| CPC H04L 9/0863 (2013.01) [G06F 21/45 (2013.01); H04L 9/008 (2013.01)] | 17 Claims |
|
1. A system, comprising:
one or more hardware processors with associated memory that implement a password requirement conformity check, wherein the one or more hardware processors are configured to:
during a password reset process, receive a proposed password;
perform a homomorphic encryption operation on the proposed password to generate a first character string, wherein the homomorphic encryption operation when performed on two given strings produces two encrypted strings that preserve an edit distance between the two given strings;
compare the first character string to a previous character string generated by the homomorphic encryption operation on a previous password to determine the edit distance between the first character string and the previous character string as a password similarity metric between the proposed password and the previous password;
determine whether the password similarity metric satisfies at least a distance threshold;
responsive to determining that the password similarity metric does not satisfy the distance threshold, reject the proposed password and prompt to receive an alternative proposed password during the password reset process;
perform the homomorphic encryption operation on the alternative proposed password to generate a second character string;
compare the second character string to the previous character string associated with the previous password to determine a second password similarity metric; and
determine whether the second password similarity metric satisfies at least the distance threshold.
|