DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This action is in response to communication filed 06/03/2022. Applicant has amended claims 1-2, 6-9, 14 and 19-20, has canceled claims 10-11 and has newly added claims 21-108. Claims 1-9 and 12-108 are pending.


EXAMINER’S AMENDMENT
An Examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to Applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this Examiner’s Amendment was inquired in a telephone interview with Mr. Chad J. Hammerlind (Registration No. 67,565) and was approved on 9/8/2022. 

Amendments to the Claims:
This listing of claims will replace all prior versions and listing of the claims in the application.
Listing of Claims:
	
1-36.	(Canceled) 

37.	(Currently Amended) A tangible, non-transitory, machine-readable medium storing instructions that when executed by one or more processors of an identity management system comprising a distributed application, the instructions effectuate operations comprising:
               obtaining,by a password management application of the distributed application installed on a user computing device, a first password, the first password being associated with a first username of a first user account and serving to afford a first user access to a network-accessible resource; [[and]] 
providing, the password management application, [[which]] a single-sign-on service by which a plurality of different network-accessible resources are accessible by presentation of a plurality of different authentication credentials that are associated with the first user and that correspond to the plurality of different network-accessible resources;
comparing, first database external to the network-accessible resource, wherein the first database is continuously updated with additional compromised credentials and the comparison comprises a batch process for: 
selecting, with the one or more processors, from a second database of the plurality of different authentication credentials associated with the first user, a subset of passwords added to the second database since a previous batch process; and          
determining, with the one or more processors, one or more passwords representing an intersection of the set of compromised credentials with the selected subset of passwords;
receiving, with the distributed application, the one or more passwords that match the first password based on the comparison;
              determining,, whether the one or more passwords satisfy a criterion of the first password; and
              in response to the determination that the one or more passwords satisfy the criterion, causing, with the one or more processors, the first user associated with [[a]] the first account and the first password to be notified that the first password has been compromised[[;]] 



