DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .  This Office Action is responsive to the communications filed on 25 February 2022.  Claim 1-33 are pending.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1-6, 9 and 11-13 are rejected under 35 U.S.C. 103 as being unpatentable over Hitchcock et al. (Hereinafter, Hitchcock, US 2013/0198823 A1) in view of Kunda et al. (Kunda, US 2020/0244659A1).
Per claim 1, Hitchcock discloses a computer system (e.g., Client 103 as shown in Fig. 9; paragraph [0015]), comprising: 
one or more processors (e.g., processor(s) 903 as shown in Fig. 9), wherein the computer system is in communication with a display generation component (e.g., browser 121 as shown in Fig. 9) and one or more input devices (e.g., local interface 909 as shown in Fig. 9; paragraph [0133]); and 
memory (e.g., memory 906 as shown in Fig. 9; paragraph [0134]) storing one or more programs configured to be executed by the one or more processors(paragraph [0136]), the one or more programs including instructions for: 
displaying, via the display generation component, a user interface (e.g., network page 145 as shown in Fig. 2A; paragraph [0084], “Turning now to FIG. 2A, shown is an example of a network page 145 (FIG. 1) rendered by a browser 121 (FIG. 1) executed in a client 103 (FIG. 1) in the networked environment 100 (FIG. 1) according to various embodiments of the present disclosure.  In this example, the user may have entered, or may have been automatically redirected to, the URL "https://www.e-retailer.site/," which is displayed in the address bar 203 of the browser 121…”) that includes information associated with a service provided by a first entity (paragraph [0084], “… The network page 145 provided by the network site 140 (FIG. 1) in response to the URL includes an authentication form having a username field 206, a password field 209, and a submit button 212.   “); 
while displaying the user interface that includes information associated with the service provided by the first entity, receiving, via the one or more input devices, a first user input (e.g., box 303 as shown in Fig. 3; paragraph [0085],” …In FIG. 2A, the authentication management client 124 (FIG. 1) has verified the identity of the network site 140 and is presenting an authentication system selection 218.  The authentication system selection 218 indicates that the user has installed the authentication management client 124 and that account information associated with the network site 140 is available.  In particular, the authentication system selection 218 allows for selection of account data from among multiple authentication services 137 (FIG. 1).  It may be assumed in FIG. 2A that the user has previously authenticated with the authentication management client 124 or that an opportunity to authenticate will be presented if a supported authentication service 137 is selected ...   “; paragraph [0086]; paragraph [0091],” Beginning with box 303, the authentication management client 124 authenticates a user to an authentication management service 163 (FIG. 1).  For example, a user may log in to an operating system session which is tied to a session of the authentication management client 124.  Alternatively, the user may log in to the authentication management client 124 directly.  “; Examiner’s Note: User has installs the authentication management client 124 and associates account information with a network site 140.  ); 
in response to receiving the first user input (e.g., box 303), and in accordance with a determination that a set of criteria is satisfied (paragraph [0085], The browser 121 includes a security indication 215 that indicates that the network site 140 has presented a trusted certificate and the communication between the client 103 and the computing device 106 (FIG. 1) is being encrypted. In FIG. 2A, the authentication management client 124 (FIG. 1) has verified the identity of the network site 140 and is presenting an authentication system selection 218 … “), wherein the set of criteria includes a first criterion that is met when login requests for an access account of the service are configured to be authenticated by the first entity displaying(e.g., box 315 as shown in Fig. 3; paragraph [0019], “ The client account data 130 may also include a set of information about the user that may be employed by the authentication management client 124 in automatically creating or upgrading an account.  Such information may include, for example, first name, last name, middle initial or middle name, email address, phone number, physical address, date of birth, and/or other information ...  “), via the display generation component, a first selectable user interface object corresponding to an upgrade option (e.g., authentication system selection 218 as shown in Fig. 2A), wherein the upgrade option is associated with the access account (paragraph [0019], “ … In one embodiment, information deemed less sensitive may be shared by default to create or upgrade accounts.  If user information is requested for account creation or upgrade but is not stored in the client account data 130, a form may be rendered for the user to provide the missing information.  In one embodiment, a "base" set of information may be defined by a standard.  “; paragraph [0104]); 
while displaying the first selectable user interface object, receiving, via the one or more input devices, a second user input (paragraph [0085], “…. In particular, the authentication system selection 218 allows for selection of account data from among multiple authentication services 137 (FIG. 1).  It may be assumed in FIG. 2A that the user has previously authenticated with the authentication management client 124 or that an opportunity to authenticate will be presented if a supported authentication service 137 is selected.  If account data did not exist, the authentication system selection 218 may allow for account creation with a selected authentication service 137. “); and 
in response to receiving the second user input: in accordance with a determination that the second user input corresponds to the first selectable user interface object, initiating a process to enable the upgrade option (paragraph [0 086] paragraph [0068]; paragraph [0072]; Examiner’s Note: The authentication management client 124 (i.e., a second entity) enters a user’s credentials instead of the user.), but does not expressly disclose
wherein enabling the upgrade option causes login requests corresponding to requests to log in to the service using the access account to be authenticated by a second entity  different from the first entity without authentication by the first entity of username and password information associated with the access account.
