DETAILED ACTION
This office action is in response to the application filed on 10/29/2019.  Claim(s) 1-20 is/are pending and are examined.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 
Priority/Benefit
Applicant’s benefit claim is hereby acknowledged of the provisional application 62/753,812 filed on 10/31/2018, which papers have been placed of record in the file.

Examiner’s Note – Allowable Subject Matter
Claims 3, 6, 11, and 13-17 overcome the prior art and would otherwise be allowable if incorporated into the base claim along with any intermediate claims as well as to overcome the non-statutory double patenting rejection below.  

Examiner’s Note – Patentably Distinct Subject Matter
Applications 16/667,486, 16/776,877, and 16/777,005 contain similar, yet patentably distinct subject matter.

Information Disclosure Statement PTO-1449
The Information Disclosure Statement(s) submitted by applicant on 2/14/2020 and 2/14/2020 has/have been considered. The submission is in compliance with the  
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees.  A nonstatutory double patenting rejection is appropriate where the claims at issue are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s).  See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).  
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the reference application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).  
The USPTO internet Web site contains terminal disclaimer forms which may be used.  Please visit http://www.uspto.gov/forms/.  The filing date of the application will determine what form should be used.  A web-based eTerminal Disclaimer may be filled 
http://www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.  

Claim(s) 1-20 is/are rejected on the grounds of nonstatutory double patenting as being unpatentable over claims 1-20 of Application 16/667447.  Although the claims at issue are not identical in form, they are not patentably distinct from each other.  The instant independent claims and independent claims of Application 16/667447 are substantially similar.  However, the independent claims of Application 16/667447 do not, but in related art, Agarwal (US 2019/0289017 A1) ¶ 40 discloses implementation of a service as a distributed application using micro-service architecture with a plurality of servers behind load balancers.
	Before applicant’s earliest effective filing it would have been obvious to one of ordinary skill in the art, having the teachings of Application 16/667447 and Agarwal, and to modify the compromised password detection and mitigation system of Application 16/667447 to include the implementation of a service to perform the process to store and detect compromised credential information as a distributed application as taught in Agarwal.  The motivation to do so constitutes applying a known technique (i.e., implementation of a service to perform the process to store and detect compromised credential information as a distributed application) to known devices and/or methods (i.e., compromised password detection and mitigation system) ready for improvement to yield predictable results.   


Claim(s) 1-20 is/are rejected on the grounds of nonstatutory double patenting as being unpatentable over claims 1-20 of Application 16/667447.  Although the claims at issue are not identical in form, they are not patentably distinct from each other.  The instant independent claims and independent claims of Application 16/667447 are substantially similar.  However, the independent claims of Application 16/667447 do not, but in related art, Agarwal (US 2019/0289017 A1) ¶ 40 discloses implementation of a service as a distributed application using micro-service architecture with a plurality of servers behind load balancers.
	Before applicant’s earliest effective filing it would have been obvious to one of ordinary skill in the art, having the teachings of Application 16/667447 and Agarwal, and to modify the compromised password detection and mitigation system of Application 16/667447 to include the implementation of a service to perform the process to store and detect compromised credential information as a distributed application as taught in Agarwal.  The motivation to do so constitutes applying a known technique (i.e., implementation of a service to perform the process to store and detect compromised credential information as a distributed application) to known devices and/or methods (i.e., compromised password detection and mitigation system) ready for improvement to yield predictable results.   
	Dependent claims have similar substantial corresponding overlap and the analysis above applies to them as well.

Claim(s) 1-20 is/are rejected on the grounds of nonstatutory double patenting as being unpatentable over claims 1-20 of Application 16/667,522.  Although the claims at issue are not identical in form, they are not patentably distinct from each other.  The instant independent claims and independent claims of Application 16/667,522 are substantially similar.  However, the independent claims of Application 16/667,522 do not, but in related art, Grady et al. (US 2018/0007087 A1), Fig. 1, ¶ 23, as well as ¶ 21 and ¶ 30, authentication server 130 is a domain controller in a private network.
	Before applicant’s earliest effective filing it would have been obvious to one of ordinary skill in the art, having the teachings of Application 16/667,522 and Grady, and to modify the compromised password detection and mitigation system of Application 16/667,522 to include the implementation of a domain controller in a private network to perform authentication as taught in Grady.  The motivation to do so constitutes applying a known technique (i.e., the implementation of a domain controller in a private network to perform authentication) to known devices and/or methods (i.e., compromised password detection and mitigation system) ready for improvement to yield predictable results.   
	Dependent claims have similar substantial corresponding overlap and the analysis above applies to them as well.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

