Abstract: Disclosed are various embodiments for managing security credentials for an authentication management client on a client device. In one non-limiting example, a computing device is configured to receive an authentication request from an authentication management client of a client and determine an affinity of the authentication management client based at least in part on the authentication request. The computing device is configured to determine that the authentication management client is supported based at least in part on the affinity. The computing device is configured to generate a session for the authentication management client based at least in part on a security credential being received from the authentication management client.

Abstract: Disclosed are various embodiments for resetting security credentials for an authentication management client on a client device. In one non-limiting example, the authentication management client is configured to receive encrypted account data associated with a user from an authentication management service and decrypt the encrypted account data using a master security credential. The decrypted account data is stored as client account data associated with the client device. The authentication management client is configured to receive a request to reset a plurality of security credentials in the client account data. At least one of the plurality of security credentials in the client account data are reset.

Abstract: Disclosed are various embodiments for resetting security credentials for an authentication management client on a client device. In one non-limiting example, the authentication management client is configured to receive encrypted account data associated with a user from an authentication management service and decrypt the encrypted account data using a master security credential. The decrypted account data is stored as client account data associated with the client device. The authentication management client is configured to receive a request to reset a plurality of security credentials in the client account data. At least one of the plurality of security credentials in the client account data are reset.

Abstract: Disclosed are various embodiments for account management using a portable data store. In one embodiment, an authentication client is stored in a portable data store. In response to receiving a master security credential from the user, the authentication client decrypts encrypted account data stored in the portable data store. The authentication client detects that a network site is being accessed. The authentication client automatically provides a corresponding security credential to the network site.

Abstract: Disclosed are various embodiments for updating account data with multiple account providers. Account management logic determines that data associated with a user has been updated. A validation procedure is performed on the updated data. Multiple accounts of the user that may use the data are determined. The accounts are with multiple account providers. Corresponding account update requests for the accounts are sent to the account providers. The account update requests specify the data that has been updated.

Abstract: Disclosed are various embodiments that provide account information, such as usernames and passwords, to applications. Respective account information is stored for multiple accounts. A user interface is rendered that facilitates a user selection of a particular application from multiple applications. A particular account is identified in response to the user selection. One or more operations are initiated to create a runtime association between an instance of the particular application and the account information corresponding to the particular account.

Abstract: Disclosed are various embodiments for account management using a portable data store. In one embodiment, an authentication client is stored in a portable data store. In response to receiving a master security credential from the user, the authentication client decrypts encrypted account data stored in the portable data store. The authentication client detects that a network site is being accessed. The authentication client automatically provides a corresponding security credential to the network site.

Abstract: Disclosed are various embodiments for sharing network site account information among multiple users. Account information for a network site account is received from a first user at a first client. An indication is received from the first user that the account information is to be shared with a second user. The second user is authenticated at a second client. The account information is transferred to the second client.

Abstract: Disclosed are various embodiments for updating account data with multiple account providers. Account management logic determines that data associated with a user has been updated. A validation procedure is performed on the updated data. Multiple accounts of the user that may use the data are determined. The accounts are with multiple account providers. Corresponding account update requests for the accounts are sent to the account providers. The account update requests specify the data that has been updated.

Abstract: Disclosed are various embodiments for updating account data with multiple account providers. Account management logic determines that personal information associated with a user has been updated. Multiple accounts of the user that may use the personal information are determined. The accounts are with multiple account providers. Corresponding account update requests for the accounts are sent to the account providers. The account update requests specify the personal information that has been updated.

Abstract: Disclosed are various embodiments for sharing network site account information among multiple users. Account information for a network site account is received from a first user at a first client. An indication is received from the first user that the account information is to be shared with a second user. The second user is authenticated at a second client. The account information is transferred to the second client.

Abstract: Validation data, such as an image selected by a merchant, is rendered on a mobile device of a customer to provide the merchant confirmation that payment for an item submitted through the mobile device of the customer was in fact received by the merchant. The merchant may establish an account on a network-accessible computing device (e.g., in the “cloud”) that includes the validation data. The customer authorizes payment to the merchant from the mobile device using the network connectivity of the mobile device. When the payment is received by the merchant, the network-accessible computing device sends the validation data to the customer's mobile device. The merchant may be confident that he or she has in fact received an electronic payment from the customer when the validation data is presented on the mobile device. Techniques to prevent reuse and copying of the validation data are also discussed.

Abstract: Disclosed are various embodiments for managing accounts for network sites. In one embodiment, account information is automatically removed from a client when a logout is performed. In another embodiment, encrypted account information and an authentication client that decrypts the account information are stored upon a portable data store that is removably attached to a computing device. In yet another embodiment, a first user may indicate that account information is to be shared with a second user.

Abstract: Disclosed are various embodiments for network site account management using a proxy server. A request for a secured resource on a network site is generated based at least in part on stored account information in response to receiving an initial request for the secured resource from a client. The request is sent to the network site. The secured resource is sent to the client in response to receiving the secured resource from the network site.

Abstract: Disclosed are various embodiments for management functions relating to security credentials. Account data, which includes multiple security credentials for multiple network sites for a user, is stored in an encrypted form. A request to temporarily change the account data is obtained from a client. The request specifies a master security credential for accessing the account data. In response to the request, the multiple security credentials for the account data are changed to a single temporary security credential, as specified by a user. After an expiration period expires, the multiple security credentials are automatically reset to a plurality of different security credentials.

Abstract: Disclosed are various embodiments for management functions relating to security credentials. Account data, which includes multiple security credentials for multiple network sites for a user, is stored in an encrypted form. A request to temporarily change the account data is obtained from a client. The request specifies a master security credential for accessing the account data. In response to the request, the multiple security credentials for the account data are changed to a single temporary security credential, as specified by a user. After an expiration period expires, the multiple security credentials are automatically reset to a plurality of different security credentials.

Abstract: Disclosed are various embodiments for recovery and other management functions relating to security credentials which may be centrally managed. Account data, which includes multiple security credentials for multiple network sites for a user, is stored by a service in an encrypted form. A request for the account data is obtained from a client. The request specifies a security credential for accessing the account data. The account data is sent to the client in response to determining that the client corresponds to a preauthorized client and in response to determining that the security credential for accessing the account data is valid.

Abstract: Disclosed are various embodiments that employ metadata to map stored client data to form fields and other data consumers. Data items are requested by a data consumer, such as a web form. Metadata is obtained that includes a mapping of standardized data items to the requested data items. The requested data items are generated based at least in part on the mapping and the standardized data items.

Abstract: Disclosed are various embodiments for network site account management using a proxy server. A request for a secured resource on a network site is generated based at least in part on stored account information in response to receiving an initial request for the secured resource from a client. The request is sent to the network site. The secured resource is sent to the client in response to receiving the secured resource from the network site.

Abstract: Disclosed are various embodiments that employ metadata to map stored client data to form fields and other data consumers. Data items are requested by a data consumer, such as a form. Metadata is obtained that includes a mapping of stored data items to the requested data items, and the mapping is associated with an identification of the data consumer. The requested data items are provided to the data consumer based at least in part on the mapping and the stored data items.