Kunda discloses wherein enabling the upgrade option (e.g., Step 502 as shown in Fig. 5) causes login requests corresponding to requests to log in to the service(e.g., one or more hosts 112 as shown in Fig. 1 )  using the access account to be authenticated by a second entity  (e.g., Server System 110 as shown in Fig. 1 ) different from the first entity (e.g., Client Device 102 as shown in Fig. 1) without authentication by the first entity of username and password information associated with the access account (e.g.,  Step 512 as shown in Fig. 5; Abstract; paragraph [0013]; paragraph [0035], “  … Further note that in some embodiments, the client application 104 may be authenticated to the various hosts 112 on the basis of one or more items of authentication information without reliance on other authentication credentials (e.g., username and password) and, in such embodiments, authentication credentials are not sent to the server system 110. “; paragraph [0051], “At 512, in the illustrated embodiment, the authentication application outputs the item of authentication information, where the item of authentication information is usable by the client application to authenticate to at least one of the one or more hosts in server system 110. For example, the client application 104 may send the item of authentication information (either with or without other authentication credentials, such as a username and password) to the server system 110 for authentication. “; Examiner’s Note: Authentication credentials (e.g., username and password) are maintained by a second entity, i.e., Server system 110, in order to allow a first entity, i.e., client 102 to log in to a service, i.e., host 112) ).
It would have been obvious for a person of ordinary skill in the art before the elective fling date of the claimed invention to use the authentication device of Kunda with the security credentials management device of Hitchcock for the purpose generating authentication information independent of user input and limiting unauthorized  access to computing services as suggested by Kunda (See Abstract; paragraph [0009]).
Per claims 2, 14, and 24, Hitchcock and Kunda disclose the computer system of claim 1, the non-transitory computer-readable storage medium of claim 12, and method of claim 13 wherein,
119816506Application No.: 17/104,750Docket No.: P50525US1/77770000571101 prior to enabling the upgrade option, login requests corresponding to requests to log in to the service using the access account are authenticated by the first entity based on a username and a password provided to the first entity (Hitchcock, e.g., Box324 as shown in Fig. 3; paragraph [0002]; paragraph [0084]; paragraph [0089], “ …Alternatively, the user may log on to the network site 140 with a legacy username and password using the username field 206 and the password field 209.”; paragraph [0096], “  If an existing account is not identified, the authentication management client 124 moves from box 315 to box 321 and determines whether the user has a legacy account, i.e., an existing account not available in the client account data 130.  To this end, the authentication management client 124 may render a user interface that is configured to prompt the user to enter legacy account information and security credentials, if the user has a legacy account.  If the user has a legacy account, in box 324, the authentication management client 124 obtains the legacy account information from the user. “; Examiner’s Note: A user may have a legacy account that is not managed by the authentication management client 124.  The user, i.e., the first entity is required to enter the login information to access an account.  Authentication management client 124 displays a prompt enabling upgrade option.), and
after enabling the upgrade option (Hitchcock, paragraph [0012], “ … Accounts may be upgraded as necessary by providing additional information to access certain secured resource ... “; paragraph [0019],” The client account data 130 may also include a set of information about the user that may be employed by the authentication management client 124 in automatically creating or upgrading an account ...”; paragraph [0102]; Examiner’s Note: Authentication management client 124 uses stored information such as  first name, last name, middle initial or middle name, email address, phone number, physical address, date of birth, and/or other information to enable upgrade option.), login requests corresponding to requests to log in to the service using the access account comprises authentication by the second entity performed at the computer system without authentication by the first entity of username and password information associated with the access account (Kunda, e.g.,  Step 512 as shown in Fig. 5; Abstract; paragraph [0013]; paragraph [0035], “  … Further note that in some embodiments, the client application 104 may be authenticated to the various hosts 112 on the basis of one or more items of authentication information without reliance on other authentication credentials (e.g., username and password) and, in such embodiments, authentication credentials are not sent to the server system 110. “; paragraph [0051], “At 512, in the illustrated embodiment, the authentication application outputs the item of authentication information, where the item of authentication information is usable by the client application to authenticate to at least one of the one or more hosts in server system 110. For example, the client application 104 may send the item of authentication information (either with or without other authentication credentials, such as a username and password) to the server system 110 for authentication. “; Examiner’s Note: Kunda discloses proving the authentication credentials (e.g., username and password) to a second entity, i.e., Server system 110, ).  
