Subsequent to registration of a client device with a server device such that credentials by which the client device is authenticated are securely stored at the client device, the client device provides a user device and a server device a recovery identifier and a recovery secret key associated with the client device. Upon the credentials no longer being stored at the client device such that the client device has to be reregistered with the server device to store new credentials by which the client device is authenticated, the user device generates and provides a recovery code to the client device, which provides the recovery code to the server device. Upon validating the recovery code based on the recovery identifier and the recovery secret key, the server device reregisters the client device with the server device such that the new credentials are securely stored at the client device.

A method reconfigures an IoT device which is connectable to a cloud backend. The method includes: storing an access code that is input locally in the cloud backend and storing the access code or check information formed on the basis thereof on the IoT device. The method further includes reconfiguring the IoT device, requesting the access code from the cloud backend, inputting the requested access code on a local configuration interface of the IoT device or on an input device connected to the local configuration interface of the IoT device, and comparing the input access code against the access code stored on the IoT device, or the check information formed on the basis thereof. The IoT device is enabled for reconfiguration upon a positive comparison of the input access code against the access code stored, or the check information formed on the basis thereof.

In one embodiment, a method comprises: securing, by a security agent executed within a network device, first secure data structures for secure storage in the network device and second secure data structures for secure communications in a secure peer-to-peer data network; monitoring, by the security agent, a corresponding mandatory lifecycle policy for each of the first secure data structures; and cryptographically erasing one of the first secure data structures in response to expiration of the corresponding mandatory lifecycle policy.

Providing access control to distributed resources, including storing, at a computing dock coupled to an information handling system, a local access database indicating verified credentials of one or more users; receiving, at the computing dock, a request for access to a resource coupled to the computing dock; providing, in response to the request for access, an authentication request to an authentication system; in response to the authentication request, providing, by the computing dock, an authentication challenge to the information handling system; receiving, at the computing dock and in response to the authentication challenge, user credentials at the authentication system; verifying, at the authentication system, the user credentials against the local access database; providing, based on the verified user credentials, an authorization token to the first device; and allocating, based on the authorization token, access to the resource to the information handling system.

In some implementations, a device may detect that a page is associated with an entity and an exchange is associated with the entity. The device may modify a document used to generate the page to present a field associated with shared virtual identifiers to be displayed. The device may receive request information for a shared virtual identifier, the request information indicating one or more parameters associated with the shared virtual identifier, a first identifier associated with a first account, and a second identifier associated with a second account. The device may transmit, to a server device, the request information and exchange information associated with the exchange. The device may receive, from the server, presentation information that identifies the shared virtual identifier. The device may modify the document used to generate the page based on the presentation information to cause the shared virtual identifier to be provided for display.

Examples of the present disclosure describe systems and methods for automated user authentication via phone call. In aspects, user interaction with an application/service may be detected at a user device. Device information for the user device may be provided to a login management service, which may provide access information and a security object for accessing the application/service to the user device. The user device may use the access information to place a call to a service provider. A call detection service may detect the call and collect contact information for the user device and the security object. The contact information and the security object may be provided to the login management service. The login management service may validate the security object and use the contact information to authenticate a user to access the application/service.

Systems and methods for accessing credentials from a blockchain are provided. A computing device requests for a server to process a transaction. In response to the request, the server transmits a server public key to the computing device. A key generator of the computing devices uses the user private key and the server public key to generate a user public key. The user public key includes permissions to access credentials that are stored on blockchain. The server receives the user public key and generates a request for credentials to blockchain. The request includes the user public key and the server private key. The blockchain receives the request and generates an identity token. The identity token includes credentials that are specified in the user public key. The blockchain transmits the identity token to the server and the server uses the identity token to processes the transaction.

A system for providing a service may include a user device executing an application. The application may have an authorization token associated therewith to authenticate a given user to the service. The system may also include a server executing the service, and a virtual assistant to receive a request to access the service via the virtual assistant and communicate the request to the server. The server may determine whether the token has been obtained thereat based upon the identifier. When the token has been received by the server, the server may determine whether the token has expired, and when not expired, the server may process the request. When the token has not been received by the server, the server may obtain the token from the user device, and process the request based upon obtaining the token from the user device.

Method, apparatus and computer program product for multi-device user authentication are described herein. For example, the apparatus includes at least one processor and at least one non-transitory memory including program code. The at least one non-transitory memory and the program code are configured to, with the at least one processor, identify, on a first computing device, a first active interface session associated with one or more active authentication conditions each configured to enable access to a group-based communication interface of a group-based communication system; cause a first computing device to present an authentication command interface for the first active interface session; receive an interface session request from a second computing device indicating electronic communication by the second computing device with the authentication command interface; and cause the second computing device to execute limited user authentication routines each configured to enable a respective active authentication condition on the second computing device.

A keyless access system for securely authorizing access to a resource via a dynamic interface that user equipment (“UE”) may access using a changing access identifier without the UE installing or executing any specialized applications or code. The secure authorization of visitor access may include periodically modifying the access identifier, providing access activation data with a first access identifier to a UE in response to a triggering action, providing the dynamic interface to the UE in response to the access activation data automatically directing a browser of the UE to the first access identifier, receiving UE authorization data that is entered using a keypad or login screen of the dynamic interface, and providing access to the resource based on the first access identifier being associated with the resource, the UE authorization data authorizing access to the resource, and the access being provided before an expiration time.