38.	(Previously Presented) The medium of claim 37, wherein 	the distributed application comprises:		a remote credential-monitoring application external to the network-accessible resource; and		the password management application within the user computing device;	the remote credential-monitoring application is configured to expose an application program interface by which the first password is obtained from the password management application and to determine that the one or more passwords satisfy the criterion; and	the password management application is configured to, in response to the determination that the one or more passwords satisfy the criterion, cause the first user to be notified that the first password has been compromised and cause a controller of the network-accessible resource to be notified that the first password has been compromised.
39.	(Previously Presented) The medium of claim 37, wherein the first password is obtained via the password management application and in response to the first user inputting the first password via the password management application.
40.	(Previously Presented) The medium of claim 37, wherein comparing, with the distributed application, the first password to the set of compromised credentials comprises:	comparing the first password to the set of compromised credentials at a scheduled time responsive to a scheduled batch process by which an intersection of a first set and a second set of passwords is determined, the first set comprising more than 100 million compromised passwords and the second set comprising more than 1 million passwords that afford access to the network-accessible resource.
41.	(Previously Presented) The medium of claim 37, wherein comparing, with the distributed application, the first password to the set of compromised credentials comprises:	comparing the first password to the set of compromised credentials responsive to the first user attempting to create the first password associated with the first username via the password management application, the first user attempting to change a previous password associated with the first username to the first password via the password management application, or responsive to a scheduled batch process.
42.	(Previously Presented) The medium of claim 37, wherein the operations comprise:	in response to the determination that the one or more passwords satisfy the criterion, causing, with the one or more processors, the first user associated with the first user account to be notified to change the first password.
43.	(Previously Presented) The medium of claim 37, wherein determining whether the one or more passwords satisfy the criterion includes determining whether a number of the one or more passwords exceeds a threshold, and the operations comprise:	in response to the determination that the number of the one or more passwords exceeds the threshold, causing, with the one or more processors, a controller of the network-accessible resource to be notified regarding the determination that the number of the one or more passwords exceeds the threshold and instructing, with the one or more processors, the controller to block access to the first user account associated with the first password and the first username.
44.	(Previously Presented) The medium of claim 37, wherein the operations comprise:	determining, with the one or more processors, with the distributed application, whether the first password satisfies one or more criteria from among a plurality of criteria, wherein determining whether the first password satisfies a first criterion among the plurality of criteria includes determining whether the first password includes sequential characters and wherein the first criterion is satisfied in response to the determination that the first password includes sequential characters; and	in response to the determination that the first password satisfies the first criterion, causing, with the one or more processors, the first user associated with the first account and the first password to be notified to change the first password.
45.	(Previously Presented) The medium of claim 37, wherein the operations comprise:	determining, with the one or more processors, with the distributed application, whether the first password satisfies one or more criteria from among a plurality of criteria, wherein determining whether the first password satisfies a first criterion among the plurality of criteria includes determining whether the first password includes repetitive characters and wherein the first criterion is satisfied in response to the determination that the first password includes repetitive characters; and	in response to the determination that the first password satisfies the first criterion, causing, with the one or more processors, the first user associated with the first account and the first password to be notified to change the first password.
46.	(Currently Amended) The medium of claim 37, wherein the first database is continuously updated with additional compromised credentials, and the operations comprise:	generating a second criterion for the comparison, the criterion being generated at least based on whether another comparison identifying the first password has been previously made; and	receiving, from the first database, the one or more passwords that match the first password based on the comparison and the second criterion for the comparison.
47.	(Currently Amended) The medium of claim 46, wherein receiving the one or more passwords that match the first password based on the comparison and the second criterion for the comparison comprises:	receiving, from a subset of the first database, the one or more passwords that match the first password in response to determining that the other comparison identifying the first password has been previously made.
48.	(Currently Amended) The medium of claim 37, wherein the first password is compared to the set of compromised credentials 	responsive to an update to the first database.
49.	(Currently Amended) The medium of claim 37, wherein the operations comprise:	receiving metadata associated with the one or more passwords, the metadata including one or more usernames associated with the one or more passwords; 	determining whether the one or more usernames match the first username; and	in response to the determination that the first username matches the one or more usernames, causing, with the one or more processors, a controller of the network-accessible resource to be notified that the first username and the first password have been compromised, instructing, with the one or more processors, the controller of the network-accessible resource to block access to the first user account associated with the first password and the first username, and causing, with the one or more processors, the first user associated with the first user account on the network-accessible resource to be notified to change the first password.
50.	(Previously Presented) The medium of claim 37, wherein:	the match is determined based on a cryptographic hash collision.
51.	(Previously Presented) The medium of claim 37, wherein the operations comprise: notifying the first user via the password management application to change the first password.
52.	(Previously Presented) The medium of claim 37, wherein	the set of compromised credentials comprise more than 100 million compromised credentials; and	determining that a second password does not appear in the set of compromised credentials is performed within 5 seconds of obtaining the second password.
53.	(Previously Presented) The medium of claim 52, wherein	the second password is determined to not appear in the set of compromised credentials based on a probabilistic data structure or a content-addressable data structure to which data describing the set of compromised credentials is written.
54.	(Previously Presented) The medium of claim 37, wherein the operations comprise:	determining, with the one or more processors, with the distributed application, whether the first password satisfies one or more criteria from among a plurality of criteria, wherein determining whether the first password satisfies a first criterion among the plurality of criteria includes determining whether the first password includes one or more context-specific words and wherein the first criterion is satisfied in response to the determination that the first password includes one or more context-specific words; and	in response to the determination that the first password satisfies the first criterion, causing, with the one or more processors, the first user associated with the first account and the first password to be notified to change the first password.
55.	(Currently Amended) A method, comprising:
obtaining, with one or more processorsby a password management application of a distributed application installed on a user computing device, a first password, the first password being associated with a first username of a first user account and serving to afford a first user access to a network-accessible resource; [[and]] 
providing, the password management application, [[which]] a single-sign-on service by which a plurality of different network-accessible resources are accessible by presentation of a plurality of different authentication credentials that are associated with the first user and that correspond to the plurality of different network-accessible resources;
comparing, first database external to the network-accessible resource, wherein the first database is continuously updated with additional compromised credentials and the comparison comprises a batch process for: 
selecting, with the one or more processors, from a second database of the plurality of different authentication credentials associated with the first user, a subset of passwords added to the second database since a previous batch process; and          
determining, with the one or more processors, one or more passwords representing an intersection of the set of compromised credentials with the selected subset of passwords;
receiving, with the distributed application, the one or more passwords that match the first password based on the comparison;
              determining,, whether the one or more passwords satisfy a criterion of the first password; and
              in response to the determination that the one or more passwords satisfy the criterion, causing, with the one or more processors, the first user associated with a first account and the first password to be notified that the first password has been compromised[[;]]



