US Patent 9639692 Dynamic on-device passcodes to lock lost or stolen devices

Dynamic on-device passcode to lock lost device is described. In one method, a security agent executing on a processor of a user device periodically generates a dynamic passcode using a cryptographic function and a cryptographic seed according to a predefined time interval. While the user device is in a first state, the security agent sends the cryptographic seed to an authentication service. The method receives an acknowledgement of receipt of the cryptographic seed from the authentication service and detects that the user device is in a potentially lost or stolen state based on a defined condition of the user device. In response to the detecting that the user device is in the potentially lost or stolen state, the method locks the user device and may unlock the user device when a current instance of the dynamic passcode is correctly entered on the user device.