A host machine has a web browser. A user of the host machine also has a mobile device. A time-based, one-time password (TOTP) authentication scheme leverages a plug-in associated with the browser to automatically inject a received TOTP code into an element of an HTML-based TOTP authentication page, and to programmatically submit the HTML form (e.g., by mimicking the “click to submit” button on the TOTP form). Typically, the TOTP code is obtained following a successful completion of a push notification interaction between a cloud service, which stores TOTP shared secrets that are used to generate the TOTP codes, and the user of the mobile device. As a further feature, a method to keep track of multiple TOTP accounts and to find the account usable for a given website are also provided.

Apparatuses, components and methods are provided herein useful to provide assistance to customers and/or workers in a shopping facility. In some embodiments, a shopping facility personal assistance system comprises: a plurality of motorized transport units located in and configured to move through a shopping facility space; a plurality of user interface units, each corresponding to a respective motorized transport unit during use of the respective motorized transport unit; and a central computer system having a network interface such that the central computer system wirelessly communicates with one or both of the plurality of motorized transport units and the plurality of user interface units, wherein the central computer system is configured to control movement of the plurality of motorized transport units through the shopping facility space based at least on inputs from the plurality of user interface units.

In an ad hoc peer-to-peer type network during peer discovery, information relating to users of various devices is broadcast to other devices in the network, which can compromise privacy of the users. Instead of announcing a public identifier that might be known by a multitude of individuals, the user device announces a private identifier that might be known to, or determined by, a select few individuals. The individuals selected can be given a key to determine the private identifier associated with a public identifier, or vice versa, wherein that key can have a validity range or a period of time, after which the key expires. Prior to the expiration of the key, the selected individuals, through their respective devices, can detect a corresponding user and/or device by the current private identifier being announced, thus mitigating the number of people that are aware of the user's presence.

A system and method are presented that provide authentication tokens to a local device from a remote server. The authentication token incorporates standard token content, and also includes additional token components that are needed by the local device. The additional token components incorporate user preferences information, initialization data, or other useable information needed by the local device. In contrast to standard processes, which must return a security token to the local device before any useful data can be exchanged, the disclosed embodiment inserts useable data into the returned token and eliminates the time required to obtain this data through a separate data request.

A query referencing a function associated with a remote software component is received by a network-based data warehouse system. Temporary security credentials corresponding to a role at a cloud computing service platform are obtained. The role has permission to send calls to a web endpoint corresponding to the remote software component. A request comprising input data and electronically signed using the temporary security credentials is sent to a web Application Programming Interface (API) management system of the cloud computing service platform. The request, when received by the web API management system, causes the web API management system to invoke external functionality provided by the remote software component at the web endpoint with respect to the input data. A response comprising a result of invoking the external functionality is received from the web API management system, and the result data is processed according to the query.

A query referencing an external table function provided by a remote software component is received. Requests to execute the external table function on input data are sent to a proxy service. A first request includes a batch of input rows from the input data. A first response to the first request received from the proxy service includes a first portion of result data and a pagination token. The pagination token indicates that at least a second portion of the result data corresponding to the first batch of input rows is to be obtained from the remote software component. Based on the pagination token, a second request is sent to obtain the second portion of the result data. One or more responses are received from the proxy service that comprise at least the second portion of the result data. The result data is processed according to the query.

An image forming apparatus includes: a processor configured to: execute a linking application for a linkage with a specific service, to receive a linkage request from a user through the specific service; and perform an authenticating process that authenticates a user who uses the image forming apparatus, using user information on the user who uses the specific service linked as a result of an approval of the received linkage request.

Systems and methods for use in verifying a request for access to data in a system comprising a first module having access to a first trusted indicator of time, a second module having access to an untrusted indicator of time and a computing device having access to a second trusted indicator of time. The first module generates a password using at least the first trusted indicator of time. The second module receives a password associated with the request for access to data and validates the received password using at least the untrusted indicator of time. The second module then causes a message to be transmitted to the computing device, the message comprising data indicative at least of the untrusted indicator of time used to validate the received password. The computing device then generates data indicative of a comparison between the untrusted indicator of time and the second trusted indicator of time, and uses the generated data to provide said access to data.

Methods, apparatus, systems and articles of manufacture are disclosed to manage cloud provider sessions. An example apparatus includes at least one non-transitory computer readable medium to store machine readable instructions and processor circuitry of a first device to execute the machine readable instructions to cause the processor circuitry based on a request to perform an action having a duration that is unspecified or sufficiently long, obtain a handle for a user token corresponding to a user that requested the action. Additionally, the processor circuitry is to, during performance of the action by a cloud provider, access the user token using the handle when the cloud provider requires user authorization, the user token to be accessed from a second device.

A method of rolling security for a system that includes multiple server groups, such as a first server group of one or more servers and a second server group of one or more servers. The method includes repeatedly initiating rebuilding of the first server group of one or more servers. The method also includes repeatedly initiating rebuilding of the second server group of one or more servers. The rebuilding of the first server group of one or more servers is staggered in time from the rebuilding of the second server group of one or more servers. The servers may be physical servers or virtual machines. Rolling security may also be applied to software containers, computing devices within a data center, and computing devices outside of a datacenter.