Apple Patents Power Charger Password Recovery - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


Apple Patents Power Charger Password Recovery

Microchip embedded in a power supply or other peripheral could help recover forgotten laptop or smartphone passwords.

Inside Apple's New Grand Central Super Store
Inside Apple's New Grand Central Super Store
(click image for larger view and for slideshow)
Have you forgotten the password you need to log onto your laptop or smartphone? In the future, your power charger may help bail you out.

That's according to a new patent, received by Apple last week, which proposes embedding password recovery secrets--or even encrypted passwords--in a microchip that's placed inside a power adapter, then paired with a specific smartphone or laptop.

Power adapters, however, aren't the only candidates for storing backup passwords. In its patent application, first filed on July 1, 2010 by Apple's VP of software technology, Guy Tribble, Apple said that passwords or recovery secrets could be stored on any "peripheral or companion device"--including a wireless router, backup drive, external monitor, or even flash drive--together with a fingerprint that ties the password to a specific device. Then, whenever the laptop or smartphone and the peripheral device were connected, an automatic handshake could automatically unlock any stored password or password recovery secret. Or if the devices hadn't yet been paired, the operating system might suggest that users store a backup password on the peripheral device.

[ Are Passphrases A Viable Alternative To Passwords? ]

According to Apple, the benefits of this password-backup approach would be two-fold. First, people would have an easy way to log into their device in the event that they forget a password. Second, people would be more likely to use unique passwords--which are much tougher for attackers to crack--if they knew that those passwords could be easily recovered if forgotten. This, in turn, would help stop more opportunistic thieves--who steal devices from people when they're out and about--from recovering any information off of a stolen device.

Notably, any stored password--or password hint--would be encrypted using a large, unique number to make recovering it via a brute-force attack difficult. The same password, or completely different passwords, could also be distributed to different peripherals. Then, if a user needed to recover a given password, they could initiate a password-recovery process, at which point they would be prompted to plug in a specified peripheral which contained the required password. Alternately, users could store only password hints and plug in the correct peripheral to retrieve those.

Apple said the impetus for its new password-recovery approach was to protect mobile devices. "Although it can be difficult to provide both convenient password recovery and security in all use scenarios, one increasingly important scenario involves protecting a portable computing device when a user carries the device separately from a commonly associated peripheral device," according to Apple's patent filing.

In other words, Apple's security approach has a caveat: it's predicated on users not carrying a paired power adapter--or other peripheral with password-recovery information--with the device. Of course, given the pesky battery life (or lack thereof) that many types of mobile devices sport, in fact users will often be carrying power adapters with them. Accordingly, what happens if attackers manage to steal both a laptop or smartphone, as well as a power adapter containing password data for the device? To help mitigate those types of scenarios, Apple's patent also proposes using a server to add a third layer of security.

Database access controls keep information out of the wrong hands. Limit who sees what to stop leaks--accidental and otherwise. Also in the new, all-digital Dark Reading supplement: Why user provisioning isn't as simple as it sounds. Download the supplement now. (Free registration required.)

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Apprentice
1/13/2012 | 5:56:20 PM
re: Apple Patents Power Charger Password Recovery
Apple is filing so many patents from last year as a recent patent, excluding the one above, to use the 3D GUI tech in iDevices has also been filed (etechmagdotcom). But I'm unable to understand why companies sue Apple and why Apple is involved in many patents suits with half a dozen companies all over the globe...
COVID-19: Using Data to Map Infections, Hospital Beds, and More
Jessica Davis, Senior Editor, Enterprise Apps,  3/25/2020
Enterprise Guide to Robotic Process Automation
Cathleen Gagne, Managing Editor, InformationWeek,  3/23/2020
How Startup Innovation Can Help Enterprises Face COVID-19
Joao-Pierre S. Ruth, Senior Writer,  3/24/2020
White Papers
Register for InformationWeek Newsletters
State of the Cloud
State of the Cloud
Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
Current Issue
IT Careers: Tech Drives Constant Change
Advances in information technology and management concepts mean that IT professionals must update their skill sets, even their career goals on an almost yearly basis. In this IT Trend Report, experts share advice on how IT pros can keep up with this every-changing job market. Read it today!
Flash Poll