Abstract: Examples are disclosed herein to implement remote authentication and passwordless password reset. An example server includes: at least one processor to forward executable instructions to a client device, the executable instructions, when executed at the client device, to cause the client device to: authenticate a user of an account based on a biometric authentication factor; obtain a local storage key by decrypting an encrypted local storage key with a cloud key obtained from a remote authentication server, the cloud key associated with the client device; decrypt a key bag with the local storage key, the key bag including a content encryption key and an encrypted credential encrypted with the content encryption key, the encrypted credential associated with the user; and decrypt the encrypted credential with the content encryption key to obtain a credential without the user supplying a master password associated with the account.

Abstract: System and method for creating clips of larger audio streams based on very accurate in point and out point and for searching for the clips. The system and method use byte signatures in MP3 or media files to accurately and efficiently find a specific cue point, such as for example, the beginning of a sentence in a podcast. The system and method are configured to search and locate a given clip even if that sequence moves inside the stream, such as for example, if the audio file adds additional content like advertisements or other audio sequence, the hash representation of the cue point can still be found with millisecond accuracy.

Abstract: System and method for creating clips of larger audio streams based on very accurate in point and out point and for searching for the clips. The system and method use byte signatures in MP3 or media files to accurately and efficiently find a specific cue point, such as for example, the beginning of a sentence in a podcast. The system and method are configured to search and locate a given clip even if that sequence moves inside the stream, such as for example, if the audio file adds additional content like advertisements or other audio sequence, the hash representation of the cue point can still be found with millisecond accuracy.

Abstract: Disclosed examples include at least one processor; and memory including instructions that, when executed by the at least one processor, cause the at least one processor to install a configuration profile; activate an internal virtual private network service; and cause the internal virtual private network service to activate a local proxy.

Abstract: Disclosed examples to manage user credentials include providing new credentials from a non-rendered application to a website to perform credential resetting for the website; establishing an authenticated session for a user with the website based on the new credentials; and passing session configuration data corresponding to the authenticated session from the non-rendered application to a browser, the session configuration data to allow the browser to continue the authenticated session.

Abstract: Disclosed examples include at least one processor; and memory including instructions that, when executed by the at least one processor, cause the at least one processor to install a configuration profile; activate an internal virtual private network service; and cause the internal virtual private network service to activate a local proxy.

Abstract: A disclosed example includes downloading a local proxy responsive to a request by a browser; obtaining and installing a configuration profile; activating an internal virtual private network service; establishing the local proxy through the internal virtual private network service; and running the local proxy.

Abstract: A system for accessing a trusted execution environment includes instructions to transmit, from a first trusted execution environment, a request for a biometric match claim, receive, in response to the request for a biometric match claim, biometric data from a biometric capture device, perform a match of the biometric data against biometric templates stored in the first trusted execution environment, and unseal a second trusted execution environment based on the match data.

Abstract: Disclosed examples to manage user credentials include providing new credentials from a non-rendered application to a website to perform credential resetting for the website; establishing an authenticated session for a user with the website based on the new credentials; and passing session configuration data corresponding to the authenticated session from the non-rendered application to a browser, the session configuration data to allow the browser to continue the authenticated session.

Abstract: A disclosed example to batch replace credentials for multiple websites includes accessing mappings between first encrypted credentials and corresponding ones of the websites; decrypting the first encrypted credentials using a master key to generate a plurality of first decrypted credentials; providing ones of the first decrypted credentials and corresponding ones of second decrypted credentials to corresponding ones of the websites to batch replace the first decrypted credentials with the corresponding ones of the second decrypted credentials at the corresponding ones of the websites; generating second encrypted credentials by encrypting the second decrypted credentials using the master key; and storing the second encrypted credentials in a database.

