Abstract: Systems and methods for sharing secrets including passwords, keys, and other confidential information used in computing environments. A secrets record generated at a secrets vault client device is encrypted using an application key associated with a computing environment. The encrypted secrets record is stored in the secrets vault server. The secrets vault client device configures a sharing client device and associated with an access token. The secrets vault client device hashes the access token and sends to the secrets vault server as a client identifier. The sharing client device performs a first-time authentication using a hashed access token with the secrets vault server. Upon successful authentication, the sharing client device requests secrets records from the secrets vault server using the client identifier.

Abstract: Systems and methods for providing secure single sign-on authentication and management of encrypted vault in a fully cloud-based zero-knowledge environment. A user on a client device attempts to use a network resource. The user is directed to login to the identity provider. The identity provider authenticates the user through a login process. If the user is identified to be a valid user, the identity provider sends the user an attestation sign-on key to confirm the user is valid. The client device sends the attestation sign-on key to a vault service provider, which verifies the attestation using a configured public key. The client device retrieves a data decryption key and an encrypted data key, which are stored in different entities in the system. The encrypted data key is decrypted on the client device using the data decryption key.

Abstract: Systems and methods for detecting breached user login records in a zero-knowledge architecture. A breach detection module obtains login data that has been breached from breached data sources and service providers. The breached data is hashed with a system key and the breached data hashes are hashed in a hardware security module (HSM) using a hashing method and a non-exportable key. Clients provide user login data that has been hashed using the hashing method by the client device to the breach detection module. The breach detection module hashes the hashed user login data and compares the hashed user login hashes with the hashed breached data hashes and sends a breach alert to the client device if any hashes match.

Abstract: Systems and methods for providing secure single sign-on authentication and management of encrypted vault in a fully cloud-based zero-knowledge environment. A user on a client device attempts to use a network resource. The user is directed to login to the identity provider. The identity provider authenticates the user through a login process. If the user is identified to be a valid user, the identity provider sends the user an attestation sign-on key to confirm the user is valid. The client device sends the attestation sign-on key to a vault service provider, which verifies the attestation using a configured public key. The client device retrieves a data decryption key and an encrypted data key, which are stored in different entities in the system. The encrypted data key is decrypted on the client device using the data decryption key.

Abstract: Systems and methods for detecting breached user login records in a zero-knowledge architecture. A breach detection module obtains login data that has been breached from breached data sources and service providers. The breached data is hashed with a system key and the breached data hashes are hashed in a hardware security module (HSM) using a hashing method and a non-exportable key. Clients provide user login data that has been hashed using the hashing method by the client device to the breach detection module. The breach detection module hashes the hashed user login data and compares the hashed user login hashes with the hashed breached data hashes and sends a breach alert to the client device if any hashes match.

Abstract: A system and/or method includes facilitating secured chat messaging. An application module can derive a master password-based encryption key from a master password. The application module can generate a data key and encrypt the data key with the master password-based encryption key. The application module can generate a record key for encrypting chat messages of a chat thread and encrypt the record key with the data key. The application module can decrypt the chat messages in the chat thread with the record key, where the record key is decrypted with the data key, and where the data key is decrypted with the master password-based encryption key. The application module can display the decrypted chat messages.

Abstract: A system and/or method include a connect module for facilitating a single sign-on to a digital vault provided by a service provider in a zero-knowledge architecture.

Abstract: A system and/or method includes facilitating secured chat messaging. An application module can derive a master password-based encryption key from a master password. The application module can generate a data key and encrypt the data key with the master password-based encryption key. The application module can generate a record key for encrypting chat messages of a chat thread and encrypt the record key with the data key. The application module can decrypt the chat messages in the chat thread with the record key, where the record key is decrypted with the data key, and where the data key is decrypted with the master password-based encryption key. The application module can display the decrypted chat messages.

Abstract: A system and/or method include a connect module for facilitating a single sign-on to a digital vault provided by a service provider in a zero-knowledge architecture.

