Modification [0001] Field of the Invention

[0002] The present invention relates to two-factor authentication. In particular, the invention relates to a method for two factor authentication using a passcode modification known only to an authorized user.

[0003] Background of the Invention

[0004] Computer security continues to be of vital concern to society and users. A fundamental aspect of authorized access to a computer system where sensitive or valuable information may be stored is user authentication, which involves a user challenge to gain access. Various schemes are in use as user challenge, a universally applied approach is to rely on a username and password. More sophisticated methods may rely on a three part challenge, involving: [0005] 1) What the user has (i.e. username and/or email for login (with secret password) , device information or location information such as device/MAC (media access controller) address host IP (internet protocol) address, device hostname, and/or geographical location) . [0006] 2) What the user knows (i.e. a secret

password), answers to security questions (favorite vacation location, pet names, etc.) . [0007] 3) What the user is (i.e. iris scan,

fingerprint, biometric information) . [0008] User authentication by use of enhanced

challenges beyond entry of a username/password for these schemes involves a three-way tradeoff between convenience, security, and cost. [0009] A weakness exists in current computer security systems, particularly internet websites, where a browser "remembers" user passwords as a convenience to the user. The intended design objective of the original internet browsers was to isolate "what the user has" (the user's computer with a web browser) from "what the user knows" (a password which the user has remembered) . [0010] Two-factor authentication is a scheme whereby a user registers a mobile phone number to the user account on a website, and a temporary use 5 or 6 digit code is sent to the user's mobile phone, where the code is valid for a limited duration of time. This greatly improves security, as it involves a second device (a phone) from the first device (the computer having the web browser) . [0011] Secured internet sites require increasingly complex passwords to reduce the likelihood of a successful brute force attack where random or known compromised username and password combinations are tried against a list of web host computers. There are many such types of attacks, one is known as a "dictionary attack", where a dictionary of commonly used passwords are tried in

combination with a known username or email address (when used as part of a login) , or combinations of username and password from successful compromises of the security of other systems are presented using an automated script operative on a compromised host (known as a "bot"), which, after gaining access to a targeted computer's password MD5 hash file containing usernames and password hashes, utilizes a dictionary lookup of hash to password to gain access to user accounts on this or other computers. Such attacks may be mediated by "salting" the hash through the addition of additional pre-hash characters not known to an attacker, which results in a hash which is protected from reverse dictionary attacks to gain the original password which generated the stored hash. An infected computer may next attack other hosts exposed to the internet, or those inside a company intranet. In response, and to greatly increase the number of brute force guesses required, passwords for computer systems which find themselves under password attack are typically required to be at least 8 characters long, requiring one or more punctuation

characters, numbers, a mixture of upper and lower case letters, and the entire password must be changed

periodically with the reuse of any previously used password prohibited. This creates a new problem for users where passwords are forgotten, or transposed between sites, and legitimate users are locked out of their own transactions because the systems have either a timeout or lockout mechanism, where a certain number of failed login attempts results in denial of access to the system. To overcome this problem, web browsers such as Firefox, Mozilla,

Chrome, Navigator and others have a feature where they remember and auto-fill username and password on a per-site basis. This may be helpful to the user, but fully

eliminates the security of a complex password, thereby placing the user at risk to potential identity theft, as the barrier to illicit web login is now reduced to the mere possession of the user's computer in an unlocked state. [0012] Two factor authentication adds a layer of security by messaging a passcode to the user, typically via cell phone text or call to the account holder's registered phone number. This added security measure now requires the user be possessed of the user's computer as well as the user's mobile phone where the two factor authentication value will typically be sent. However, the increased power of mobile phones has led to the migration of web

transactions from personal computers to mobile phones, thereby diminishing the two-factor authentication layer of security, as a prospective thief in unauthorized possession of a mobile phone with a web browser which autofills username and password will be also receiving the two-factor authentication passcode via voice or text message to that same mobile number, thereby defeating the original design intent of two factor authentication that the prospective thief be possessed of two unrelated devices (a computer and a mobile phone) belonging to the rightful user. [0013] In another prior art method, a separate "key" may be provided, such as a single-use polynomial generator which is synchronized with time, using either a USB plug or a handheld device (adding "something the user has"

protection) . Unfortunately, loss of this extra hardware also denies access. [0014] For these reasons, an improved method of computer security is desired which does not require

additional hardware or devices.

