Abstract: A password application system receives a credential for a first privilege of a plurality of privileges whereby the first privilege corresponds to a first set of credential requirements and the plurality of privileges have a second privilege that corresponds to a different set of credential requirements. The system determines whether the credential for the first privilege satisfies the first set of credential requirements. If the credential satisfies this set of credential requirements, the system enables the credential to be used for access in accordance with the first privilege.

Abstract: A password application system receives a credential for a first privilege of a plurality of privileges whereby the first privilege corresponds to a first set of credential requirements and the plurality of privileges have a second privilege that corresponds to a different set of credential requirements. The system determines whether the credential for the first privilege satisfies the first set of credential requirements. If the credential satisfies this set of credential requirements, the system enables the credential to be used for access in accordance with the first privilege.

Abstract: This disclosure is directed to, in part, determining an expiration of a password or other security data based on a measured complexity of the password or the security data. A user may enter a password to be associated with an account or a resource (e.g., a login for a user account, etc.). The password may be analyzed to determine an entropy value of the password, which is a measure of complexity of the password. A password manager may then determine an expiration of the password based on the entropy value of the password. Thus, a more complex password may be assigned an expiration date that is longer than an expiration date assigned to a less complex password. In some aspects, the expiration date may be dynamically updated as a user continues to enter inputs for a new password.

Abstract: Techniques for user authentication are disclosed. In some situations, the techniques include receiving, from a client device, an authentication request to access a network resource, the request including a user identifier, obtaining a security credential associated with the user identifier contained in the received request, generating an authorization code based on the obtained security credential, providing to the client device instructions to obtain first information corresponding to the generated authorization code, receiving, from the client device, the first information provided in response to the provided instructions, and, when the first information received from the client device corresponds to at least a portion of the generated authorization code, authorizing the client device to access the network resource.

Abstract: Techniques for user authentication are disclosed. In some situations, the techniques include receiving, from a client device, an authentication request to access a network resource, the request including a user identifier, obtaining a security credential associated with the user identifier contained in the received request, generating an authorization code based on the obtained security credential, providing to the client device instructions to obtain first information corresponding to the generated authorization code, receiving, from the client device, the first information provided in response to the provided instructions, and, when the first information received from the client device corresponds to at least a portion of the generated authorization code, authorizing the client device to access the network resource.

Abstract: Disclosed are various embodiments for identifying a table of non-decoy data matching a set of criteria. Decoy data is inserted into the table of non-decoy data. The decoy data is detected in a result comprising the decoy data, the result generated in response to an access of the data store. An alarm is generated based at least upon the result.

Abstract: Techniques for user authentication are disclosed. In some situations, the techniques include receiving, from a client device, an authentication request to access a network resource, the request including a user identifier, obtaining a security credential associated with the user identifier contained in the received request, generating an authorization code based on the obtained security credential, providing to the client device instructions to obtain first information corresponding to the generated authorization code, receiving, from the client device, the first information provided in response to the provided instructions, and, when the first information received from the client device corresponds to at least a portion of the generated authorization code, authorizing the client device to access the network resource.

Abstract: A plurality of phrases may be extracted from documents associated with one or more document sources. The plurality of phrases may be filtered and processed to determine a frequency in which the plurality of phrases appear in the documents and/or a number of the document sources in which each phrase appears. A weight may be assigned to each of the phrases and, based at least in part on the assigned weight, a visual representation of the plurality of phrases may be presented. The visual representation may be dynamically updated based at least in part on an updated frequency or an updated total number of document sources associated with any one of the plurality of phrases.

Abstract: Techniques for user authentication are disclosed. In some situations, the techniques include receiving, from a client device, an authentication request to access a network resource, the request including a user identifier, obtaining a security credential associated with the user identifier contained in the received request, generating an authorization code based on the obtained security credential, providing to the client device instructions to obtain first information corresponding to the generated authorization code, receiving, from the client device, the first information provided in response to the provided instructions, and, when the first information received from the client device corresponds to at least a portion of the generated authorization code, authorizing the client device to access the network resource.

Abstract: Methods and systems for framing detection are disclosed. A web page comprising a child frame is generated. The child frame comprises an instruction to load a component from a merchant. The child frame comprises a header option restricting a loading of the component from within a parent frame associated with a domain external to the merchant. The web page is sent from the merchant to a client browser. It is determined that the web page is loaded within the parent frame in the client browser if a request for the component is not received by the merchant. It is determined that the web page is not loaded within the parent frame in the client browser if a request for the component is received by the merchant.