The present invention relates to systems for storing and typing/entering multiple passwords, and in particular, to a system for storing passwords on a device external to a computer.
Many different computer applications require a password from the user. In order for the password to be effective, it is preferable to use a different password for each application in the event that one of the passwords is compromised. This can require a user to remember a significant number of passwords, or to write them down, which is often done in a non-secure location.
One solution for this problem is shown in U.S. Pat. No. 6,182,229. A database of encrypted passwords is maintained on the computer, and the user only needs to remember a single master password. The user then only needs to enter the master password to access different websites at different addresses, as indicated by the Universal Resource Locator (URL). An example of a master code for passwords is shown in U.S. Pat. No. 6,253,328. An example of multiple password management is shown in U.S. Pat. No. 6,243,816.
In other systems, access to the computer itself may require a password, and alternately may require a password or other data stored on a smart card or token. Examples of such systems are shown in U.S. Pat. No. 6,434,700 and U.S. Pat. No. 6,389,542. An example of a system requiring a smart card in order to access the site of an Internet Service Provider (ISP) is shown in U.S. Pat. No. 6,385,729.
In addition to smart cards, other types of tokens that can be used with a computer include small storage devices, such as flash memory, secure digital cards (SD cards), etc. Secure data storage on removable media is shown for memory cards in a number of applications, such as in U.S. Pat. No. 6,587,949 for securing digital camera data. With the adoption of the standard for the universal serial bus (USB), data storage devices which plug into a USB port have been developed using flash memory, such as USB flash drives. The data can then be carried from one computer to another on the flash drive, which acts in a similar manner to a standard hard disk or floppy disk.
Humetrix Pat. No. 5,995,965 shows a system for accessing medical records over the Internet. A smart card is used to access the Internet through a smart card reader and computer. The smart card can store the user's ID and access data. The website (not the patent) of Humetrix further describes a product with a smart card that performs additional functions, such as automatic capture of selected URLs, user names and passwords; automated dial-up and connection to the Internet, regardless of ISP/connection; direct, secure login to selected websites and/or online accounts; and a form fill function, for completion of online forms. It also describes security through PIN protection or a biometric authentication application, such as a fingerprint reader. The product is indicated as being usable on a smart card, memory stick, or secure digital (SD) card. A smart card reader is required to use the product.