DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Reasons for Allowance
The following is an examiner’s statement of reasons for allowance: 
Claims 1-20 are considered allowable.

The Prior Art Kerametlian et al. US Patent Application Publication No. 2017/0208075 directed to having multiple lockout counters that apply to login requests from different origins. More specifically, one counter is associated with a user's familiar locations, another counter is associated with unfamiliar locations. In another embodiment, hashes of incorrect passwords are recorded so that lockout counters are not incremented multiple times when the same incorrect password is entered repeatedly.

The Prior Art Jagtap et al. US Patent Application Publication No. 2015/0199500 teaches different types of soft-lockout policies can be associated with different organizations (or groups) in an identity management system. Each soft-lockout policy can indicate different parameters such as a number of login attempts allowed and an amount of time that a user account will be locked-out if the maximum allowed attempts are exceeded unsuccessfully. Users can be associated with the different organizations. For each user, the soft-lockout policies for the organization with which that user is associated are applied to that user when that user attempts to log in. Thus, different groups of users can be handled with different security behaviors regarding unsuccessful login attempts. If, for example, a user were to become moved from one organization to another, then the soft-lockout policies associated with the user's new organization would become applicable to that user.

The Prior Art KIRSCH US Patent Application Publication No. 2013/0198834 teaches a method for disabling a device associated with a virtual identity may include receiving, from the device, a request to use the virtual identity, where the request that may include a passcode guess and a device identifier. The method may also include determining that the passcode guess does not authorize use of the virtual identity and incrementing a number of incorrect passcode guesses received within a time interval. The method may additionally include determining that the number of incorrect passcode guesses received within the time interval is greater than or equal to a threshold. The method may further include storing an indication that subsequent requests associated with the device identifier should not authorize use of the virtual identity.

The instant application is allowable over Kerametlian et al., Jagtap et al. and KIRSCH described above, either singularly or in combination, due to the instant application teaching a server to provide single sign on services. The server includes a processor and a memory storing an attempt table. The server, in response to receiving a first password for a user account, forwards the first password to an authentication device. The server determines that the first password is not valid for the user account. The server stores the first password in association with the user account in the attempt table. In response to receiving a second password for the user account, the server determines whether the second password matches the first password. When the second password does not match the first password, the server forwards the second password to the authentication device.
The prior art of record does not disclose, teach, or suggest neither singly nor in combination the claimed limitations of “receiving, by an identity provider device (IPD) and from a service provider device, a first password for a user account; in response to determining that the first password is not valid, incrementing, by the IPD, a lockout counter associated with the user account; in response to determining that the second password matches the first password, avoiding, by the IPD, communication of the second password to the authentication device to reduce processing an Enhanced Client or Proxy (ECP) request based on the second password by the authentication device and reduce false positive lockouts of the user account, and in response to determining that the second password does not match the first password, forwarding, by the IPD, the second password to the authentication device such that an ECP request based on the second password is implemented by the authentication device and the lockout counter is incremented” as recited in independent claims 1, 6 and 14 in combination with the remaining elements of the claim as a whole. Therefore, the claims of the instant application are allowable over the cited prior art.
[AltContent: textbox ()]
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Fahimeh Mohammadi whose telephone number is (571)270-7857. The examiner can normally be reached Monday - Friday 9:00 - 5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached on 5712705002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/FAHIMEH MOHAMMADI/ Examiner, Art Unit 2439         
/JEFFREY C PWU/Supervisory Patent Examiner, Art Unit 2433