[0015] Objects of the Invention [0016] A first object of the invention is a method for selection and registration of a two-part authentication modification of a passcode, the method having a login step using at least a username and password followed by a step of selection of a passcode (x) modification f (x) , either by user input or by selection from an list of possible

passcode modifications such as permutation, addition, subtraction, repeated digits, or other modification, a step of sending a test passcode x _s to the user, a step of receiving a modified test passcode x _r from the user, a step of extracting the unmodified test passcode by performing a reverse modification f (x _r ) , a step of comparing the reverse modified received test passcode f ' (x _r ) with the sent test passcode x _s , and authenticating the user if f ' (x _r ) matches the sent test passcode x _s .

[0017] A second object of the invention is a method for two-part authentication, the method having a login step where a username and login password are compared with a password associated with the username, such as from a database table having entries including a username and associated secret password for a particular username, followed by a step of the user selecting a passcode

modification indicated by f ( . ) , where f ( . ) is the

modification function operating on the passcode parameter in parenthesis, the modification function determined either by user input or by selection from a list of passcode modifications such as digit permutation, addition or subtraction by a fixed per-digit value or variable per- digit value, truncated or repeated digits, or other

symmetric or asymmetric modification for which a passcode x _s can be formed into a modified passcode f (x _s ) and modified back to the original passcode x _s using an inverse function f' (-) such that f' (f(Xs) ) = Xs, the process having a step of sending a passcode x _s to the user, a step of receiving a modified passcode x _r from the user, a step of performing a reverse modification f (x _r ) , a step of comparing the

received modified passcode f ' (x _r ) with the sent passcode x _s , and validating the user modification if the unmodified passcode matches the sent passcode.

[0018] A third object of the invention is a method for two-part authentication where a user selects a non- symmetric modification f ( . ) , the authentication method sending a passcode x _s , thereafter receiving a modified code x _r user response and comparing the received modified code x _r with f (x _s ) , authenticating a user if x _r matches f (x _s ) , and rejecting the authentication if not.

[0019] A fourth object of the invention is a method for two-part authentication where a user selects a

symmetric modification f ( . ) having a reverse modification f' (-) such that f' (f(x))=x for any x, the authentication method sending a passcode x _s , thereafter receiving a modified passcode x _r , and comparing the sent passcode x _s with f ' (x _r ) and authenticating the user if they match, and rejecting the authentication if they do not match.

[0020] Summary of the Invention

[0021] In one example of the invention, a controller is operative on a method for initial selection of a two- factor authentication modifier, the method having a step of user login, such as by username and password, a step of passcode modification f ( . ) selection, such as by

presentation of alternative methods such as permutation, addition or subtraction from one or more digits, or digit replication or substitution, and associating the test modification with the user, followed by testing the user's application of the modification. The test may consist of sending a random test passcode x _s such as five or six numerical digits to the phone or computer previously registered to the username of a requester, receiving a modified test passcode response x _r from the user, performing the reverse modification f ' (x _r ) associated with the username for the received modified passcode, comparing the reverse modified user response f ' (x _r ) to the originally sent test passcode x _s , authenticating the user if they match.

[0022] In another example of the invention for

authentication of a user, a controller is operative on an authentication method where a user provides a unique username and password, and subsequently also provides a contact number for a message receiving device such as the user's mobile phone, the contact number is then associated with the unique username and also associated with a

passcode modification previously selected by the user. The method next sends a randomly selected test passcode x _s to the message receiving device associated with the username, the user timely replies with response x _r which should carry the user selected modification f (x _r ) , and upon receipt of a user response, which the user has modified according to a previously selected f (x) , the user response is reverse modified (f (x _r ) ) according to the modification associated with the username, and the reverse modified user response f ' (x _r ) is compared with the originally sent passcode x _s , the system providing authentication if f ' (x _r ) matches x _s , and denying authentication if not.

