| CPC H04L 63/083 (2013.01) [H04L 63/102 (2013.01)] | 12 Claims |
|
1. A method for a password to be authenticated against a stored password, the method comprising:
using one or more hardware processors:
identifying a first set of characters corresponding to the stored password;
receiving a second set of characters to be authenticated during an authentication attempt, wherein the received second set of characters to be authenticated include more characters than the first set of characters corresponding to the stored password;
determining a spread of respective positions of the second subset of noise characters within the second set of characters; and
causing access to be granted to an access controlled resource based upon;
determining that the spread of the respective positions of characters of the second subset of noise characters is non-uniform and random within the second set of characters; and
determining that the second set of characters includes:
a first subset of password characters that match the first set of characters corresponding to the stored password and in a same order; and
a second subset of noise characters that are not specified for the authentication attempt and are distributed at locations within the first subset of password characters, wherein the distribution of the locations of the second subset of noise characters within the first subset of password characters is not specified for the authentication attempt,
wherein determining the spread of the respective positions of the second subset of noise characters within the second set of characters includes determining a measure of spread of the respective positions of the second subset of noise characters, including determining a greatest distance between respective positions of subsequent ones of the second subset of noise characters within the second set of characters,
wherein causing access to be granted to the access controlled resource includes further based upon determining that the greatest distance between respective positions of subsequent ones of the second subset of noise characters within the second set of characters is less than a threshold,
wherein determining that the second set of characters includes the first subset of password characters comprises matching a plurality of vectors comprising permutations of the received second set of characters against the first set of characters, wherein the plurality of vectors are of length m that corresponds to the number of characters of stored password,
wherein matching the plurality of vectors comprising permutations of the received second set of characters against the first set of characters comprises comparing a distance derived from a distance function to a threshold.
|