list of password hash values. The apparatus further includes means for invoking a permanent block of the password when the count does not satisfy the threshold and means for releasing the provisional block of the password when the count satisfies the threshold.
US 20230082633 A1; SELETSKIY et al.: SELETSKIY discloses systems and methods for rapid password evaluation. A method may include: configuring a web application firewall (WAF) to monitor login credentials for one or more web applications; intercepting, using the WAF, a password input during a login attempt to a web application by an entity; calculating a hash value of the password input; transmitting the hash value to a dedicated server configured to: determine whether the hash value is in a database of hashes corresponding to weak passwords; and in response to determining that the hash value is in the database of hashes, transmit a message to the WAF indicating that the password input corresponds to a weak password; and generating for display, using the WAF, a web page prompting for a password reset for the web application.
US 11438378 B1; Dell'Amico: Dell'Amico discloses computer-implemented method for protecting against password attacks by concealing the use of honeywords in password files may include (i) receiving a login request comprising a candidate password for a user, (ii) authenticating the login request by determining whether a hash of a true password for the user stored in a honeyserver matches a hash of the candidate password, (iii) determining whether the candidate password has matches a hash of a honeyword stored in a password file when the true password hash fails to match the candidate password hash, (iv) classifying the password file as being potentially compromised when the candidate password hash matches the honeyword hash stored in the password file, and (v) performing a security action that protects against a password attack utilizing the potentially compromised password file. Various other methods, systems, and computer-readable media are also disclosed.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MAHABUB S AHMED whose telephone number is (571)272-0364. The examiner can normally be reached on 9AM-5PM EST M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ali Shayanfar can be reached on 571-270-1050. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/MAHABUB S AHMED/Examiner, Art Unit 2434
/TESHOME HAILU/Primary Examiner, Art Unit 2434