The present invention herein relates to method and system for authenticating user, protecting user data, and resetting security code. One of the advantages of the present invention is the protection of data in transit to ensure a secure user authentication and user data protection both in transit and at rest. Another advantage of the present invention is through a new security code resetting method, user can be verified without the need of storing the user verification data in the platform.

A method, computer program product, and computing system for coupling password-resetting content to an IT computing device. The password-resetting content is validated on the IT computing device. The password-resetting content is processed to reset one or more passwords associated with the IT computing device.

Systems and methods for non-human account tracking are disclosed. According to one embodiment, a method may include: retrieving, by a tracing tool computer program executed by a computer processor, a plurality of records for a computer application from an application database, the plurality of records comprising a computer application name, one or more Application Programming Interfaces (APIs) associated with the computer application, and an identification of a plurality of non-human accounts that have access to the computer application; storing, by the tracing tool computer program, the plurality of records as raw data in a relational database; determining, by the tracing tool computer program, that each of the retrieved plurality of non-human accounts is in an account vault; associating, by the tracing tool computer program, the non-human accounts with the retrieved one or more APIs; and storing, by the tracing tool computer program, the association in a relational database.

A virtual machine password reset method includes a virtual machine first sending a password obtaining request to a cloud service computing node, the cloud service computing node querying a reset password of the virtual machine in a metadata server based on the password obtaining request, the cloud service computing node returning a password obtaining response based on a result of querying the reset password of the virtual machine in the metadata server, the virtual machine configuring the reset password as a password of the virtual machine, to complete virtual machine password reset.

A method for recovering data. Identity factors are collected at a device, wherein hashes of the identity factors are configured to be stored at a server. A dynamic password is generated at the device based on the identity factors and a Salt generated by the server and configured to be delivered to the device. A selfie is captured of a user. The device generates a symmetric key used to encrypt the selfie. The symmetric key is encrypted using the dynamic password. The encrypted symmetric key and the encrypted selfie are stored on the server. One or more data items are stored on the server. The dynamic password is recoverable by presenting the plurality of identity factors that are hashed to the server. The symmetric key is recoverable using the recovered dynamic password. The data items are recoverable by presenting the symmetric key and a second selfie of the user.

Disclosed are various embodiments for providing access to a recovery key of a managed device and rotating the recovery key after it has been accessed. In one example, among others, a system includes a computing device and program instructions. The program instructions can cause the computing device to store a first recovery key for a first managed computing device. The first recovery key is configured to access an encrypted data store of the first managed computing device. A request is received for the first recovery key from a second managed computing device. The first recovery key is transmitted for display on the second managed computing device. A key rotation command is generated for a command queue of the first managed computing device to rotate the first recovery key after transmitting the first recovery key. The second recovery key is received from the second computing device.

The embodiments set forth systems and techniques to authenticate a user device for device services, such as by transferring or extending a trusted device status from a separate and trusted associated user device, which can be paired with the user device. This can be done automatically without requiring the user to sign in at or on behalf of the user device, and the automated process can include verifying a trusted status for the associated user device, receiving data items from both devices, evaluating the data items, and facilitating an authentication of the user device when the evaluating returns a favorable result. Data items can include provisioned machine identifiers, temporally limited one-time user passwords, and a provisioned password reset key. Authentication or trusted device status transfer can be achieved by way of an authentication token that is given to the user device.

The present disclosure provides a new and innovative system, method, and non-transitory computer-readable medium for securely recovering access to an online service account. Secret splitting is utilized to require multiple recovery mechanisms in order to recover access to an online service account, thus decreasing the likelihood that a malicious attacker will compromise all of the recovery mechanisms to gain access to the online service account. The secret is split into a quantity of tokens via a secret sharing function that can reconstruct the secret with a predetermined threshold quantity of the tokens. The level of security provided by the system is flexible by adjusting the quantity of recovery mechanisms and the predetermined threshold quantity of tokens required to reconstruct the secret.

A system and a method are disclosed for verifying a suspicious electronic communication. To this end, a secure communications service may detect an electronic communication comprising an identifier of a purported originator of the electronic communication and an identifier of an intended recipient, and determine that an attribute of the electronic communication corresponds to a suspicious attribute. Responsively, the service may intercept the electronic communication and storing the electronic communication in purgatory memory, so as to prevent the electronic communication from being populated in a private repository of the intended recipient, transmit a verification message, and receive a reply to the verification message that verifies the authenticity of the electronic communication. In response to receiving the reply, the service may release the electronic communication from the purgatory memory, so as to cause the electronic communication to be populated in the private repository of the intended recipient.

The present application discloses a method and apparatus for updating a password of an electronic device, a device, and a storage medium, and relates to intelligent transportation, vehicle-road collaboration, and device security technologies in the field of data processing. The specific implementation solution is: in response to detecting a trigger condition of a password update, the electronic device randomly generates a first password, and updates a login password of the electronic device to the first password; then the electronic device sends a password updating message to a server, and the password updating message is configured to indicate an identification of the electronic device and the first password. The server updates the database for storing login passwords of different electronic devices according to the password updating message. Through the above process, the safety of the electronic device is improved.