A password management service provides automated password management. In one embodiment, a method for automating password changes begins in response to a determination that automated password changes are authorized. In response, a data mining session is initiated. Within the data mining session, a set of third party applications or sites are identified. Then, and responsive to receipt of a password reset flow authorization, a password reset flow to one or more of the third party applications or sites is initiated by the service. Thereafter, and still within the data mining session, and for each of the one or more third party applications or sites, a determination is made whether a password reset confirmation link has been received by the service. In response to a determination that a password reset confirmation link has been received for a given third party application or site, the service uses the password reset confirmation link to perform an automated password reset and thereby obtain a new user password for the application or site.

According to examples, an apparatus may include a processor and a computer readable medium on which is stored machine readable instructions that may cause the processor to receive a first authentication type and a second authentication type for access to an account, in which a permitted set of authentication types is to secure access to the account and the first and the second authentication types being respectively assigned a first and a second strength. The processor may determine whether the first and second authentication types meet a predefined grouping of permitted authentication types based on the first and second strengths and based on the first and second authentication types failing to meet the predefined grouping of permitted authentication types, may prevent the first and second authentication types from being set as the permitted set of authentication types for the account.

An electronic device is provided. The electronic device includes a display, and a processor configured to generate at least one hierarchy deterministic path, obtain at least one public key using a root seed and the at least one hierarchy deterministic path, obtain a blockchain address for a blockchain account from the at least one public key, obtain information about the blockchain address from a blockchain network based on the blockchain address, the information about the blockchain address including information about a balance of the blockchain account, and display at least part of the information about the blockchain address through the display, based on the information about the balance of the blockchain account.

The present disclosure provides systems and methods for authenticating a user to reset account login credentials associated with a non-network-connected generator computing device. The generator computing device is programmed to receive a first user input requesting to initiate a reset of account login credentials, generate a challenge code, set a timer, display the generated challenge code, and receive a second user input. The second user input is a response code generated at a services computing device associated with a services provider. The generator computing device is also programmed to verify that an amount of time elapsed between generation of the challenge code and receipt of the second user input is within a predefined time limit. The generator computing device is programmed to generate an expected response code, authenticate the user by comparing the received response code to the expected response code, and reset the account login credentials.

Novel distractorless authorship verification technology optionally combines with novel algorithms to solve authorship attribution as to an open set of candidatessuch as without limitation by analyzing the voting of mixture of experts and outputting the result to a user using the following: if z (z=p.sub.ip.sub.j p.sub.i+p.sub.j(p.sub.ip.sub.j).sup.2/n) is larger than a first predetermined threshold then author j cannot be the correct author; or if z (z=p.sub.ip.sub.j p.sub.i+p.sub.j(p.sub.ip.sub.j).sup.2/n) is smaller than a second predetermined threshold then author i cannot be the correct author; or if no author garners significantly more votes than all other contenders then none of the named authors is the author of a document in questionin a number of novel applications. Personality profiling and authorship attribution may also be used to verify user identity to a computer.

A system and a method are disclosed for verifying a suspicious electronic communication. To this end, a secure communications service may detect an electronic communication comprising an identifier of a purported originator of the electronic communication and an identifier of an intended recipient, and determine that an attribute of the electronic communication corresponds to a suspicious attribute. Responsively, the service may intercept the electronic communication and storing the electronic communication in purgatory memory, so as to prevent the electronic communication from being populated in a private repository of the intended recipient, transmit a verification message, and receive a reply to the verification message that verifies the authenticity of the electronic communication. In response to receiving the reply, the service may release the electronic communication from the purgatory memory, so as to cause the electronic communication to be populated in the private repository of the intended recipient.

A computer implemented method is used for changing a password in a multi-domain environment. The method includes obtaining a private key and a public key from a security card at a user device in a user domain, transferring the public key to a controller in a secure domain, requesting a password change, receiving a public key encrypted new password from the secure domain, and decrypting the new password using the private key.

A system, method, and computer-readable recording media for a user account secure with a single sign on (SSO) password hidden authentication. Receiving credential information (CI) and generating the SSO password through at least one client device (CD). Encrypting the SSO password. Storing the SSO password in the CD and an electronic device (ED). Transmit the SSO password and encrypted SSO password to a cloud services platform (CSP), where the CSP stores both. Storing the SSO password in a cloud server (CS). Accessing the user account, if SSO password is unavailable, through the CSP transmitting a one time passcode to a user email, the CD setting a temporary password transferred to the CSP. The CSP confirming a match and transmitting the encrypted SSO password to the CD, the CD decrypting the encrypted SSO password and resetting the temporary password to the SSO password.

Disclosed are various embodiments for providing access to a recovery key of a managed device and rotating the recovery key after it has been accessed. In one example, among others, a system includes a computing device and program instructions. The program instructions can cause the computing device to store a first recovery key for a first managed computing device. The first recovery key is configured to access an encrypted data store of the first managed computing device. A request is received for the first recovery key from a second managed computing device. The first recovery key is transmitted for display on the second managed computing device. A key rotation command is generated for a command queue of the first managed computing device to rotate the first recovery key after transmitting the first recovery key. The second recovery key is received from the second computing device.

Systems and methods for recovering passwords from a hash value input are provided. A password space may be segmented into password sets, and a digest set may be generated for each password set. Probabilistic data structures representing the digest sets may be generated. One of the probabilistic data structures may be queried with the hash value input to determine whether the hash value input is likely included in the digest sets. In response to the hash value input being determined to be likely included in the digest set, the passwords constituting the password set corresponding to the digest set may be regenerated, and the hash values constituting the digest set may be regenerated. The generated hash values may be compared to the hash value input to determine a hash value from the digest set that matches the hash value input to recover the password associated with the matched hash value.