A rollover system is provided to facilitate transitioning of client devices in a shared account network environment, from an old password to a new replacement password. The switching of passwords may take place gradually during a rollout period for client devices without required downtime and reducing a risk of lockouts. During the rollover period, a prior salt is temporarily carried over to a new verifier for the replacement password. Two new verifiers are generated: a temporary new verifier using the old salt for verification during the rollover period and another new verifier using a different new salt for verification after the rollover period had expired. During the rollover period, authentication involves the use of the temporary new verifier with the old salt or by the old verifier and old salt of the prior password. After the rollover period, authentication is based on the new verifier with a new salt.

Systems and methods of anti-vishing OTP protection via machine learning techniques are disclosed. In one embodiment, an exemplary computer-implemented method may comprise: receiving a permission indicator identifying a permission by the user to detect OTPs and calls being received by a computing device; receiving an indication of an OTP data item being received; processing the OTP data item to determine a time duration during which a particular OTP included therein is valid; utilizing a trained OTP protection machine learning model to determine phone number(s) as presenting a security risk with respect to the OTP data item; and instructing the computing device to commence at least one security measure based at least in part on a contact list updated with an indication that the phone number(s) present a security risk with regard to the particular OTP during the time duration of the particular OTP.

Systems, methods, and computer-readable storage media for enabling secure transfer of Internet domains between registrars. An example method can include receiving, at a registry, a request from a first registrar for information associated with an object recorded in the registry and registered by the first registrar, then generating, at the registry, an authorization code, the authorization code having an expiration. The registry can then transmit, to the first registrar, the authorization code, which in turn can be given to the registrant. The registrant can forward the authorization code to the second registrar, and the registry can receive, from a second registrar before the expiration has been reached: the authorization code and a transfer request for the object, the transfer request identifying a transfer of the object from the first registrar to the second registrar. At that point the registry can verify the authorization code authorize the transfer request of the object from the first registrar to the second registrar.

Provided are a method of registering a home appliance in an Internet-of-Things (IoT) server, and a home appliance. The home appliance performs device registration by obtaining access point information and information of a set-up cloud server from a mobile device connected through device-to-device communication, transmitting a temporary password to the mobile device through the device-to-device communication, establishing a communication connection with the set-up cloud server by using the obtained access point information and the obtained information of the set-up cloud server, obtaining user account information from the set-up cloud server by using the temporary password as an identification key, and providing information of the home appliance and the user account information to an IoT server.

A system and method for providing multifactor authentication. A disclosed method includes receiving a request at a server to launch a new session for an application on a client device, generating a plurality of codes, each of the plurality of codes associated with a respective identifier, and forwarding the plurality of codes via a short messaging service (SMS) message to a user associated with the client device. The method further includes sending the respective identifier associated with a given code of the plurality of codes to the application and receiving a submitted code entered into the application from the client device. Once received, the method compares the submitted code with the given code associated with the respective identifier and authenticates the user in response to the submitted code matching the given code.

There are provided systems and methods for split one-time password digits for secure transmissions to selected devices. Authentication credentials and one-time password operations by a service provider, such as an electronic transaction processor for digital transactions, may be compromised by malicious computing attacks or other actions that compromise the security of data and communications. To increase security of the data within a communication and authentication operations, a split one-time password system may be implemented. A user may preset a number of known digits for a one-time password with a profile and/or account. When multifactor authentication is required, randomized digits may be generated using a hash algorithm and may be transmitted to the user with instructions for completion of the one-time password. The user may be required to specifically enter the known digits with the randomized digits to properly pass the multifactor authentication.

Embodiments perform bulk multifactor authentication (MFA) enrollment in an identity cloud management system. An entity can be created in the identity cloud management system, where the entity is issued a credential that includes a permissions scope for communicating with the identity cloud management system. A bulk set of user identities and MFA enrollment information including MFA security factors for the user identities and a status for the user identities can be received in association with the credential, where the MFA security factors include a mix of communication addresses and shared secrets. A subset of the user identities that include a status that indicates MFA enrollment can be enrolled, where the enrolling includes creating an MFA footprint for the subset of user identities within an MFA database, and each created MFA footprint includes a received MFA security factor. Access to cloud-based services or applications can be secured using the created MFA footprints, where the secured access includes secure API calls to the identity cloud management system.

Exemplary embodiments may use a contactless card as a secondary form of authentication in a multi-factor authentication for a secure messaging service. The recipient party of a request to initiate a messaging service session (such as a server computing device) may be programmed to use the phone number of the originating device to look up records regarding an identity of a party and their associated phone number as a primary credential and then may require an authentication credential originating from the contactless card as a secondary credential for the initiating party. In some instances, the credential originating from the contactless card is a onetime password that is valid only for a period of time. The recipient party determines whether the onetime password is valid. If both credentials are valid, a secure messaging session may be initiated with the initiating party.

A computer implemented method for providing a communication path is provided. The method includes to determine, with a receiving device, a shared secret based on a receiving device private key and an electronic device public key communicated to the receiving device over a network, and determine, with the electronic device, the shared secret based on an electronic device private key and a receiving device public key communicated to the electronic device over the network. The method also includes to determine, with the receiving device, an identifier of the receiving device based on the shared secret, and determine, with the electronic device, a time-based one-time password (TOTP) based on the shared secret. The method also includes to obtain a token based on the TOTP, communicate the token from the electronic device to the receiving device based on the identifier, and provide a communication path between the receiving device and electronic device based on the token.

Disclosed herein are systems and methods for rapid password evaluation. A method may include: configuring a web application firewall (WAF) to monitor login credentials for one or more web applications; intercepting, using the WAF, a password input during a login attempt to a web application by an entity; calculating a hash value of the password input; transmitting the hash value to a dedicated server configured to: determine whether the hash value is in a database of hashes corresponding to weak passwords; and in response to determining that the hash value is in the database of hashes, transmit a message to the WAF indicating that the password input corresponds to a weak password; and generating for display, using the WAF, a web page prompting for a password reset for the web application.