DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

EXAMINER’S AMENDMENT

Authorization for the Examiner’s Amendment was given in an interview with the
Applicant’s representative, Roy D. Gross (Reg. No. 63,524) on August 17, 2021.
Claims 1-2, 5, 7-9, 11, 14-16, 18, 22, 27-29, and 33 have been amended by the Applicant.
The following Examiner’s amendment is listed below:

Claims 
1. (Currently Amended) A consistent password-entry method for assisting insertion of a textual password identification, by a user, into an input device, the method comprising the steps of:
In a preliminary password configuration stage:
a) activating a password-entry system;
a set of common keyboard character entries;
c) by said password-entry system, presenting the user with one or more lists, each list having a plurality of candidate secret-keywords, or a conceptual question, where in respective secret-keywords are determined in real time by said password-entry system;
d) selecting, by the user, N secret-keywords from said presented candidate secret-keywords or questions, wherein said secret-keywords is determined in real time is performed using a remote IOT (Internet-Of-Things) sub-system that is interfaced to the password-entry system by an IOT module;
e) segmenting a password space into N vacant-password-placeholders, by said password-entry system;
f) orderly associating each of said vacant-password-placeholders with a respective secret-keyword from said N selected secret-keywords, forming an ordered list of secret-keywords; and
g) saving a pair
at a runtime stage, at a runtime-environment, upon an authentication request from an authenticator: 
a) activating said password-entry system, by either the user or automatically;
b) by said password-entry system,
           i. retrieving said received textual password; and
           ii. retrieving said ordered list of associated pairs of said vacant-password-
placeholder and respective secret-keyword from said memory storage location;

password-entry system;
d) orderly populating, by said password-entry system, each of said vacant-password-
placeholder with a respective password-textual-segment, being associated with a

e) presenting the user with a group of K pictures, wherein of each of said K pictures
associated with at least one pre-selected candidate keyword by said password-entry
system, and wherein only Q pictures of said presented group of pictures represent
a 
wherein K>>Q, N=Q and Q>0;
f) selecting, by the user, a picture representing the 
g) verifying, by said password-entry system, that said selected picture is associated
with the 
h) entering into the input device, by said password-entry system, the password-textual-
segment associated with said identified 
i) repeat runtime steps (e) — (h) until the user or said password-entry system select to
return control to the runtime-environment,
wherein the input device contains the textual password identification retrieved by said password-entry method, in response to the authentication request.

2. (Currently Amended) The consistent password-entry method as in claim 1, wherein said
password-entry system is activated by the user or by a secured runtime-environment
provider.

5. (Currently Amended) The consistent password-entry method as in claim 1, wherein 
parameters selected from a group of parameters consisting of N, K Q and others are
configurable.
7. (Currently Amended) The consistent password-entry method as in claim 1, wherein said
secret-keywords are selected from a group of conceptual words, including objects,
states of an object, creatures, events, verbs, locations, monuments, adjectives,
adverbs, time, characters, symbols, graphics and combinations thereof.

8. (Currently Amended) The consistent password-entry method as in claim 1, wherein said
verifying that the selected picture represents the 
said selected pictures comprises the steps of:
a) determining, by said password-entry system, from said selected picture, if the
selected picture is associated with the 
b) upon determining that the selected picture is not associated with the currently
sought secret-keyword, entering incorrect symbols into the input device, by said
password-entry system, and returning to runtime step
with the group of K pictures.

9. (Currently Amended) The consistent password-entry method as in claim 1, wherein said
(b,ii) retrieving said pairs of said vacant-password-placeholder and 
passwords secret-keyword from said memory storage location; said (c) segmenting
the textual password into N password-textual-segments; and said (d) orderly

textual-segment and thereby, with the 
preliminary password configuration stage.

11. (Currently Amended) The consistent password-entry method as in claim 1, wherein a
password-textual-segment length ranges from NULL to S symbol characters, wherein
S<M.	

14. (Currently Amended) The consistent password-entry method as in claim 1, wherein said
selecting of at least one of said selected secret-keywords comprises selecting a
conceptual secret-question, wherein the an response to said selected conceptual
secret-question is associated with said selected secret-keyword.

15. (Currently Amended) The consistent password-entry method as in claim 14, wherein said
secret question has been indirectly associated with said selected picture
during said password configuration stage, being both associated with said selected
secret-keyword.

16. (Currently Amended) The consistent password-entry method as in claim 14, wherein a
response to each of said conceptual secret-questions is selected from the group of
concepts including: objects, states of an object, creatures, events, verbs, locations,
monuments, adjectives, adverbs, time, characters, symbols, graphics and
combinations thereof.

18. (Currently Amended) The consistent password-entry method as in claim 14, wherein a
picture and/or a secret-keyword are associated with a secret-question regardless of 
objects depicted in said particular picture.
22. (Currently Amended) The consistent password-entry method as in claim
1, wherein said determining a response in real time is performed using the IOT sub-
system of the password-entry system.

