| CPC H04L 9/0863 (2013.01) [H04L 9/0872 (2013.01); H04L 9/0894 (2013.01)] | 9 Claims |
|
1. A cross-referencing device for improving password based authentication in a computer system, the cross-referencing device comprising:
a built-in clock;
a memory;
a central processing unit (CPU) that is communicatively coupled to the built-in clock and the memory, wherein the CPU is configured to:
determine a current time based on the built-in clock,
generate a plurality of time-synchronized first cross-referencing one-time passwords that are each generated based on a predetermined time relationship with the current time and a respective offset from the current time, wherein the plurality of time-synchronized first cross-referencing one-time passwords include a first cross-referencing one-time password for the current time and contains N+1 time-synchronized first cross-referencing one-time passwords,
write the plurality of time-synchronized first cross-referencing one-time passwords to the memory,
determine that an authentication is successful when an authentication target one-time password received in a first authentication request matches with any of the plurality of time-synchronized first cross-referencing one-time passwords in the memory, wherein the first authentication request corresponds to a time that is different than the current time,
in response to the authentication being successful, store the current time as an authentication success time,
prohibit the built-in clock from being set to a time earlier than the authentication success time, and
permit the built-in clock to be set to a time that is later than the authentication success time.
|