Per claims 3, 15, and 25, Hitchcock and Kunda disclose the computer system of claim 1, the non-transitory computer-readable storage medium of claim 12, and method of claim 13, wherein the set of criteria includes a second criterion that is met when a password corresponding to the access account does not satisfy one or more security criteria (Hitchcock, paragraph [0010], “….For example, a user may set a relatively weak password, such as a word from a dictionary or a password that is otherwise easy to guess.  A user may also set the same password for multiple accounts across multiple network sites and with different security requirements.  Thus, if one account is compromised, all other accounts using the same password are also vulnerable. “; Examiner’s Note: The password corresponding to the access account is weak or used by multiple sites.)
Per claims 4, 16, and 26, Hitchcock and Kunda disclose the computer system of claim 1, the non-transitory computer-readable storage medium of claim 12, and method of claim 13, wherein the set of criteria includes a third criterion that is met when a password corresponding to the access account is stored on the computer system (Hitchcock, paragraphs [0018-0019]). Examiner’s Note: Hitchcock teaches a database storing user passwords to a site. 
Per claims 5, 17, and 27, Hitchcock and Kunda disclose the computer system of claim 1, the non-transitory computer-readable storage medium of claim 12, and method of claim 13, wherein: the user interface is a login user interface for logging in to the service provided by the first entity (Hitchcock, e.g., authentication form having a username field 206, a password field 209, and a submit button 212 as shown in Fig. 2A; paragraph [0084] ), and the first user input corresponds to a log in option and is indicative of a request to log in to the service provided by the first entity using the access account(e.g., authentication system selection 218 as shown in Fig. 2A; paragraph [0085]; Examiner’s Note: The user has the option of logging in by entering a username and password or selecting an authentication service.).  
Per claims 6, 18, and 28, Hitchcock and Kunda disclose the computer system of claim 1, the non-transitory computer-readable storage medium of claim 12, and method of claim 13, wherein: the user interface is a settings user interface corresponding to the service provided by the first entity that includes one or more selectable options pertaining to user preferences for the service provided by the first entity, and the first user input corresponds to a first selectable option in the settings user interface (Hitchcock, e.g., authentication system selection 218 as shown in Fig. 2A discloses wherein: the user interface is a settings user interface 218 corresponding to the service provided by the first entity that includes one or more selectable options pertaining to user preferences for the service provided by the first entity, and the first user input corresponds to a first selectable option in the settings user interface ; Examiner’s Note: The user has the option of logging in to  a first entity using stored  information.).  
Per claims 9, 21, and 31, Hitchcock and Kunda disclose the computer system of claim 1, the non-transitory computer-readable storage medium of claim 12, and method of claim 13, wherein initiating the process to enable e the upgrade option includes: displaying an information user interface that includes an option that, when selected, requests use of biometric information by the second entity to authenticate the access account to log in to the service (paragraph [0038]; paragraph [0040]).  
Per claims 11, 23, and 33, Hitchcock and Kunda disclose the computer system of claim 1, the non-transitory computer-readable storage medium of claim 12, and method of claim 13, wherein enabling the upgrade option comprises maintaining one or more additional settings associated with the access account (Hitchcock, paragraph [0019]; Examiner’s Note: Authentication management client 124 stores user information to enable automatically creating or upgrading an account. ).