Abstract: A computer-implemented method is provided for facilitating a quick login using a mobile computing device having a space-wise limited virtual keyboard. The method includes detecting a response from a server of a website or from an application native to the computing device that includes a login form displayed on a screen of the mobile computing device for authenticating a user, activating an application on the mobile computing device configured to auto fill the login form, and displaying a quick login keyboard, which includes a plurality of boxes configured to hold credential data of the user, wherein the quick login keyboard further includes a plurality of fill buttons, each of which is associated with one of the credential data boxes. The method further includes detecting a tapping on one of the plurality of fill buttons, and populating the login form with the credential data associated with the tapped fill button.

Abstract: An apparatus includes a storage device, a position comparison processor coupled to the at least one storage device, and a display coupled to the position comparison processor. A plurality of files is stored on the storage device, wherein each file contains at least one item of confidential information and wherein a geographic location of use is associated with the file. The position comparison processor compares a current geographic location with each of the geographic locations of use associated with the plurality of files and the display displays contents of a selected file, wherein the geographic location of use associated with the selected file matches the current geographic location.

Abstract: A computer-implemented method is provided for facilitating a quick login using a mobile computing device having a space-wise limited virtual keyboard. The method includes detecting a response from a server of a website or from an application native to the computing device that includes a login form displayed on a screen of the mobile computing device for authenticating a user, activating an application on the mobile computing device configured to auto fill the login form, and displaying a quick login keyboard, which includes a plurality of boxes configured to hold credential data of the user, wherein the quick login keyboard further includes a plurality of fill buttons, each of which is associated with one of the credential data boxes. The method further includes detecting a tapping on one of the plurality of fill buttons, and populating the login form with the credential data associated with the tapped fill button.

Abstract: A method and apparatus are provided for protecting confidential information. The method includes the steps of providing a plurality of files where each file contains at least one item of secret information, such as a password for a private account. Access to the plurality of files is password protected with a master password. To access the plurality of files, the master password must be entered into a master password entry field. The files are deleted upon successive entry of incorrect passwords into the master password entry field a predetermined number of times.

Abstract: A method and apparatus are provided for protecting confidential information. The method includes the steps of providing a plurality of files where each file contains at least one item of secret information, password protecting the plurality of files with a master password, detecting entry of passwords into a master password entry field, comparing entered passwords with the master password to identify incorrect master passwords and deleting the plurality of files upon successive entry of incorrect master passwords a predetermined number of times.

Abstract: A wireless charging device includes a charging battery, a transmitter coupled to the charging battery, and a controller coupled to the charging battery and the transmitter. The controller is configured to direct power from the charging battery to the transmitter and wirelessly transmit the power to a receiver. The wireless charging device also includes a housing, wherein the charging battery, the transmitter, and the controller are disposed at least partly within the housing.

Abstract: A method of submitting content on behalf of a client to multiple service providers includes the steps of receiving a request from a client to submit content to a plurality of service providers and processing the request utilizing a server. The step of processing includes the steps of retrieving client login information necessary to submit the content to the plurality of service providers, logging on to the service providers using the client login information, if necessary, and submitting the content to the plurality of service providers through a client device. The steps of processing, retrieving, logging on, and submitting are performed automatically by the server after the request is received without additional input from the client.

Abstract: An apparatus includes a storage device, a position comparison processor coupled to the at least one storage device, and a display coupled to the position comparison processor. A plurality of files is stored on the storage device, wherein each file contains at least one item of confidential information and wherein a geographic location of use is associated with the file. The position comparison processor compares a current geographic location with each of the geographic locations of use associated with the plurality of files and the display displays contents of a selected file, wherein the geographic location of use associated with the selected file matches the current geographic location.

Abstract: A method of submitting content on behalf of a client to multiple service providers includes the steps of receiving a request from a client to submit content to a plurality of service providers and processing the request utilizing a server. The step of processing includes the steps of retrieving client login information necessary to submit the content to the plurality of service providers, logging on to the service providers using the client login information, if necessary, and submitting the content to the plurality of service providers through a client device. The steps of processing, retrieving, logging on, and submitting are performed automatically by the server after the request is received without additional input from the client.