This application relates to computer system security, and in particular to password protection systems in handheld computer systems.
Background: Handheld Computer Systems
As computer technology advances, computer systems are becoming at the same time both smaller and more powerful. Far from traditional calculators or simple address books, today""s handheld computers often incorporate full scale word processing, spreadsheet, and database systems. These systems typically include modified versions of the same operating systems found in portable or desktop computer systems, and are able to load and execute any number of different software applications. In addition, many companies use specialized handheld computers for everything from technical support database management to on-the-road communications, and everything in between. In short, it is becoming possible, and even common, for handheld computers to be used for all functions for which traditional desktop or portable systems had been used, but with the natural advantage of greatly increased portability and convenience.
Background: Security in Portable and Handheld Systems
One trade-off for the convenience of handheld and portable computer systems is that the systems are naturally more vulnerable to both theft and compromised data security. Many systems have been proposed for increasing the physical security of these systems, another issue is that of securing the system from unauthorized use, both in case of theft, or in case the system has simply been left unattended for a short time.
In response, many (or even most) portable and handheld computer systems now include some form of password security system. Typically, and at the very least, these systems include the option to require a password to be entered either when the system is first started, or when a user first logs on to the system. Both of these approaches have the disadvantage of leaving the system completely unprotected once the password has been entered for the first time.
Additionally, many systems now include password security systems that activate when the system enters a low-power suspend mode or when a screen saver is activated. These systems are naturally more secure, since when they are left unattended for any length of time, the password system will be activated, and the user must enter a password before the system can be used.
This approach has a significant disadvantage, however. If the system is used in an environment where it is used intermittently and set aside in the mean time, the system will tend to lock itself every time it is not being actively used. While this does in fact increase security, it will slow down the user by requiring him to enter a password every time he needs to use the system. Because of this, the user is much more likely to simply deactivate the password security system rather than have to enter a password each time. Therefore, conventional systems generally force the user to make a difficult choice between convenience and security.
Innovative Computer Security System
This application discloses an innovative security system in which the need to xe2x80x9cunlockxe2x80x9d the system is eliminated if the system is awakened within a predetermined duration from its last use. In the preferred embodiment, when the user xe2x80x9clogs ontoxe2x80x9d a system by activating it and entering his password, the time of login, plus a predetermined delay, is stored in nonvolatile memory. Thereafter, if the system is placed (or places itself) into a low-power mode, no password will be required to log onto the system if the logon is made before the time stored in nonvolatile memory. If the logon is attempted after this time, the user must go through the entire authorization procedure.