Methods, apparatus, and systems are provided to secure access to an account of a user. The account may have a system administrator. The user may have a credential for accessing the secure data on the account. The methods, apparatus, and systems involve setting a universal reset credential associated with the account, denying the system administrator of the account permission to change the first credential of the access feature, and permitting the system administrator to reset the access feature from the first credential to the universal reset credential.

A system and method for provides unverified users an ability to act upon private records known to them while protecting user privacy by not reflecting private information back to the unverified user. As an unverified user inputs information related to their identity into an interface, the system searches an indexed database which may include both registered users and/or unregistered customers indexed from a single data source or from disparate data sources.

A messaging system may include a notification module that generates a cryptic notification of one or more messages available to a first user account from one or more second user accounts. The system may receive user notification preference settings for the first user account via a user interface of an electronic user communication device that predefines the cryptic notification to be generated by the notification module for display by the user communication device when a message is available. The cryptic notification may be cloaked as an event or operation unrelated to notification of an available message.

A computer implemented method is used for changing a password in a multi-domain environment. The method includes obtaining a private key and a public key from a security card at a user device in a user domain, transferring the public key to a controller in a secure domain, requesting a password change, receiving a public key encrypted new password from the secure domain, and decrypting the new password using the private key.

In a storage system that includes a plurality of NVMe SSDs, data protection may be carried out by: for each of the plurality of NVMe SSDs, encrypting a device key using a master secret, wherein the device key, when not encrypted, is used to encrypt and decrypt data in one or more namespaces on the NVMe SSD; generating a plurality of shares from the master secret; and storing a separate share of the plurality of shares in a namespace prohibited from encryption on each NVMe SSD.

Some embodiments of the invention provide a program for recovering access to a service associated with an account. The program provides a login credential to log into the account to receive the associated service. Next, the program receives an access continuation parameter (ACP) after logging into the account. The program then accesses the service and receives a rejection of a subsequent access to the service. The program then provides the ACP in lieu of the login credential to continue to receive the service.

An electronic device and method are disclosed herein. The electronic device includes a biometric sensor and at least one processor. The processor implements the method, including receiving biometric information through a biometric sensor electrically coupled with the electronic device, when the received biometric information is authenticated, detecting by a processor at least one content that correlates with the received biometric information, and outputting the detected at least one content that correlates with the biometric information.

A method for managing account data and handling account recovery requests are disclosed. The method comprises a multi-level identity verification process, including a first level where a specific computing device requesting recovery of an electronic account is requested to identify a trusted contact for the electronic account and a second level where the specific computing device is requested to provide a dynamically generated security code that has been communicated to a trusted contact identified by the specific computing device.

Account recovery control systems and methods are provided to support a self-service account recovery process for registered users of an information system. Account recovery protocols implement a secret sharing scheme between trusted referees and registered users of the information system to enable a registered user to regain access to the user's registered account when one or more authentication factors of the registered user are lost (e.g., forgotten, misplaced, damaged, stolen, etc.).

Methods, apparatus, and systems are provided to secure access to an account of a user. The account may have a system administrator. The user may have a credential for accessing the secure data on the account. The methods, apparatus, and systems involve setting a universal reset credential associated with the account, denying the system administrator of the account permission to change the first credential of the access feature, and permitting the system administrator to reset the access feature from the first credential to the universal reset credential.