[0023] Brief Description of the Drawings

[0024] Figure 1 shows a flowchart for setup of a two- factor authentication modifier. [0025] Figure 2 shows a flowchart for authentication using the two-factor authentication modifier

[0026] Detailed Description of the Invention [0027] Figure 1 shows a flowchart operative on a controller for performing selection of a two-factor

authentication modification. The process starts at 102, where a login 104 is performed, such as by a previously selected unique username and a secret login password, using any known prior art method. Successful login results in the registration 105 of a phone number to be associated with the username, which may be a mobile phone number or other device for receiving a text or voice message. In step 108, the user selects a particular passcode modification, which may be a permutation of digits, an offset of digits by a positive or negative number, or other modifier which is remembered by the user. To illustrate by way of simple examples, the user may manipulate digit order without changing digit values, such that the permutation method selected and registered by the user changes passcode x _s =123456 into x _r =654321 for a full reversal example of passcode modification function f (x) , or alternatively a canonical repeated digit reversal is selected such that passcode 123456 becomes 321654 for f (x) , or alternatively x _s =123456 is interleaved into x _r =135246 for a splined

(grouping odd and even digits) modification (where for x =[Xl, X2, X3, X4, X5, Χβ] , f (X) = [Xl, X4, X2, X5, X3, Χβ] , ΟΓ any other operation which is simple to perform on a short string of digits. Since the passcode is typically a short string of numerical digits (compared to the typically much more complex password which includes alpha-numeric and punctuation characters, but which may be stored in the browser) , the passcode modification provides much greater security for a mobile phone user in user authentication, as the passcode modification is stored in no other location than the registered user's memory. Examples of digit offset for +1 or -1 offsets, respectively, would result in the passcode 123456 transformed into 012345 or 234567, respectively, and a simple scheme of rolling digits over on a mod 10 basis with absolute value for addition or

subtraction may be performed, for example by adding and subtracting 2 on alternating digits, mod 10 (without carryover or sign) . In that example, the passcode 789012 would become 961830 (addition of [+2, -2, +2, -2, +2, -2]), mod 10 (without carryover or negative passcode digits) . Many simple modifiers may be applied which would provide greatly increased security, since an unauthorized user would not be aided by any information provided by the browser or user, and the passcode would have limited time validity and limited number of login attempts. [0028] After the selection of modifier in step 108 and registration of a mobile phone or messaging device in step 105, a random user passcode 110 may be generated and sent to the user's messaging device. The random passcode may be selected from a subset of random passcodes which are easy to recall, such as a random passcode restricted to a smaller set of digits, such as from the set {0,1,2,3,4} or from a pool of passcodes where each digit is taken from a subset of digits such as {0,2,4,6,8}, if desired. The user, upon receipt of the random passcode that was sent x _s , performs the modification f ( . ) of the passcode according to the method previously selected (such as by permuting digits, or whatever method was remembered from the

selection in 108), and the system receives the user

response passcode x _r in step 112, performs the reverse transformation f ' (x _r ) in step 114, and compares the reverse transformation f ' (x _r ) of the received user passcode with the sent passcode x _s in step 116. If the reverse modified received user passcode f ' (x _r ) matches the sent passcode x _s , the modification is validated for future use, and the user is optionally sent a message which confirms completion of the registration. When the passcode is sent after

verification, the passcode may be accompanied by a generic reminder to modify the passcode (implicitly reminding the user to modify the passcode before sending it back, or the reminder may be sent if the system detects that an

unmodified passcode has been received, rather than a modified passcode. [0029] Figure 2 shows a flowchart for a two-factor authentication method operative on a controller. Entry point 202 results in a prior art login step such as by username, password, host IP or cookie, or other device- specific and user-specific information which is part of the login procedure. Successful login results in a lookup by username or other unique identifier of an associated

reverse modification for the user, the reverse passcode modification f ' (x) operation being the singular symmetrical inverse operation f (x) which the user had selected in step 108 of figure 1 during registration. In step 210, a random passcode x _s is sent to the registered device, such as a 5 or 6 digit numerical code, and the process waits for a reply x _r (from the user) during a valid response window of time (not shown) at step 212. Upon receipt within the valid response window of time, a reverse modification f ' (x _r ) is performed on the received user response x _r using the method associated with the username from step 208, and in step 216, the reverse modification of received user passcode is compared with the sent passcode. If f ' (x _r ) matches x _s , the method fully qualifies the user 218, and if it does not, the user gets a number of retries limited by the error counter of step 220, which is compared to a max error count n in step 222. Failure to successfully authenticate after n attempts or over a specified interval of time (not shown) results in a reset back to step 204, or alternatively, a new passcode is sent 210 and the cycle repeats until successful 218 or failure 204 at step 222. [0030] With respect to the passcode modification function f(.) the user selects, where passcode x _s is sent and the user returns modified passcode x _r , the

