| CPC H04L 9/3228 (2013.01) [H04L 63/0815 (2013.01); H04L 63/0853 (2013.01)] | 14 Claims |
|
1. A computer network-accessible identity and authentication service (IAS) for authenticating a user for a third party, the computer-implemented IAS comprising:
a code generation component configured to generate one or more user codes for an enrolling user of the IAS, wherein a first user code of the one or more user codes being a unique identifier to the IAS for the user, and each of the one or more user codes are unique identifiers associated with the enrolling user;
an enrollment component that enrolls the enrolling user with the IAS, wherein the enrollment component:
generates one or more user codes for an enrolling user via the code generation component; and
obtains username and password credentials from the enrolling user and maintains the obtained username and password credentials in association with the one or more user codes for the enrolling user; and
provides the one or more user codes of the enrolling user to a one-time code program (OTCP) executing on a computing device associated with the enrolling user; and
an authentication component, wherein the authentication component:
receives a request over a computer network from a third-party service for authentication of a requesting user, wherein the request includes encoded data for identifying and authenticating the requesting user, and wherein the encoded data does not include a username or password;
extracts at least a first user code from the encoded data;
determines login credentials of the requesting user as associated with the at least a first user code;
determines whether the requesting user is authorized to access restricted content of the third-party service according to the login credentials of the requesting user as associated with the at least a first user code; and
returns a validity indication to the third-party service based on the determination of whether the requesting user is authorized to access restricted content of the third party.
|