A user authentication information management method receives a meta-password from a user. A repository (34) lists network addresses (36) and associated handles (38), each handle having an associated encoded password. An authentication response from the user is intercepted. A modified authentication response is generated by identifying a network address to which the response is directed (208), searching for the identified network address (210) in the repository (34), identifying a handle (212) corresponding to the address based on the searching (210), decoding the password associated with the handle using the meta-password as a decoding key (214), and substituting the decoded password for the meta-password in the authentication response (216). The method also generates pseudo-random passwords (124) consistent with password rules (128). The repository (34) can reside on a client device (14), a proxy server, a local area network, or a security server having an Internet protocol (IP) address. The repository (34) can also be disposed at a database service.
An improved method and system of generating passwords wherein Internet search engines are provided a random query and the search results are used to generate a mnemonic password. The password is memorable, yet non-user generated, and the use of search engines allows for a very large set of potential results. The password is more secure than most conventional passwords because it is memorable and not likely to be written down and because it is random. A large set of potential results ensures that the password is unlikely to be determined by a third party. The present method can be used with any device that has access to the Internet. The system can be customized to limit results to a specific language, filter offensive content, and incorporate encryption to limit eavesdropping.
Security systems for protecting assets are described, including password-based security systems that can provide different levels of access responsive to entry of a primary or secondary password. In some versions, user-configurable security rules can provide customized responses to entry of primary or secondary passwords, including feigned or limited access, security alerts, etc. Passwords comprising overt and covert components can be used to provide enhanced security and improved user control over system response. Improved security systems involving transactions between multiple parties are also considered, with options for user-customized security rules including primary and secondary passwords, and reverse challenge and response methods. Systems for Limited Use Credentials are also disclosed to reduce the risk of identity theft.