56.	(Previously Presented) The method of claim 55, wherein 	the distributed application comprises:		a remote credential-monitoring application external to the network-accessible resource; and		the password management application within the user computing device;	the remote credential-monitoring application is configured to expose an application program interface by which the first password is obtained from the password management application and to determine that the one or more passwords satisfy the criterion; and	the password management application is configured to, in response to the determination that the one or more passwords satisfy the criterion, cause the first user to be notified that the first password has been compromised and cause a controller of the network-accessible resource to be notified that the first password has been compromised.
57.	(Previously Presented) The method of claim 55, wherein the first password is obtained via the password management application and in response to the first user inputting the first password via the password management application.
58.	(Previously Presented) The method of claim 55, wherein comparing, with the distributed application, the first password to the set of compromised credentials comprises:	comparing the first password to the set of compromised credentials at a scheduled time responsive to a scheduled batch process by which an intersection of a first set and a second set of passwords is determined, the first set comprising more than 100 million compromised passwords and the second set comprising more than 1 million passwords that afford access to the network-accessible resource.
59.	(Previously Presented) The method of claim 55, wherein comparing, with the distributed application, the first password to the set of compromised credentials comprises:	comparing the first password to the set of compromised credentials responsive to the first user attempting to create the first password associated with the first username via the password management application, the first user attempting to change a previous password associated with the first username to the first password via the password management application, or responsive to a scheduled batch process.
60.	(Previously Presented) The method of claim 55, further comprising:	in response to the determination that the one or more passwords satisfy the criterion, causing, with the one or more processors, the first user associated with the first user account to be notified to change the first password.
61.	(Previously Presented) The method of claim 55, wherein determining whether the one or more passwords satisfy the criterion includes determining whether a number of the one or more passwords exceeds a threshold, and the method further comprises:	in response to the determination that the number of the one or more passwords exceeds the threshold, causing, with the one or more processors, a controller of the network-accessible resource to be notified regarding the determination that the number of the one or more passwords exceeds the threshold and instructing, with the one or more processors, the controller to block access to the first user account associated with the first password and the first username.
62.	(Previously Presented) The method of claim 55, further comprising:	determining, with the one or more processors, with the distributed application, whether the first password satisfies one or more criteria from among a plurality of criteria, wherein determining whether the first password satisfies a first criterion among the plurality of criteria includes determining whether the first password includes sequential characters and wherein the first criterion is satisfied in response to the determination that the first password includes sequential characters; and	in response to the determination that the first password satisfies the first criterion, causing, with the one or more processors, the first user associated with the first account and the first password to be notified to change the first password.
63.	(Previously Presented) The method of claim 55, further comprising:	determining, with the one or more processors, with the distributed application, whether the first password satisfies one or more criteria from among a plurality of criteria, wherein determining whether the first password satisfies a first criterion among the plurality of criteria includes determining whether the first password includes repetitive characters and wherein the first criterion is satisfied in response to the determination that the first password includes repetitive characters; and	in response to the determination that the first password satisfies the first criterion, causing, with the one or more processors, the first user associated with the first account and the first password to be notified to change the first password.
64.	(Currently Amended) The method of claim 55, wherein the first database is continuously updated with additional compromised credentials, and the method further comprises:	generating a second criterion for the comparison, the criterion being generated at least based on whether another comparison identifying the first password has been previously made; and	receiving, from the first database, the one or more passwords that match the first password based on the comparison and the second criterion for the comparison.
65.	(Currently Amended) The method of claim 64, wherein receiving the one or more passwords that match the first password based on the comparison and the second criterion for the comparison comprises:	receiving, from a subset of the first database, the one or more passwords that match the first password in response to determining that the other comparison identifying the first password has been previously made.
66.	(Currently Amended) The method of claim 55, wherein the first password is compared to the set of compromised credentials 	responsive to an update to the first database.
67.	(Currently Amended) The method of claim 55, further comprising:	receiving metadata associated with the one or more passwords, the metadata including one or more usernames associated with the one or more passwords; 	determining whether the one or more usernames match the first username; and	in response to the determination that the first username matches the one or more usernames, causing, with the one or more processors, a controller of the network-accessible resource to be notified that the first username and the first password have been compromised, instructing, with the one or more processors, the controller of the network-accessible resource to block access to the first user account associated with the first password and the first username, and causing, with the one or more processors, the first user associated with the first user account on the network-accessible resource to be notified to change the first password.
68.	(Previously Presented) The method of claim 55, wherein:	the match is determined based on a cryptographic hash collision.
69.	(Previously Presented) The method of claim 55, further comprising: notifying the first user via the password management application to change the first password.
70.	(Previously Presented) The method of claim 55, wherein	the set of compromised credentials comprise more than 100 million compromised credentials; and	determining that a second password does not appear in the set of compromised credentials is performed within 5 seconds of obtaining the second password.
71.	(Previously Presented) The method of claim 70, wherein	the second password is determined to not appear in the set of compromised credentials based on a probabilistic data structure or a content-addressable data structure to which data describing the set of compromised credentials is written.
72.	(Previously Presented) The method of claim 55, further comprising:	determining, with the one or more processors, with the distributed application, whether the first password satisfies one or more criteria from among a plurality of criteria, wherein determining whether the first password satisfies a first criterion among the plurality of criteria includes determining whether the first password includes one or more context-specific words and wherein the first criterion is satisfied in response to the determination that the first password includes one or more context-specific words; and	in response to the determination that the first password satisfies the first criterion, causing, with the one or more processors, the first user associated with the first account and the first password to be notified to change the first password.
73-108.	(Canceled) 
Remarks
The Double Patenting, 112(b) and 103 rejections per canceled claims 1-20 are moot.

