18426147. HARDWARE-BACKED PASSWORD SECURITY FOR CLOUD SYSTEMS (Salesforce, Inc.)
Contents
HARDWARE-BACKED PASSWORD SECURITY FOR CLOUD SYSTEMS
Organization Name
Inventor(s)
Prasad Peddada of Alameda CA (US)
HARDWARE-BACKED PASSWORD SECURITY FOR CLOUD SYSTEMS
This abstract first appeared for US patent application 18426147 titled 'HARDWARE-BACKED PASSWORD SECURITY FOR CLOUD SYSTEMS
Original Abstract Submitted
A method of data processing is described. The method includes receiving, at a server host, a login request that includes a clear text password for an account. The method further includes retrieving, from a database, a payload stored in association with the account. The payload may indicate a hash value of a user configured password for the account, a hashing algorithm used for generation of the hash value, an initialization vector, and a key agreement public key associated with the account. The payload may be encrypted using a secret key derived from the key agreement public key and a private key provisioned to a key protection component of the server host. The method further includes transmitting a request that includes the payload and the clear text password. The method further includes receiving a response that indicates whether the clear text password corresponds to the user configured password.
