Systems and methods for recovering passwords from a hash value input are provided. A password space may be segmented into password sets, and a digest set may be generated for each password set. Probabilistic data structures representing the digest sets may be generated. One of the probabilistic data structures may be queried with the hash value input to determine whether the hash value input is likely included in the digest sets. In response to the hash value input being determined to be likely included in the digest set, the passwords constituting the password set corresponding to the digest set may be regenerated, and the hash values constituting the digest set may be regenerated. The generated hash values may be compared to the hash value input to determine a hash value from the digest set that matches the hash value input to recover the password associated with the matched hash value.

Techniques and apparatus for providing peer-based management of user accounts are described. In one embodiment, for example, an apparatus may include at least one memory and logic coupled to the at least one memory. The logic may be configured to receive a request from at least one first user account to unlock a second user account locked responsive to a fraud event, determine a safe authentication value for the fraud event, and unlock the second user account responsive to the at least one first user account being a safe authentication account and the safe authentication value being over a safe authentication threshold value. Other embodiments are described.

An electronic book distribution system includes electronic devices that reset their passcodes after specified authentication failures. The passcodes of an individual electronic device is reset to a value that is generated using a predefined function of a randomly generated support code. The support code is displayed to the user, and the user is instructed to contact a support service in order to obtain the new passcode. The support service independently authenticates the user, calculates the new device passcode using the same predefined function used by the electronic device, and provides the new passcode to the user.

A system and a method are disclosed for verifying a suspicious electronic communication. To this end, a secure communications service may detect an electronic communication comprising an identifier of a purported originator of the electronic communication and an identifier of an intended recipient, and determine that an attribute of the electronic communication corresponds to a suspicious attribute. Responsively, the service may intercept the electronic communication and storing the electronic communication in purgatory memory, so as to prevent the electronic communication from being populated in a private repository of the intended recipient, transmit a verification message, and receive a reply to the verification message that verifies the authenticity of the electronic communication. In response to receiving the reply, the service may release the electronic communication from the purgatory memory, so as to cause the electronic communication to be populated in the private repository of the intended recipient.

A method, computer system, and a computer program product for authenticating a user in a computing system is provided. A corresponding method comprises validating one or more user snapshots of the user that should have been acquired in corresponding acquisition conditions according to their match with the corresponding acquisition conditions; the user snapshots are then sent (at least in part) to one or more authenticators requesting them to identify the user. A computer program and a computer program product for performing the method are also proposed. Moreover, a corresponding system is proposed.

Systems and methods for non-human account tracking are disclosed. According to one embodiment, a method may include: retrieving, by a tracing tool computer program executed by a computer processor, a plurality of records for a computer application from an application database, the plurality of records comprising a computer application name, one or more Application Programming Interfaces (APIs) associated with the computer application, and an identification of a plurality of non-human accounts that have access to the computer application; storing, by the tracing tool computer program, the plurality of records as raw data in a relational database; determining, by the tracing tool computer program, that each of the retrieved plurality of non-human accounts is in an account vault; associating, by the tracing tool computer program, the non-human accounts with the retrieved one or more APIs; and storing, by the tracing tool computer program, the association in a relational database.

There is provided a computer implemented method for dynamic deterministic generation of a user password for access to a secure application, comprising: receiving from a user interface, a master phrase entered by a user, and an indication of one secure application of a plurality of secure applications for access by the user, receiving a master salt associated with an indication of the user, dynamically computing a master key from the master phrase and the master salt, receiving a service payload associated with an indication of the one secure application and the indication of the user, dynamically computing a service password from the master key and the service payload, and providing the service password for accessing the one secure application.

A messaging system may include an account module that maintains user accounts associated with user identifying data that include a first password required to access the user account. The messaging system may receive message data including a message and identification of one or more of the user accounts the message is to be shared. Upon request, the messaging system may issue a second password to one of the user accounts. When the second password is used to access the user account, the user account may revert to an original state wherein all personalized information, including payment information, associated with the user account is deleted and unrecoverable.

A secure method for resetting the password for an account is disclosed. During the setup of the account, the user can provide the service provider with a media file, and when the user asks the service provider to reset the password for the account, the user will be prompted with several media files. The user can be asked to identify the media file that the user provided to the service provider at the time of the setup of the account. If the user properly identifies the media file, the password will be reset.

A method for recovering data. Identity factors are collected at a device, wherein hashes of the identity factors are configured to be stored at a server. A dynamic password is generated at the device based on the identity factors and a Salt generated by the server and configured to be delivered to the device. A selfie is captured of a user. The device generates a symmetric key used to encrypt the selfie. The symmetric key is encrypted using the dynamic password. The encrypted symmetric key and the encrypted selfie are stored on the server. One or more data items are stored on the server. The dynamic password is recoverable by presenting the plurality of identity factors that are hashed to the server. The symmetric key is recoverable using the recovered dynamic password. The data items are recoverable by presenting the symmetric key and a second selfie of the user.