Electronic Terminal Disclaimer
Per claims 37-72, the e-TD filed on 6/3/2022 obviates Double Patenting rejections over co-pending US Applications 16/667,367, 16/667,486 and 16/667,447.

Allowable Subject Matter
Claims 37-72 are allowed.
The following is Examiner's statement of reasons for allowance: 
Cockerill (US2018/0359244) discloses collecting data by evaluation server and feeding it into an identity access engine on identity provider, wherein the fed data is correlated with or joined with other data sets stored by identity provider.
Wright (US2018/0046796) discloses mapping compromised credentials to a generated at-risk credentials and one or more related (cognate) credentials (and/or accounts) that have not yet been identified as compromised to identify user accounts that may require risk mitigation protocols and prevent future compromise or active compromise by a malicious actor.
Bailey (US2017/0070527) discloses matching and scoring sameness to process extremely large amount of data. For instance, a security system may analyze digital interactions for multiple large organizations. The web site of each organization may handle hundreds of login attempts per second, so that the security system may receive thousands, tens of thousands, or hundreds of thousands of requests per second to match sameness.
Botti (US2020/0026847) discloses active crawling including generic web crawling using known web crawlers used for indexing web sites and matching against predefined password list formats such as password files that are long lists of either plaintext or hashed values, one entry per line or standard formats, such as UNIX shadow files that are retrieved through web crawling.
Childress (US9984228) discloses searching within a set of existing password data, the search being based on the possible new password. The set of existing passwords are stored in a data store accessible from at least one of the processors of the information handling system and in response to the searching identifying that one of the existing passwords matches the possible new password, a notification, or warning, is displayed to the user.
Arning (US9569610) discloses a password management application that determines if a password is stored in a set of passwords, generates a hash value corresponding to a password, compares the hash value to a set of hash values, and stores a hash value in a set of hash values. The password management application is configured to access one or more databases or other computer systems to access a password protected domain or password protected content.
Hurst (WO2015/076835) discloses a password linkage monitor that retrieves a list of password hash values associated with previously used passwords and compares the list of password hash values to a hash of the candidate password. The alarm action engine invokes a permanent block of the candidate password when a match condition occurs between the hash of the candidate password and a hash of one of the list of password hash values.
Mehta (US2020/0137076) discloses observing an originator and determining if the originator is sending a large volume of credentials that match the credential database, to implement preventative measures to block the originator from accessing the requested web service. Multiple credentials matching entries in the database that are all used by the same originator is indicative that the originator is a malicious user who is exploiting many stolen credentials.

Closest prior arts reviewed fail to anticipate, or in combination together, fail to render obvious the amended claim 37 as a whole, similarly stated in claim 55.


Conclusion
Any comments considered necessary by Applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.” 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to AREZOO SHERKAT whose telephone number is (571)272-8533. The examiner can normally be reached Monday - Friday 8:30-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jung Kim can be reached on 571 - 272 - 3804. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/AREZOO SHERKAT/Examiner, Art Unit 2494