This invention relates to security devices for computer access, and more particularly to a pocket-sized device for generating an encoded password or code for entry into a computer system before access is allowed.
Computer systems of the network or distributed type, or systems having a number of terminals for access, usually require a user to enter some type of password before access is permitted. The user ordinarily first enters a UserName, which in some cases is associated with a particular station, then must enter a password associated with that UserName. The computer system compares the two with its internal store of authorized users to grant or deny access. While this type of protocol is widely used, and provides a good measure of protection, there are many instances of compromise due to various ways of mismanaging the passwords; users often write them in easily-found locations, or choose obvious combinations so they are easily remembered. Passwords can be extracted from the stream of data on a line in a network or distributed system, or can be detected by a committed observer of the keystrokes made by the user. For this reason, various additional security steps have been imposed, such as requiring possession of a device, such as a key or machine-readable card, for example. Even this method can also be compromised by theft of the device combined with discovery of the password of a user. In addition, the hardware which must be appended to the computer terminal to implement the key or card reader is a burden in most environments.
One approach to computer security which adds a measure of protection beyond that provided by a password is disclosed in U.S. Pat. No. 4,720,860, assigned to Security Dynamics Technologies, Inc., (also commercially available as the so-called ACM/5100 Access Control Module). The patent discloses a hand-held, pocket-sized, credit-card-like device for generating a time-related, non-predictable code which is displayed by an LCD display and entered into a computer terminal by a user, along with a secret code such as a password remembered by the user. The time-related, non-predictable code is also calculated by the computer system, so the entered data can be compared to grant or deny access. The advantage of the system of U.S. Pat. No. 4,720,860 is that even if an unauthorized user gets possession of the device, he cannot obtain access to the computer system without the user's password. Or, if he obtains the password and the code entered at a given time, this will be useless at a later time when he attempts to gain access, because the code to be generated by the device will have changed by this time. Also, no additional hardware must be affixed to the computer terminal to implement this security system; the pocket-sized device is free-standing and need not be physically connected to the system. Nevertheless, this type of system can still be compromised by theft of the hand-held device coupled with ferreting the password for a given user, as by detecting the data stream on the computer interconnect channels. That is, the password is entered as plaintext rather than being encrypted. The password could be encrypted by providing a keyboard in the hand-held device so the password can be entered by the user and an encrypting algorithm implemented, producing a code for entering at a terminal along with the time-related non-predictable code. The disadvantages of such an approach using a keyboard include that of requiring a larger device for a user to carry in his pocket, and that of exposing more of the encrypting mechanism to reverse engineering based upon a stolen hand-held device.
It is therefore proposed to provide a computer security device and method in which both an encrypted password and an encrypted time-related code are required for access to a computer system, wherein the information is generated employing a small, easily carried, simple and inexpensive device.