1. Field of the Invention
Embodiments of the present invention generally relate to a computer security system and, more particularly, to a method and apparatus for preventing accidental disclosure of confidential information via visual representation objects.
2. Description of the Related Art
Often, when presented with a visual representation object, such as a computer window, a user accidently inputs confidential or sensitive information, such as passwords, social security numbers, bank accounts and the like. For example, the user accidently inputs passwords in a user name field. Such an accidental disclosure of important confidential information (e.g., passwords) presents a security risk for the user. The confidential information is open to public view and can be easily compromised.
As another example, an Instant Message application changes the input focus when a new message arrives while the user is in the middle of accessing a bank account online. Consequently, the user accidently types in a password for the bank account on the instant message window instead of an online form for accessing the back account. If the user does not catch such a mistake before the password is communicated, the bank account is at risk for theft. Malicious software programs that are responsible for input focus stealing also cause the accidental confidential information disclosure.
Generally, controls (i.e., MICROSOFT WINDOWS controls) are visual representation components (i.e., software code) that are defined in a user interface implementation and generated (e.g., instantiated) by the operating system for interacting with the user. Such controls comprise information regarding a format and a layout of a graphical object presented on the computer display. For example, a control may define a visual style for an edit box that receives a password as input from the user. Currently, solutions for preventing and/or remediating disclosure of the confidential information, such as password controls, obscure the inputted data from the public view. For example, the password controls obscure the text and present the computer user with a character string having one or more of a single character. Unfortunately, these solutions do not prevent the confidential information from being accidentally disclosed through other visual representation where the input data is not obscured.
Therefore, there is a need in the art for a method and apparatus for preventing accidental disclosure of confidential information via computer windows.