Per claim 12, Hitchcock discloses a non-transitory computer-readable storage medium (e.g., memory 906 as shown in Fig. 9; paragraphs [0133-0134]) storing one or more programs configured to be executed by one or more processors of a computer system that is in communication with a display generation component and one or more input devices, the one or more programs including instructions for: 
displaying, via the display generation component, a user interface (e.g., network page 145 as shown in Fig. 2A; paragraph [0084], “Turning now to FIG. 2A, shown is an example of a network page 145 (FIG. 1) rendered by a browser 121 (FIG. 1) executed in a client 103 (FIG. 1) in the networked environment 100 (FIG. 1) according to various embodiments of the present disclosure.  In this example, the user may have entered, or may have been automatically redirected to, the URL "https://www.e-retailer.site/," which is displayed in the address bar 203 of the browser 121…”) that includes information associated with a service provided by a first entity (paragraph [0084], “… The network page 145 provided by the network site 140 (FIG. 1) in response to the URL includes an authentication form having a username field 206, a password field 209, and a submit button 212.   “); 
while displaying the user interface that includes information associated with the service provided by the first entity, receiving, via the one or more input devices, a first user input (e.g., box 303 as shown in Fig. 3; paragraph [0085],” …In FIG. 2A, the authentication management client 124 (FIG. 1) has verified the identity of the network site 140 and is presenting an authentication system selection 218.  The authentication system selection 218 indicates that the user has installed the authentication management client 124 and that account information associated with the network site 140 is available.  In particular, the authentication system selection 218 allows for selection of account data from among multiple authentication services 137 (FIG. 1).  It may be assumed in FIG. 2A that the user has previously authenticated with the authentication management client 124 or that an opportunity to authenticate will be presented if a supported authentication service 137 is selected ...   “; paragraph [0086]; paragraph [0091],” Beginning with box 303, the authentication management client 124 authenticates a user to an authentication management service 163 (FIG. 1).  For example, a user may log in to an operating system session which is tied to a session of the authentication management client 124.  Alternatively, the user may log in to the authentication management client 124 directly.  “;   Examiner’s Note: User has installs the authentication management client 124 and associates account information with a network site 140.  ); 
in response to receiving the first user input (e.g., box 303), and in accordance with a determination that a set of criteria is satisfied (paragraph [0085], The browser 121 includes a security indication 215 that indicates that the network site 140 has presented a trusted certificate and the communication between the client 103 and the computing device 106 (FIG. 1) is being encrypted. In FIG. 2A, the authentication management client 124 (FIG. 1) has verified the identity of the network site 140 and is presenting an authentication system selection 218 … “), wherein the set of criteria includes a first criterion that is met when login requests for an access account of the service are configured to be authenticated by the first entity displaying(e.g., box 315 as shown in Fig. 3; paragraph [0019], “ The client account data 130 may also include a set of information about the user that may be employed by the authentication management client 124 in automatically creating or upgrading an account.  Such information may include, for example, first name, last name, middle initial or middle name, email address, phone number, physical address, date of birth, and/or other information ...  “), via the display generation component, a first selectable user interface object corresponding to an upgrade option (e.g., authentication system selection 218 as shown in Fig. 2A), wherein the upgrade option is associated with the access account (paragraph [0019], “ … In one embodiment, information deemed less sensitive may be shared by default to create or upgrade accounts.  If user information is requested for account creation or upgrade but is not stored in the client account data 130, a form may be rendered for the user to provide the missing information.  In one embodiment, a "base" set of information may be defined by a standard.  “; paragraph [0104]); 
while displaying the first selectable user interface object, receiving, via the one or more input devices, a second user input (paragraph [0085], “…. In particular, the authentication system selection 218 allows for selection of account data from among multiple authentication services 137 (FIG. 1).  It may be assumed in FIG. 2A that the user has previously authenticated with the authentication management client 124 or that an opportunity to authenticate will be presented if a supported authentication service 137 is selected.  If account data did not exist, the authentication system selection 218 may allow for account creation with a selected authentication service 137. “); and 
in response to receiving the second user input: in accordance with a determination that the second user input corresponds to the first selectable user interface object, initiating a process to enable the upgrade option (paragraph [0086]), but does not expressly disclose wherein enabling the upgrade option causes login requests corresponding to requests to log in to the service using the access account to be authenticated by a second entity different from the first entity without authentication by the first entity  of username and password information associated with the access account.
