	US 11,792,158 B2
	Service protecting privacy while monitoring password and username usage
Brian James Buck, Livermore, CA (US); Stephen Lind, El Cerrito, CA (US); and Brian Sullivan, Jamaica Plain, MA (US)
Assigned to Lookout, Inc., Boston, MA (US)
Filed by Lookout, Inc., San Francisco, CA (US)
Filed on Jan. 20, 2023, as Appl. No. 18/157,629.
Application 18/157,629 is a continuation of application No. 17/694,533, filed on Mar. 14, 2022, granted, now 11,570,144.
Application 17/694,533 is a continuation of application No. 16/894,537, filed on Jun. 5, 2020, granted, now 11,277,373, issued on Mar. 15, 2022.
Claims priority of provisional application 62/878,283, filed on Jul. 24, 2019.
Prior Publication US 2023/0164112 A1, May 25, 2023
Int. Cl. H04L 61/4511 (2022.01); H04L 61/5007 (2022.01); H04L 9/40 (2022.01)

CPC H04L 61/4511 (2022.05) [H04L 61/5007 (2022.05); H04L 63/0407 (2013.01); H04L 63/0428 (2013.01); H04L 63/10 (2013.01)]

20 Claims

1. A method comprising:

creating, by a security component, a first hash of a user name associated with a user account, a second hash of a password associated with the user name and a host name;

receiving, by a service, the first hash, the second hash, and the host name;

accessing, by the service, a database containing host names and associated username hashes and password hashes associated with the username hashes;

comparing, by the service, the second hash to password hashes of the database; and

notifying, by the service, the security component that the password is allowable for use by the user account for accessing the host:

when the comparison does not result in matching the second hash to a password hash in the database; or

when the comparison results in matching the second hash to at least one password hash in the database, and the first hash is compared, by the service, to all username hashes associated with the at least one matching password hash, and the first hash does not match any of the username hashes associated with the at least one matching password hash.