Persistent public machine setting

Disclosed herein are methods for protecting user information on a client device that may have a plurality of users. A user interface with a public machine designation portion is presented to a user prior to the start of the authentication process. The public machine designation removes web service account descriptions and any user specific information stored on the client device. Also, the client device is prevented from storing any new user specific information that is provided to the client device. The public machine designation is a persistent feature that may only be disabled by an affirmative action from the user.

Authenticating linked accounts

Embodiments of authenticating linked accounts are presented herein. In an implementation, an authentication service provides functionality to form links between a plurality of user accounts. A client may then authenticate by providing credentials for one account in a group of linked accounts, and is permitted access to each account in the group of linked accounts based upon the linking. Thus, a single sign-in of a client to one account may permit the client to obtain services for service providers corresponding to multiple linked accounts, without an individual sign-in to each account.

Authenticating Linked Accounts

Embodiments of authenticating linked accounts are presented herein. In an implementation, an authentication service provides functionality to form links between a plurality of user accounts. A client may then authenticate by providing credentials for one account in a group of linked accounts, and is permitted access to each account in the group of linked accounts based upon the linking. Thus, a single sign-in of a client to one account may permit the client to obtain services for service providers corresponding to multiple linked accounts, without an individual sign-in to each account. 1. A method comprising:receiving one or more inputs from a client that define a link between a plurality of user accounts at one or more service providers, each of the plurality of user accounts requiring a separate sign-in;forming a link identifier that identifies a plurality of account identifiers corresponding to the plurality of user accounts as a set of linked accounts;storing the link identifier at an authentication service; andmanaging authentication of the client to the set of linked accounts, such that the client, upon providing to the authentication service credentials corresponding to one account in the set of linked accounts, receives an access to each account in the set of linked accounts.2. The method as recited in claim 1 , wherein:the authentication service manages authentication of clients on behalf of the one or more service providers; andthe access to each account in the set of linked accounts includes access to corresponding services provided by the one or more service providers.3. The method as recited in claim 1 , further comprising:exposing an application programming interface callable by the client;indicating a plurality of user accounts that are linkable to one another by the client; andstoring the link identifier in response to an indication linking more than one of the user accounts received from the client via the interface.4. The method as recited in claim ...

Educating users and enforcing data dissemination policies

An authoring component determines the sensitivity of an authored document and generates a user interface conveying contextual educational information about data dissemination policies that apply to the document. The user interface also provides user input mechanisms that allow the user to provide inputs affect the enforcement of a given data dissemination policy on the document.

Multiuser Web Service Sign-In Client Side Components

Embodiments of multi-user web service sign-in client side components are presented herein. In an implementation, the currently authenticated user account of a first application of a client is transferred to another application of a client. In another implementation, a common credential store is used to share data for a plurality of user accounts associated with a client between a plurality of applications of the client, and for the applications to output multi-user interfaces having portions corresponding to the plurality of accounts. 1. (canceled)2. A method comprising:providing an authentication interface callable via a plurality of applications to transfer a currently authenticated user account from one application to another application;receiving through the authentication interface, a directive to transfer a currently authenticated user account associated with a first application executed on a client to a second application executable on the client; and comparing the currently authenticated user account associated with the first application and a user account associated with the second application;', 'in an event that the user account associated with the first application is the same as the user account associated with the second application, switching control between the first application and the second application without transferring authentication data; and', 'in an event that the user account associated with the first application is different from the user account associated with the second application, transferring the currently authenticated user account associated with the first application to the second application., 'responsive to the directive3. A method as recited in claim 2 , wherein the authentication interface is configured to:communicate with an authentication service via a network for each of a plurality of applications of the client to cause authentication of user accounts with respect to the plurality of applications;responsive to the ...

EDUCATING USERS AND ENFORCING DATA DISSEMINATION POLICIES

An authoring component determines the sensitivity of an authored document and generates a user interface conveying contextual educational information about data dissemination policies that apply to the document. The user interface also provides user input mechanisms that allow the user to provide inputs affect the enforcement of a given data dissemination policy on the document. 1. A computer-implemented method of processing a document , the method comprising:generating a user interface that displays a document and includes one or more user input mechanisms for processing the document;receiving, through the user interface, a user input from a first user that includes an indication of one or more other users for which access to the document is desired by the first user;determining that the document is subject to a data dissemination policy; andgenerating, in the user interface, a user interface element that describes why the document is subject to the data dissemination policy.2. The method of claim 1 , wherein the determination that the document is subject to the data dissemination policy is based on the indication of the one or more other users.3. The method of claim 1 , wherein the user interface displays document content of the document.4. The method of claim 1 , wherein the user interface displays a representation of the document.5. The method of claim 1 , wherein the data dissemination policy comprises a security policy.6. The method of claim 1 , further comprising:generating a visual cue, in the user interface, that identifies a portion of the document that gives rise to the determination that the document is subject to the data dissemination policy.7. The method of claim 1 , wherein determining the document is subject to a data dissemination policy includes analyzing content of the document to identify sensitive content in the document.8. The method of claim 1 , wherein the document comprises at least one of a word processing document or a spreadsheet ...