Kunda discloses wherein enabling the upgrade option (e.g., Step 502 as shown in Fig. 5) causes login requests corresponding to requests to log in to the service(e.g., one or more hosts 112 as shown in Fig. 1 )  using the access account to be authenticated by a second entity  (e.g., Server System 110 as shown in Fig. 1 ) different from the first entity (e.g., Client Device 102 as shown in Fig. 1) without authentication by the first entity of username and password information associated with the access account (e.g.,  Step 512 as shown in Fig. 5; Abstract; paragraph [0013]; paragraph [0035], “  … Further note that in some embodiments, the client application 104 may be authenticated to the various hosts 112 on the basis of one or more items of authentication information without reliance on other authentication credentials (e.g., username and password) and, in such embodiments, authentication credentials are not sent to the server system 110. “; paragraph [0051], “At 512, in the illustrated embodiment, the authentication application outputs the item of authentication information, where the item of authentication information is usable by the client application to authenticate to at least one of the one or more hosts in server system 110. For example, the client application 104 may send the item of authentication information (either with or without other authentication credentials, such as a username and password) to the server system 110 for authentication. “; Examiner’s Note: Authentication credentials (e.g., username and password) are maintained by a second entity, i.e., Server system 110, in order to allow a first entity, i.e., client 102 to log in to a service, i.e., host 112) ).
It would have been obvious for a person of ordinary skill in the art before the elective fling date of the claimed invention to use the authentication device of Kunda with the security credentials management device of Hitchcock for the purpose generating authentication information independent of user input and limiting unauthorized  access to computing services as suggested by Kunda (See Abstract; paragraph [0009]).
Per claim 13, Hitchcock discloses a method (e.g., Fig. 3), comprising: at a computer system (e.g., client 103 as shown in Fig. 9) that is in communication with a display generation component (e.g., browser 121 as shown in Fig. 9) and one or more input devices(e.g., local interface 909 as shown in Fig. 9; paragraph [0133]): 
displaying, via the display generation component, a user interface (e.g., network page 145 as shown in Fig. 2A; paragraph [0084], “Turning now to FIG. 2A, shown is an example of a network page 145 (FIG. 1) rendered by a browser 121 (FIG. 1) executed in a client 103 (FIG. 1) in the networked environment 100 (FIG. 1) according to various embodiments of the present disclosure.  In this example, the user may have entered, or may have been automatically redirected to, the URL "https://www.e-retailer.site/," which is displayed in the address bar 203 of the browser 121…”) that includes information associated with a service provided by a first entity (paragraph [0084], “… The network page 145 provided by the network site 140 (FIG. 1) in response to the URL includes an authentication form having a username field 206, a password field 209, and a submit button 212.   “); 
while displaying the user interface that includes information associated with the service provided by the first entity, receiving, via the one or more input devices, a first user input (e.g., box 303 as shown in Fig. 3; paragraph [0085],” …In FIG. 2A, the authentication management client 124 (FIG. 1) has verified the identity of the network site 140 and is presenting an authentication system selection 218.  The authentication system selection 218 indicates that the user has installed the authentication management client 124 and that account information associated with the network site 140 is available.  In particular, the authentication system selection 218 allows for selection of account data from among multiple authentication services 137 (FIG. 1).  It may be assumed in FIG. 2A that the user has previously authenticated with the authentication management client 124 or that an opportunity to authenticate will be presented if a supported authentication service 137 is selected ...   “; paragraph [0086]; paragraph [0091],” Beginning with box 303, the authentication management client 124 authenticates a user to an authentication management service 163 (FIG. 1).  For example, a user may log in to an operating system session which is tied to a session of the authentication management client 124.  Alternatively, the user may log in to the authentication management client 124 directly.  “;   Examiner’s Note: User has installs the authentication management client 124 and associates account information with a network site 140.  ); 
in response to receiving the first user input (e.g., box 303), and in accordance with a determination that a set of criteria is satisfied (paragraph [0085], The browser 121 includes a security indication 215 that indicates that the network site 140 has presented a trusted certificate and the communication between the client 103 and the computing device 106 (FIG. 1) is being encrypted. In FIG. 2A, the authentication management client 124 (FIG. 1) has verified the identity of the network site 140 and is presenting an authentication system selection 218 … “), wherein the set of criteria includes a first criterion that is met when login requests for an access account of the service are configured to be authenticated by the first entity displaying(e.g., box 315 as shown in Fig. 3; paragraph [0019], “ The client account data 130 may also include a set of information about the user that may be employed by the authentication management client 124 in automatically creating or upgrading an account.  Such information may include, for example, first name, last name, middle initial or middle name, email address, phone number, physical address, date of birth, and/or other information ...  “), via the display generation component, a first selectable user interface object corresponding to an upgrade option (e.g., authentication system selection 218 as shown in Fig. 2A), wherein the upgrade option is associated with the access account (paragraph [0019], “ … In one embodiment, information deemed less sensitive may be shared by default to create or upgrade accounts.  If user information is requested for account creation or upgrade but is not stored in the client account data 130, a form may be rendered for the user to provide the missing information.  In one embodiment, a "base" set of information may be defined by a standard.  “; paragraph [0104]); 
while displaying the first selectable user interface object, receiving, via the one or more input devices, a second user input (paragraph [0085], “…. In particular, the authentication system selection 218 allows for selection of account data from among multiple authentication services 137 (FIG. 1).  It may be assumed in FIG. 2A that the user has previously authenticated with the authentication management client 124 or that an opportunity to authenticate will be presented if a supported authentication service 137 is selected.  If account data did not exist, the authentication system selection 218 may allow for account creation with a selected authentication service 137. “); and 
in response to receiving the second user input: in accordance with a determination that the second user input corresponds to the first selectable user interface object, initiating a process to enable the upgrade option (paragraph [0086]), but does not expressly disclose wherein enabling the upgrade option causes login requests corresponding to requests to log in to the service using the access account to be authenticated by a second entity different from the first entity without authentication by the first entity  of username and password information associated with the access account.