Claim(s) 1-2, 4-5, 7-10, 10, 12, and 18-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Grady et al. (US 2018/0007087 A1), in view of Wang (US 2018/0173891 A1), in view of Agarwal (US 2019/0289017 A1). 
Regarding claims 1 and 20, Grady teaches:
“A tangible, non-transitory, machine-readable medium storing instructions that when executed by one or more processors effectuate operations (Grady, ¶ 64 teaches implementing computer instructions on a non-transitory computer readable medium ) comprising: 	obtaining, with one or more processors (Grady, ¶ 61, processor for implementing method steps), with a domain controller of a private computer network (Grady, Fig. 1, ¶ 23, as well as ¶ 21 and ¶ 30, authentication server 130 is a domain controller in a private network), a set of user-authentication credentials comprising a first username (Grady, ¶ 49-50, authentication request is sent to the authentication server with a username and an encrypted portion); 	determining, with one or more processors (Grady, ¶ 61, processor for implementing method steps), that at least some of the one or more passwords in the query results match the obtained first password (Grady, ¶ 51-53, the compromised passwords are tested to see if they are able to decrypt the encrypted portion of the password and finding that in fact one of them does decrypt the encrypted portion of the password); 	in response to the determination, blocking, with one or more processors (Grady, ¶ 61, processor for implementing method steps), with the domain controller, access to a first user account on the private computer network associated with the obtained first username and first password (Grady, ¶ 20 Ln. 16-19 when SDC determines that an account is comprised, it alerts the authentication server to perform remediation actions.  Grady ¶ 54-55, remediation actions include locking the account upon determining that the password used in the authentication attempt was compromised); and 	in response to the determination, causing, with one or more processors (Grady, ¶ 61, processor for implementing method steps), a first user associated with the first user account to be notified to reset the obtained first password (Grady, ¶ 53-54, as a result of determining the account password is compromised, the user is notified to reset the password to the compromised account)”.
	Grady does not, but in related art, Wang teaches:
	“obtaining a first password (Wang, ¶ 25, discloses receiving a username and password),
	querying, with one or more processors, a credential-monitoring application with a query requesting compromised credentials corresponding to the first username (Wang, ¶ 42-47 discloses querying the database of the credential validation service according to the username to determine if a match exists within the records); 	receiving, with one or more processors, query results including one or more passwords associated with the first username (Wang, ¶ 42-47 discloses query results indicating a match with the username and returning the username and password from the compromised database)”.
	Before applicant’s earliest effective filing it would have been obvious to one of ordinary skill in the art, having the teachings of Grady and Wang, to modify the compromised password detection and mitigation system of Grady to include the process constitutes applying a known technique (i.e., process to query a database in application designed to detect compromised credentials) to known devices and/or methods (i.e., compromised password detection and mitigation system) ready for improvement to yield predictable results. 
	 Grady in view of Wang does not, but in related art, Agarwal teaches:
	“distributed application (Agarwal, ¶ 40 discloses implementation of a service as a distributed application using micro-service architecture with a plurality of servers  behind load balancers)”.
	Before applicant’s earliest effective filing it would have been obvious to one of ordinary skill in the art, having the teachings of Grady, Agarwal, and Wang, to modify the compromised password detection and mitigation system of Grady and Wang to include the implementation of a service to perform the process to store and detect compromised credential information as a distributed application as taught in Agarwal.  The motivation to do so constitutes applying a known technique (i.e., implementation of a service to perform the process to store and detect compromised credential information as a distributed application) to known devices and/or methods (i.e., compromised password detection and mitigation system) ready for improvement to yield predictable results.   Further, the motivation constitutes ensuring the sufficient resources exist when multiple users of the system heavily load the service with queries, thus ensuring adequate capacity.

Regarding claim 2, Grady in view of Wang in view of Agarwal teaches:
The medium of claim 1 (Grady in view of Wang in view of Agarwal teaches the limitations of the parent claim as discussed above), wherein: 	the distributed credential-monitoring application is queried in response to a user attempting to log in using the first username (Grady, ¶ 49-50, authentication request is sent to the authentication server with a username and an encrypted portion); and 	the received one or more passwords is a plaintext password (Wang, ¶ 25, discloses receiving a username and password)”.

Regarding claim 4, Grady in view of Wang in view of Agarwal teaches:
“The medium of claim 1 (Grady in view of Wang in view of Agarwal teaches the limitations of the parent claim as discussed above), wherein: 	the query results include one or more passwords associated with different usernames determined to correspond to the obtained first username (Wang, ¶ 27-28, computing system 102 can query database 106 and find multiple compromised records that match a pattern of the modified username)”.

