Abstract: A technique for hardening the entry of user credentials in web sites is described. A headless web browser authenticates the user to a target web site with credentials previously stored in a secure database, and generates a session cookie. The headless browser provides the session cookie to the user's web browser, allowing the user to continue the session established by the headless browser.

Abstract: A method and process for users to have secure access to multiple mobile, embedded or web based applications, is provided whereby each requires different authentication, and access to such applications is automated through the use of a single authenticating and authorizing software; the software thereby securely managing the individual authorizations and, in so doing, the authentication required by any individual application independent of the device used. To protect against any intrusion and manipulation while assuring that only legitimate user(s) that are properly authenticated have access to their applications the method secures the secret information required to access these applications and minimizes exposure to any sensitive information. Moreover, any secrets that protect information are themselves secured and made strong and the means of access is simplified and automated as much as possible while safeguarding security and confidentiality.

Abstract: A passwordless reset technique includes actions to receive a request for a password reset, wherein the request password reset is initiated at a first device, determine that the first device is a trusted device, authenticate the user in order to obtain a cloud key from a network device, wherein the cloud key is associated with the first device, derive a key encryption key using the cloud key, decrypt a local storage key using the key encryption key, decrypt a local storage using the local storage key to obtain a content encryption key, obtain a new password via user input, re-encrypt the content encryption key, and transmit it to the network device, derive a new authentication token using the new password, and transmit the new authentication token to the network device.

Abstract: A technique for hardening the entry of user credentials in web sites is described. A headless web browser authenticates the user to a target web site with credentials previously stored in a secure database, and generates a session cookie. The headless browser provides the session cookie to the user's web browser, allowing the user to continue the session established by the headless browser.

Abstract: A system for accessing a trusted execution environment includes instructions to transmit, from a first trusted execution environment, a request for a biometric match claim, receive, in response to the request for a biometric match claim, biometric data from a biometric capture device, perform a match of the biometric data against biometric templates stored in the first trusted execution environment, and unseal a second trusted execution environment based on the match data.

Abstract: Query formation and modification techniques are described. In one or more embodiments, a query is received that is formed in a text field as a phrase in a human-readable language that includes a visual indicator that represents a missing term that is a subject of the query. Based on the query, a defined database is searched, and one or more modified versions of the phrase are presented that replace the visual indicator with a respective result of the searching. In addition, one or more options are presented that are selectable to automatically complete the phrase as a sentence in the human-readable language.

Abstract: Methods and processes are disclosed for iOS based systems and mobile devices that permit a user to securely inject passwords and related information into environments that are traditionally impossible to control, along with preserving the security of confidential information against third party attacks be they intrusive or already embedded. The methods and processes utilize a locally installed proxy securely communicating with a remote server that permit injecting a secret into the code on devices that otherwise would not have the option of doing so. In at least one embodiment this is done by using network hooks and controlling the data flow between the injected component, a proxy and an application. It is contemplated that the user can control which credentials are used, without revealing them and minimizing attacker discovery.

Abstract: The present disclosure relates to receiving a request for recovery of an account associated with a user, sending a CAPTCHA challenge to a user device associated with the user, receiving an answer to the CAPTCHA challenge and a confirmation code wrapped by an encryption key derived from a provisional master password, sending a notification of the request for recovery to one or more trusted entities associated with the user, and receiving a confirmation of the request from one or more of the trusted entities. The confirmation includes a recovery token associated with the particular trusted entity and an encrypted confirmation code.

Abstract: A method and process for users to have secure access to multiple mobile, embedded or web based applications, is provided whereby each requires different authentication, and access to such applications is automated through the use of a single authenticating and authorizing software; the software thereby securely managing the individual authorizations and, in so doing, the authentication required by any individual application independent of the device used. To protect against any intrusion and manipulation whilst assuring that only legitimate user(s) that are properly authenticated have access to their applications the method secures the secret information required to access these applications and minimizes exposure to any sensitive information. Moreover, any secrets that protect information are themselves secured and made strong and the means of access is simplified and automated as much as possible whilst safeguarding security and confidentiality.

Abstract: Query formation and modification techniques are described. In one or more embodiments, a query is received that is formed in a text field as a phrase in a human-readable language that includes a visual indicator that represents a missing term that is a subject of the query. Based on the query, a defined database is searched, and one or more modified versions of the phrase are presented that replace the visual indicator with a respective result of the searching. In addition, one or more options are presented that are selectable to automatically complete the phrase as a sentence in the human-readable language.

Abstract: In embodiments of video media item selection, items that have been designated for association with video media are displayed while the video media is also displayed for viewing. An item grab application is implemented to receive a user input as an item selection of an item that is associated with the video media while being displayed for viewing. An item page for the selected item can be displayed, where the item page includes an identifier and image of the selected item, as well as a selectable link to the video media. The item grab application can also post the item selection to a social media site when the user shares the selected item. The item selection is posted without the video media that the selected item is associated with, and the video media is selectable for viewing from the item selection that is posted to the social media site.