authentication may rely on f (·) when the function f (.) is symmetric (such as digit swapping, digit addition or subtraction, etc.) . Certain other types of passcode modification are not symmetric. For example, for digit replication, and in the particular case where each digit is replicated twice in sequence but maintaining the number of digits, the code 123456 may become 112233 in one

illustrative example, from which it is not possible to determine f (.), since information is missing from x _r because of truncation. For this case, the method may associate f (.) with the username rather than f (.), and compare f (x _s ) to x _r , authenticating when they match and denying authentication otherwise. In another variation of modification, extra digits are prepended or appended as padding to x _s when forming x _r and these extra digits are ignored upon receipt, optionally with or without other modification as previously described. [0031] Types of modification associated with a

particular user may include one or more of the following modifications: [0032] a) Digit offset, the addition or subtraction of a value to one or more digits on a per-digit basis or on a per-group basis to the passcode x _s sent to the user to form passcode x _r of the user response. For an example 6 digit numeric code x=[xi, X2, X3, X4, xs, Χβ] , and the case of a +n offset to each digit, f (x) = [xi+n, X2+n, X3+n, X4+n, xs+n, X6+n] , and f (x) = [xi-n, X2~n, X3~n, X4~n, xs~n, χε-η] , where each addition x±+n or x±-n is a mod 10 operation. [0033] b) Digit transposition, the substitution of position of digit placement from one location of x _s to form x _r . For an example 6 digit numeric code x=[xi, X2, X3, X , xs, χε] , and a simple transposition of each digit pair, f (x) =[X2, Xi, X4, X3, X6, Xs] . [0034] c) Digit multiplication, the multiplication of each digit by a number known to the user in a particular pattern and applied to x _s to form x _r . For multiplication by n, if x=[xi, X2, X3, X4, xs, Χβ] , f (x) = [xi*n, X2*n, x ₃ *n, X4*n, X5*n, X6*n] , where each x±*n is taken as a mod 10 value (truncating to an integer value) . [0035] d) Digit replication, the insertion of additional digits to x _s to form x _r . For example, for the six digit code x=[xi, X2, X3, X , xs, Χβ] , and replication of the first three digits only, f (x) = [xi, xi, X2, X2, X3, X3] · This is an example of a unidirectional transform, as it is not possible to fully derive x from f (x) . [0036] e) Digit truncation, the removal of digits to x _s to form x _r . For example, for the six digit code x=[xi, X2, X3, X , xs, Χβ] using the first four digits only, f (x) = [xi, X2, X3, X4] . [0037] f) Digit shifting, for example a right barrel shift by one digit for x=[xi, X2, X3, X , xs, χε] would result in f (x) = [X6, xi, X2, X3, X4, X5] . [0038] g) combinations of the above exemplar

operations, performed in a particular order known to the user and maintained in the database associated with the user. [0039] h) temporally varying the modification such as performing a different operation based on date or day

(shifting one digit right for 7AM and two digits left for PM, for example) . [0040] In one example of the invention, the

authentication method is operative on a web server, where registration of a user creates a database entry having a username associated with a password, messaging contact, and either passcode modification f ( . ) , or inverse passcode modification f (.) . The method may be operative such that the selection of passcode modification or inverse passcode modification is provided via a web interface. In another example of the invention, where a user has registered a username, password, messaging contact, and passcode

modification, the user first provides a username and password, the web interface prompts for the modified passcode, where a random passcode x is sent to the

registered messaging device, and the recipient modifies the random passcode from the phone and enters it as f ' (x) into the web interface, which f (x) using x which was sent to the received modified passcode, which completes the

authentication. [0041] The particular examples given are for

understanding the invention rather than limiting the scope to the examples given. The invention may be practiced many different ways and in different combinations of passcode modifications, as described in the claims which follow.