Regarding claim 5, Grady in view of Wang in view of Agarwal teaches:
“The medium of claim 1 (Grady in view of Wang in view of Agarwal teaches the limitations of the parent claim as discussed above), wherein: 	the operations comprise determining that the first user account associated with the first username is an active user account (Grady, ¶ 54, discloses logging off an active user logged in with credentials that have just been discovered to be compromised); and 		determining that the at least some of the one or more passwords match the first password associated with the first username is performed in response to determining that the first user account associated with the first username is the active user account (Grady, ¶ 54, discloses logging off an active user logged in with credentials that have just been discovered to be compromised)”.

Regarding claim 7, Grady in view of Wang in view of Agarwal teaches:
“The medium of claim 1 (Grady in view of Wang in view of Agarwal teaches the limitations of the parent claim as discussed above), wherein notifying the user associated with the first user account to reset the first password comprises: 	notifying the first user via an account associated with another user identifier associated with the first user that is different from the obtained first username (Grady, ¶ 54, when a user account is compromised an administrator of the user can be notified of the breach)”.

Regarding claim 8, Grady in view of Wang in view of Agarwal teaches:
“The medium of claim 1 (Grady in view of Wang in view of Agarwal teaches the limitations of the parent claim as discussed above), wherein notifying the first user associated with the first user account to reset the first password comprises: 	notifying the first user associated with the first user account that the first user account has been blocked and to reset the first password when the first user attempts to login using the first username and the first password (Grady, ¶ 54 discloses blocking the breached user account and notifying the user to reset the user account credentials)”.

Regarding claim 9, Grady in view of Wang in view of Agarwal teaches:
The medium of claim 1 (Grady in view of Wang in view of Agarwal teaches the limitations of the parent claim as discussed above), wherein the operations comprise: 	determining, before the query, that one or more of the received one or more passwords is a non-plaintext password (Grady, ¶ 49-50, authentication request is sent to the authentication server with a username and an encrypted portion); and cracking the non-plaintext password (Grady, ¶ 51-53, the compromised passwords are tested to see if they are able to decrypt the encrypted portion of the password and finding that in fact one of them does decrypt the encrypted portion of the password)”.

Regarding claim 10, Grady in view of Wang in view of Agarwal teaches:
“The medium of claim 1 (Grady in view of Wang in view of Agarwal teaches the limitations of the parent claim as discussed above), wherein the operations comprise: 	determining that the first user account is being accessed after determining that the one or more passwords match the obtained first password associated with the first username (Grady, ¶ 54, discloses logging off an active user logged in with credentials that have just been discovered to be compromised); and 	in response to determining that the first user account is being accessed, causing the first user account to be logged off (Grady, ¶ 54, discloses logging off an active user logged in with credentials that have just been discovered to be compromised)”.

Regarding claim 12, Grady in view of Wang in view of Agarwal teaches:
“The medium of claim 1 (Grady in view of Wang in view of Agarwal teaches the limitations of the parent claim as discussed above), wherein the operations comprise: 	obtaining a second username and a second password associated with a second user; and determining that the second username or the second password do not appear in a set of compromised credentials (Grady, Fig. ¶ 50-55, when requests are received, a user name that does not match a list of compromised account credentials is determined to be secure)”.

Regarding claim 18, Grady in view of Wang in view of Agarwal teaches:
“The medium of claim 1 (Grady in view of Wang in view of Agarwal teaches the limitations of the parent claim as discussed above), wherein: 	the match is based on a cryptographic hash collision (Wang, ¶ 27-28 disclose matching hash values for the password and the compromised password)”.

Regarding claim 19, Grady in view of Wang in view of Agarwal teaches:
“The medium of claim 1 (Grady in view of Wang in view of Agarwal teaches the limitations of the parent claim as discussed above), wherein the operations comprise: 	steps for preventing account access by a malicious actor (Grady, ¶ 54-55 disclose locking out the account); and 	steps for expediting determining a union of two sets (Grady, ¶ 61, discloses a microprocessor for implementing method steps)”.

Conclusion
	In the case of amending the claimed invention, Applicant is respectfully requested to indicate the portion(s) of the specification which dictate(s) the structure relied on for proper interpretation and also to verify and ascertain the metes and bounds of the claimed invention.
: See PTO-892.	Any inquiry concerning this communication or earlier communications from the examiner should be directed to STEPHEN GUNDRY whose telephone number is (571)270-0507 and can normally be reached on Monday - Friday 8:30 AM - 5PM EST.
	If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joseph Hirl can be reached on (571) 272-3685.  The fax phone number for the organization where this application or proceeding is assigned is (571) 273-8300.
	Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at (866) 217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call (800) 786-9199 (IN USA OR CANADA) or (571) 272-1000.
/STEPHEN T GUNDRY/Examiner, Art Unit 2435