Kunda discloses wherein enabling the upgrade option (e.g., Step 502 as shown in Fig. 5) causes login requests corresponding to requests to log in to the service(e.g., one or more hosts 112 as shown in Fig. 1 )  using the access account to be authenticated by a second entity  (e.g., Server System 110 as shown in Fig. 1 ) different from the first entity (e.g., Client Device 102 as shown in Fig. 1) without authentication by the first entity of username and password information associated with the access account (e.g.,  Step 512 as shown in Fig. 5; Abstract; paragraph [0013]; paragraph [0035], “  … Further note that in some embodiments, the client application 104 may be authenticated to the various hosts 112 on the basis of one or more items of authentication information without reliance on other authentication credentials (e.g., username and password) and, in such embodiments, authentication credentials are not sent to the server system 110. “; paragraph [0051], “At 512, in the illustrated embodiment, the authentication application outputs the item of authentication information, where the item of authentication information is usable by the client application to authenticate to at least one of the one or more hosts in server system 110. For example, the client application 104 may send the item of authentication information (either with or without other authentication credentials, such as a username and password) to the server system 110 for authentication. “; Examiner’s Note: Authentication credentials (e.g., username and password) are maintained by a second entity, i.e., Server system 110, in order to allow a first entity, i.e., client 102 to log in to a service, i.e., host 112) ).
It would have been obvious for a person of ordinary skill in the art before the elective fling date of the claimed invention to use the authentication device of Kunda with the security credentials management device of Hitchcock for the purpose generating authentication information independent of user input and limiting unauthorized  access to computing services as suggested by Kunda (See Abstract; paragraph [0009]).
 Claims 7, 19, and 29 are rejected under 35 U.S.C. 103 as being unpatentable over Hitchcock et al. (Hereinafter, Hitchcock, US 2013/0198823 A1) in view of Kunda et al. (Kunda, US 202/00244659 A1), and further in view of Maxwell (US 2016/0277371 A1).
Per claims 7, 19, and 29, Hitchcock and Kunda disclose the computer system of claim 1, the non-transitory computer-readable storage medium of claim 12, and method of claim 13,but do not expressly disclose wherein: 119816506Application No.: 17/104,750Docket No.: P50525US1/77770000571101 the user interface is a password reset user interface for resetting a password on the service, and the first user input is indicative of a request to reset the password associated with the access account.  
Maxwell discloses wherein: 119816506Application No.: 17/104,750Docket No.: P50525US1/77770000571101 the user interface is a password reset user interface for resetting a password on the service (e.g., reset user element or link 130 as shown in Fig. 1 ), and the first user input is indicative of a request to reset the password associated with the access account (paragraph [0026], “The reset user element or link 130 may be any selectable icon on the online account web page 115 that the user may select in order to request to reset the user's username 120 and/or password 125..”.).  
It would have been obvious for a person of ordinary skill in the art before the elective fling date of the claimed invention to use the systems and methods of Maxwell with the security credentials management device of Hitchcock and Kunda for the purpose of resetting of online identities or accounts of users of Internet web pages based on data intrinsic to the users' interaction with Internet web pages as suggested by Maxwell (See paragraph [0006]).