27. (Currently Amended) The consistent password-entry method as in claim 1, wherein 
received textual password is received in the runtime stage from 
environment.

28. (Currently Amended) The consistent password-entry method as in claim 27, wherein said
received textual password is hidden from the user.

29. (Currently Amended) The consistent password-entry method as in claim 1,
wherein said user is presented with K text-frames instead of K pictures, wherein each
of a group of with at least one pre-selected candidate keyword by said password-entry system, wherein the user selects a text-frame representing the >Q and Q>0.

33. (Currently Amended) The consistent password-entry method as in claim 1, wherein when
said password-entry system presents a group of pictures for the user to select said

refresh activation feature, wherein when the user activates said refresh activation
feature said password-entry system presents another group of pictures, wherein a
new
preferably different from previously presented picture that is associated with said


                                                     Reasons for Allowance

Claims 1-2, 4-19, and 22-36 are allowable.
The following is an Examiner’s statement of reasons for allowance:
            The present invention is directed to a system and method that discloses inserting a password into an input device. Commonly, multiple-use passwords consist of symbols, being
keyboard characters, chosen by a user in a particular sequence. Commonly, the user is
required to remember the sequence of keyboard characters. The method prevents hostile
people and/or processes from overlooking the password entry process, i.e. reading the
keyboard keys being typed during the password entry process. The method can further
provide an alternative for a keyboard device or for any other means for entering text.
The present invention is directed to a method for assisting users to securely insert a multiple-use (repeatable) password, wherein, in a configuration stage, the textual password, consisting a particular sequence of M symbols, is segmented into multiple segments either by the user or by an algorithm. The method facilitates employment of a number of layers of encryptions on top of the existing repeatable textual password, including a password-segments layer, a secret-questions layer, a secret-keywords layer, wherein the answer to each secret-question is associated with a secret-keyword, which in turn is associated with a respective password segment. The method further facilitates employing a pictures layer, wherein each picture may be associated with multiple keywords.

“segmenting a password space into N vacant-password-placeholders, by said password-entry system; orderly associating each of said vacant-password-placeholders with a respective secret-keyword from said N selected secret-keywords, forming an ordered list of secret-keywords; and saving a pair of said vacant-password-placeholder and respective secret-keyword in an addressable memory storage location accessible to said password-entry system,
at a runtime stage, at a runtime-environment, upon an authentication request from an authenticator: ii. retrieving said ordered list of associated pairs of said vacant-password-
placeholder and respective secret-keyword from said memory storage location;
c) segmenting the textual password into N password-textual-segments, by said
password-entry system; d) orderly populating, by said password-entry system, each of said vacant-password- placeholder with a respective password-textual-segment, being associated with a
secret-keyword”.
	The Non-patent literature of Luigi et al. (Title: Towards the Design of a Film-Based Graphical Password Scheme) teaches password-based authentication schemes and their graphical evolutions have been deeply analyzed in the last couple of decades. Typically such schemes are not resilient to shoulder surfing attacks, that is, if the adversary can observe (and “understand”) a number of authentication sessions, he can identify the secret password.  FilmPW is a graphical authentication system where the system challenges the user by showing her a short film containing a number of pre-defined pass-events and the user has reply by proving she recognized such events. FilmPW, discusses some issues related to event classification and present a prototye implementation. Our preliminary experiments show that such an authentication mechanism is highly accepted by users and achieves low error rates.  The Non-patent literature of Luigi does not teach or suggest, “segmenting a password space into N vacant-password-placeholders, by said password-entry system; orderly associating each of said vacant-password-placeholders with a respective secret-keyword from said N selected secret-keywords, forming an ordered list of secret-keywords; and saving a pair of said vacant-password-placeholder and respective secret-keyword in an addressable memory storage location accessible to said password-entry system, at a runtime stage, at a runtime-environment, upon an authentication request from an authenticator: ii. retrieving said ordered list of associated pairs of said vacant-password-placeholder and respective secret-keyword from said memory storage location;c) segmenting the textual password into N password-textual-segments, by said password-entry system; d) orderly populating, by said password-entry system, each of said vacant-password-placeholder with a respective password-textual-segment, being associated with asecret-keyword”.

     Therefore the claims are allowable over the cited prior art.

     Any comments considered necessary by applicant must be submitted no later than the
payment of the issue fee and, to avoid processing delays, should preferably accompany the
issue fee. Such submissions should be clearly labeled "Comments on Statement of Reasons for
Allowance."


Conclusion

Any inquiry concerning this communication or earlier communications from the examiner should be directed to JENISE E JACKSON whose telephone number is (571)272-3791.  The examiner can normally be reached on M-F 8:00am-4:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu T Pham can be reached on (571)270-5002.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications 





8/17/2021
/J.E.J/Examiner, Art Unit 2439



/LUU T PHAM/Supervisory Patent Examiner, Art Unit 2439