Persistent Public Machine Setting

Disclosed herein are methods for protecting user information on a client device that may have a plurality of users. A user interface with a public machine designation portion is presented to a user prior to the start of the authentication process. The public machine designation removes web service account descriptions and any user specific information stored on the client device. Also, the client device is prevented from storing any new user specific information that is provided to the client device. The public machine designation is a persistent feature that may only be disabled by an affirmative action from the user. 1. A method comprising:outputting a user interface having a portion selectable to designate a client device as a public machine;when the portion is selected, removing a plurality of web service account descriptions stored for the client device; andstoring a public machine designation in a browser readable object associated with the client device.2. The method as recited in claim 1 , wherein the public machine designation is stored in a browser readable object located on the client device.3. A method as recited in claim 1 , wherein the public machine designation prevents account information for a plurality web service accounts from being stored on the client device.4. The method as recited in claim 1 , wherein the descriptions describe which web service accounts and custom user data are to be used to generate a user interface having a plurality of portions claim 1 , wherein each said portion:corresponds to one said web service account;includes respective custom user data; andis selectable to cause authentication to the respective web service account.5. The method as recited in claim 4 , wherein the descriptions describe where the custom user data corresponding to said web service accounts may be obtained.6. A method as recited in claim 1 , wherein:the descriptions are stored as one or more browser readable objects; andthe removing involves removing the ...

Authenticating linked accounts

Embodiments of authenticating linked accounts are presented herein. In an implementation, an authentication service provides functionality to form links between a plurality of user accounts. A client may then authenticate by providing credentials for one account in a group of linked accounts, and is permitted access to each account in the group of linked accounts based upon the linking. Thus, a single sign-in of a client to one account may permit the client to obtain services for service providers corresponding to multiple linked accounts, without an individual sign-in to each account.

Educating users and enforcing data dissemination policies

An authoring component determines the sensitivity of an authored document and generates a user interface conveying contextual educational information about data dissemination policies that apply to the document. The user interface also provides user input mechanisms that allow the user to provide inputs affect the enforcement of a given data dissemination policy on the document.

Identity and authentication system using aliases

An identity and authentication platform utilizes a data model that enables multiple identities such as e-mail addresses, mobile phone numbers, nicknames, gaming IDs, and other user IDs to be utilized as aliases which are unique sub-identities of a main account name. A user may utilize the aliases supported by the platform to project multiple different on-line identities while using the authentication credentials of the main account. The platform is configured to expose the aliases to various client applications and Internet-accessible sites and services such as e-mail, instant messaging, media sharing, gaming and social networks, and the like, to enable the implementation of a variety of usage scenarios that employ aliases.

Persistent public machine setting

Embodiments of persistent public machine setting are presented. In an implementation a web service provider sign-in is provided which presents customized information for multiple users of a client device. A user interface is presented having a plurality of portions each corresponding to a particular user and/or user account with a service provider. Each respective portion is selectable to initiate authentication or sign-in of the user to the corresponding account. In another implementation, a persistent public computer setting is described. A default setting may be provided that automatically remembers users accessing service provider accounts on a client device. Selecting the public computer setting will disable the default setting and remove any stored information for users that were previously saved on the client device.

Persistent public machine setting

Embodiments of persistent public machine setting are presented. In an implementation a web service provider sign-in is provided which presents customized information for multiple users of a client device. A user interface is presented having a plurality of portions each corresponding to a particular user and/or user account with a service provider. Each respective portion is selectable to initiate authentication or sign-in of the user to the corresponding account. In another implementation, a persistent public computer setting is described. A default setting may be provided that automatically remembers users accessing service provider accounts on a client device. Selecting the public computer setting will disable the default setting and remove any stored information for users that were previously saved on the client device.

Persistent public machine setting

Persistent Public Machine Setting

Disclosed herein are methods for protecting user information on a client device that may have a plurality of users. A user interface with a public machine designation portion is presented to a user prior to the start of the authentication process. The public machine designation removes web service account descriptions and any user specific information stored on the client device. Also, the client device is prevented from storing any new user specific information that is provided to the client device. The public machine designation is a persistent feature that may only be disabled by an affirmative action from the user.

Persistent public machine setting

Embodiments of persistent public machine setting are presented. In an implementation a web service provider sign-in is provided which presents customized information for multiple users of a client device. A user interface is presented having a plurality of portions each corresponding to a particular user and/or user account with a service provider. Each respective portion is selectable to initiate authentication or sign-in of the user to the corresponding account. In another implementation, a persistent public computer setting is described. A default setting may be provided that automatically remembers users accessing service provider accounts on a client device. Selecting the public computer setting will disable the default setting and remove any stored information for users that were previously saved on the client device.

Vedvarend offentlig maskininnstilling

Flerbruker innloggingsteknikker for webtjeneste beskrives. I en implementering tilveiebringes en webtjenesteleverandør innlogging som presenterer kundetilpasset informasjon til flere brukere av en klientinnretning. Det er presenteres et brukergrensesnitt som har en flerhet av deler som hver korresponderer til en bestemt bruker og/eller brukerkonto hos en tjenesteleverandør. Hver respektive del er valgbar for å igangsette autentisering eller innlogging av brukeren til den korresponderende konto. Videre kan hver del være konfigurert med kundetilpasset brukerinformasjon som korresponderer til den respektive bruker, for eksempel brukerspesifisert grafikk eller tekst. Kundetilpasset informasjon for en flerhet av brukere som aksesserer tjenester fra en tjenesteleverandør via den samme klientinnretning presenteres i et brukergrensesnitt før handlingen med innlogging til tjenesteleverandøren.

Persistent public machine setting