Claims 8, 20, and 30 are rejected under 35 U.S.C. 103 as being unpatentable over Hitchcock et al. (Hereinafter, Hitchcock, US 2013/0198823 A1) in view of Kunda et al. (Kunda, US 202/00244659 A1), and further in view of Oberheide et al. (Oberheide, US 2016/0164866 A1).
Per claims 8, 20, and 30, Hitchcock and Kunda disclose the computer system of claim 1, the non-transitory computer-readable storage medium of claim 12, and method of claim 13, but do not expressly disclose wherein the user interface is a security recommendations user interface that includes one or more selectable options for a user pertaining to device security for the computer system, and the first user input corresponds to selection of a first selectable option in the security recommendations user interface.  
Oberheide discloses wherein the user interface is a security recommendations user interface that includes one or more selectable options for a user pertaining to device security for the computer system (e.g., Figs. 7A-7G illustrate wherein the user interface is a security recommendations user interface that includes one or more selectable options for a user pertaining to device security for the computer system.), and the first user input corresponds to selection of a first selectable option in the security recommendations user interface (paragraph [0071], “ …As shown in FIGS. 7A-7F, the notification content can include presenting the concern metric (e.g., a similarity score, a level of suspiciousness associated with the first client, etc.), recommendations (e.g., suggestion to authenticate or deny the authentication request, etc.), options 
(e.g., option to authorize or deny authorization to a request or authentication transaction, option to update or bypass updating the digital fingerprint history with the digital fingerprint of the first client, option to change the password of a user account, option to notify other users or third-parties, option to lock a user account such as the first user account, etc.), or any suitable content related to the authentication transaction …“).  Examiner’s Note:  Oberheide teaches notifying the user about information pertaining to security or authentication.
It would have been obvious for a person of ordinary skill in the art before the elective fling date of the claimed invention to use the system and method of Oberheide with the security credentials management device of Hitchcock and Kunda for the purpose providing a recommendation to perform an action (e.g., for the user to authenticate, to authenticate automatically, to deny authentication, to reset username/password, to provide further credentials, etc.), and/or any other suitable information and providing a new and useful system and method as suggested by Oberheide (See paragraphs [0003] and  [0070]).
Claims 10, 22, and 32 are rejected under 35 U.S.C. 103 as being unpatentable over Hitchcock et al. (Hereinafter, Hitchcock, US 2013/0198823 A1) in view of Kunda et al. (Kunda, US 202/00244659 A1), and further in view of Han et al. (Han, US 2021/0306344 A1).
Per claims 10, 22, and 32, Hitchcock and Kunda disclose the computer system of claim 1, the non-transitory computer-readable storage medium of claim 12, and method of claim 13, but do not expressly disclose wherein the one or more programs further include instructions for: after initiating the process to enable the upgrade option: 
receiving, via the one or more input devices, a third user input; and
 in response to receiving the third user input: in accordance with a determination that a second set of criteria is satisfied, wherein the second set of criteria includes a fourth criterion that is met when the upgrade option is enabled, displaying, via the display generation component, a second selectable user interface object corresponding to a downgrade option, wherein the downgrade option is associated with the access account, and enabling the downgrade option disables the upgrade option, and initiates a process for causing login requests corresponding to requests to log in to the service using the access account to be authenticated by the first entity. 119816506Application No.: 17/104,750Docket No.: P50525US1/77770000571101  
Han discloses wherein the one or more programs further include instructions for: after initiating the process to enable the upgrade option (Abstract): 
receiving, via the one or more input devices, a third user input (e.g., Step 508 as shown in Fig. 5; paragraph [0032]; paragraph [0124], “Returning to the example given above in connection with step 508 of flowchart 500, client 212 currently displays, at a display device, GUI 620.  Downgrade control 604 is activated via client 212, which constitutes an explicit request to downgrade the authentication tier associated with the current client session. “); and
 in response to receiving the third user input: in accordance with a determination that a second set of criteria is satisfied (paragraph [0118]), wherein the second set of criteria includes a fourth criterion that is met when the upgrade option is enabled, displaying, via the display generation component, a second selectable user interface object corresponding to a downgrade option, wherein the downgrade option is associated with the access account, and enabling the downgrade option disables the upgrade option, and initiates a process for causing login requests corresponding to requests to log in to the service using the access account to be authenticated by the first entity (paragraph [0033; paragraph [0126]; paragraph [0139]; paragraph [0140]; paragraph [0164]; Examiner’s Note: If predetermined number of authentication tiers exist below upgraded option it can be downloaded. ). 119816506Application No.: 17/104,750Docket No.: P50525US1/77770000571101  
It would have been obvious for a person of ordinary skill in the art before the elective fling date of the claimed invention to use the dynamically-tiered authentication of Han with the security credentials management device of Hitchcock and Kunda for the purpose mitigating the risk of data breach post-authentication without risking poor user experience by logging users out of authenticated sessions after brief periods of inactivity as suggested by Han (See paragraph [0013]).