Abstract: Examples are disclosed herein to implement remote authentication and passwordless password reset. An example server includes: at least one processor to forward executable instructions to a client device, the executable instructions, when executed at the client device, to cause the client device to: authenticate a user of an account based on a biometric authentication factor; obtain a local storage key by decrypting an encrypted local storage key with a cloud key obtained from a remote authentication server, the cloud key associated with the client device; decrypt a key bag with the local storage key, the key bag including a content encryption key and an encrypted credential encrypted with the content encryption key, the encrypted credential associated with the user; and decrypt the encrypted credential with the content encryption key to obtain a credential without the user supplying a master password associated with the account.

Abstract: A passwordless reset technique includes actions to receive a request for a password reset, wherein the request password reset is initiated at a first device, determine that the first device is a trusted device, authenticate the user in order to obtain a cloud key from a network device, wherein the cloud key is associated with the first device, derive a key encryption key using the cloud key, decrypt a local storage key using the key encryption key, decrypt a local storage using the local storage key to obtain a content encryption key, obtain a new password via user input, re-encrypt the content encryption key, and transmit it to the network device, derive a new authentication token using the new password, and transmit the new authentication token to the network device.

Abstract: A disclosed example includes downloading a local proxy responsive to a request by a browser; obtaining and installing a configuration profile; activating an internal virtual private network service; establishing the local proxy through the internal virtual private network service; and running the local proxy.

Abstract: A system for accessing a trusted execution environment includes instructions to transmit, from a first trusted execution environment, a request for a biometric match claim, receive, in response to the request for a biometric match claim, biometric data from a biometric capture device, perform a match of the biometric data against biometric templates stored in the first trusted execution environment, and unseal a second trusted execution environment based on the match data.

Abstract: Methods and processes are disclosed for iOS based systems and mobile devices that permit a user to securely inject passwords and related information into environments that are traditionally impossible to control, along with preserving the security of confidential information against third party attacks be they intrusive or already embedded. The methods and processes utilize a locally installed proxy securely communicating with a remote server that permit injecting a secret into the code on devices that otherwise would not have the option of doing so. In at least one embodiment this is done by using network hooks and controlling the data flow between the injected component, a proxy and an application. It is contemplated that the user can control which credentials are used, without revealing them and minimizing attacker discovery.

Abstract: A system for accessing a trusted execution environment includes instructions to transmit, from a first trusted execution environment, a request for a biometric match claim, receive, in response to the request for a biometric match claim, biometric data from a biometric capture device, perform a match of the biometric data against biometric templates stored in the first trusted execution environment, and unseal a second trusted execution environment based on the match data.

Abstract: A disclosed example to batch replace credentials for multiple websites includes accessing mappings between first encrypted credentials and corresponding ones of the websites; decrypting the first encrypted credentials using a master key to generate a plurality of first decrypted credentials; providing ones of the first decrypted credentials and corresponding ones of second decrypted credentials to corresponding ones of the websites to batch replace the first decrypted credentials with the corresponding ones of the second decrypted credentials at the corresponding ones of the websites; generating second encrypted credentials by encrypting the second decrypted credentials using the master key; and storing the second encrypted credentials in a database.

Abstract: A technique for hardening the entry of user credentials in web sites is described. A headless web browser authenticates the user to a target web site with credentials previously stored in a secure database, and generates a session cookie. The headless browser provides the session cookie to the user's web browser, allowing the user to continue the session established by the headless browser.

Abstract: A passwordless reset technique includes actions to receive a request for a password reset, wherein the request password reset is initiated at a first device, determine that the first device is a trusted device, authenticate the user in order to obtain a cloud key from a network device, wherein the cloud key is associated with the first device, derive a key encryption key using the cloud key, decrypt a local storage key using the key encryption key, decrypt a local storage using the local storage key to obtain a content encryption key, obtain a new password via user input, re-encrypt the content encryption key, and transmit it to the network device, derive a new authentication token using the new password, and transmit the new authentication token to the network device.

Abstract: A technique for hardening the entry of user credentials in web sites is described. A headless web browser authenticates the user to a target web site with credentials previously stored in a secure database, and generates a session cookie. The headless browser provides the session cookie to the user's web browser, allowing the user to continue the session established by the headless browser.