18426119. HARDWARE-BACKED PASSWORD SECURITY FOR CLOUD SYSTEMS (Salesforce, Inc.)
Contents
HARDWARE-BACKED PASSWORD SECURITY FOR CLOUD SYSTEMS
Organization Name
Inventor(s)
Prasad Peddada of Alameda CA (US)
HARDWARE-BACKED PASSWORD SECURITY FOR CLOUD SYSTEMS
This abstract first appeared for US patent application 18426119 titled 'HARDWARE-BACKED PASSWORD SECURITY FOR CLOUD SYSTEMS
Original Abstract Submitted
Methods, systems, and devices for data processing are described. A server host may receive a login request that includes a clear text password for an account associated with a tenant of a multi-tenant cloud platform. The server host may retrieve an encrypted payload associated with the account. The encrypted payload may include a hash value of a user-configured password for the account and an indication of a hashing algorithm used to transform the user-configured password into the hash value. The server host may obtain a wrapped symmetric key provisioned by a symmetric key distribution service. The server host may transmit a request that includes the encrypted payload, the clear text password, and the wrapped symmetric key. The server host may receive a response that indicates whether a hash value of the clear text password from the login request corresponds to the hash value of the user-configured password.