Examiner Interview
Examiner acknowledge Applicant’s statement regarding telephonic interview on
February 7, 2022 with Applicant’s representative Andrew Kim.
Response to Arguments
Applicant’s arguments, see Remarks, filed 02/25/2022, with respect to the rejection(s) of claim(s) 1, 12, and 13 under 35 U.S.C. § 102(a)(1) as being anticipated by Hitchcock (US 2013/0198823 A1) have been fully considered and are persuasive.  Therefore, the rejection has been withdrawn.  However, upon further consideration, a new ground(s) of rejection is made in view of in view of Kunda et al. (Kunda, US 202/00244659 A1) under 35 U.S.C. § 103.
A. Claims 1, 12, and 13
On pages 13-14, Applicant argues that Hitchcock fails to disclose at least the recited claim feature “wherein enabling the upgrade option causes login requests corresponding to requests to log in to the service using the access account to be authenticated by a second entity different from the first entity without authentication by the first entity of username and password information associated with the access account.”
Examiner disagrees since Hitchcock was not relied upon to disclose “wherein enabling the upgrade option causes login requests corresponding to requests to log in to the service using the access account to be authenticated by a second entity different from the first entity without authentication by the first entity of username and password information associated with the access account” in the current rejection.  Kunda discloses wherein enabling the upgrade option (e.g., Step 502 as shown in Fig. 5) causes login requests corresponding to requests to log in to the service(e.g., one or more hosts 112 as shown in Fig. 1 )  using the access account to be authenticated by a second entity  (e.g., Server System 110 as shown in Fig. 1 ) different from the first entity (e.g., Client Device 102 as shown in Fig. 1) without authentication by the first entity of username and password information associated with the access account (e.g.,  Step 512 as shown in Fig. 5; Abstract; paragraph [0013]; paragraph [0035], “  … Further note that in some embodiments, the client application 104 may be authenticated to the various hosts 112 on the basis of one or more items of authentication information without reliance on other authentication credentials (e.g., username and password) and, in such embodiments, authentication credentials are not sent to the server system 110. “; paragraph [0051], “At 512, in the illustrated embodiment, the authentication application outputs the item of authentication information, where the item of authentication information is usable by the client application to authenticate to at least one of the one or more hosts in server system 110. For example, the client application 104 may send the item of authentication information (either with or without other authentication credentials, such as a username and password) to the server system 110 for authentication. “).  In Kunda, authentication credentials (e.g., username and password) are maintained by a second entity, i.e., Server system 110, in order to allow a first entity, i.e., client 102 to log in to a service, i.e., host 112) ) without authentication by the first entity of username and password information associated with the access account (See Abstract).
For at least the foregoing reasons, Examiner maintains the rejection of independent claims 1, 12, and 13.
B. Claims 2-11
Claims 2-11 each depend from independent claim 1, which is not allowable for at least the reasons discussed above. Thus, claims 2-11 are not allowable for at least the reason that they each depend from a rejected claim. Accordingly, Examiner maintains the rejection of independent claims 2-11.
C. New Claims 14-33
New claims 14-33 correspond to previously presented dependent claims 2-11. New claims 14-23 are non-transitory computer-readable medium claims that depend from independent claim 12, and new claims 24-33 are method claims that depend from independent claim 13. Therefore, claims 14-30 are not allowable for at least the reason that they each depend from a rejected claim.
In view of the above, Examiner respectfully submits that claims 1-33 are not allowable.
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DARRIN HOPE whose telephone number is (571)270-5079. The examiner can normally be reached Mon-Thr - 7-4:30, Fri - 7-3:30, Alt. Fri Off.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kieu D Vu can be reached on (571)272-4057. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

DARRIN HOPE
Examiner
Art Unit 2173



/TADESSE HAILU/Primary Examiner, Art Unit 2173