CN101394282A - Cipher inputting method and system having identity verification - Google Patents
Cipher inputting method and system having identity verification Download PDFInfo
- Publication number
- CN101394282A CN101394282A CNA2008102019488A CN200810201948A CN101394282A CN 101394282 A CN101394282 A CN 101394282A CN A2008102019488 A CNA2008102019488 A CN A2008102019488A CN 200810201948 A CN200810201948 A CN 200810201948A CN 101394282 A CN101394282 A CN 101394282A
- Authority
- CN
- China
- Prior art keywords
- password
- terminal
- information resources
- input
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention discloses a password entering method which comprises the following steps: a password is determined, and the password serves as the password for accessing an information resource; an input terminal is determined, and the input terminal serves as the input terminal for accessing the information resource; when an access request of a user for accessing the information resource is received, the user is requested to use a current terminal as a current password; the former password and the current password, and the former terminal and the input terminal are compared, and when both are consistent, the user is allowed to access the information resource. The technical scheme of the invention validates the password, and at the same time, validates the terminal used for inputting the password, so that even if the password is stolen, effective protection still remains.
Description
Technical field
The present invention relates to field of information security technology, relate in particular to cipher-code input method and system with authentication.
Background technology
The password input is the important means of protection personal information, and various important information banks of credit card, Web bank, network data base or the like or information source all can adopt cryptoguard.But, adopt cryptoguard to have a kind of potential risks, cryptoguard thinks that password can not leak, if inputed correct password, just thinks that the object of input password has the power of visit relevant information resource.So once password leakage, it is not protected that all information resources will become, this is very dangerous situation.And, the present means that stealing passwords more and more occurred.
Must be improved the method for cryptoguard, be increased the fail safe of protection.
Summary of the invention
The invention provides a kind of new cryptoguard technology, in authentication password, also need the employed terminal of input password is verified, like this, when password is stolen, still can play effective protective effect.
Technical scheme of the present invention is as follows:
A kind of cipher-code input method comprises:
Determine password, this password is as the password of visit one information resources;
Determine input terminal, this input terminal is as the input terminal of visit information resource;
When receiving the user, require the user to use current terminal input current password for the access request of information resources;
Relatively current password and this password, and current terminal and input terminal when the both is consistent, allow the user access information resource.
This method can also be set entry condition, when receiving the user for the access request of information resources, if satisfy entry condition, then need current password and password, and current terminal and input terminal both meet and just allow the user access information resource, if do not satisfy entry condition, then only need current password and password to meet, promptly allow the user access information resource.
Input terminal can comprise: have particular number portable terminal, have the fixed terminal of particular number or have the network terminal of particular ip address.
When information resources are Bank Account Number, the amount of money that entry condition can be set to be scheduled to.
The present invention also provides a kind of password input system, comprising:
Cipher server is used for determining password, and this password is as the password of visit one information resources;
The input server is used to receive the password input from input terminal;
Authentication server, whether the checking user obtains allowing for the access request of information resources;
Access server for the user who is allowed to, makes the user access information resource;
Wherein, authentication server is determined the input terminal of an input terminal as the visit information resource;
When authentication server receives the user for the access request of information resources, require the user to use current terminal input current password, and compare current password and password, and current terminal and input terminal, when the both is consistent, allow the user access information resource.
This authentication server is also set entry condition, when receiving the user for the access request of information resources, if satisfy entry condition, then need current password and password, and current terminal and input terminal both meet and just allow the user access information resource, if do not satisfy entry condition, then only need current password and password to meet, promptly allow the user access information resource.
Input terminal comprises: have particular number portable terminal, have the fixed terminal of particular number or have the network terminal of particular ip address.
When information resources are Bank Account Number, the amount of money that entry condition can be set to be scheduled to.
Technical scheme of the present invention also needs input password employed terminal is verified in authentication password, like this, even when password is stolen, still can play effective protective effect.
Description of drawings
Fig. 1 is the flow chart of cipher-code input method of the present invention;
Fig. 2 is the structure chart of password input system of the present invention.
Embodiment
Design philosophy of the present invention is in setting code, also to set the particular terminal of input password, such as, special mobile phone has only and adopts the password of this mobile phone input just can be considered to effective, otherwise,, also can't visit the information resources of desired visit even the password input is correct.
With reference to shown in Figure 1, cipher-code input method of the present invention comprises following step:
11. determine password, this password is as the password of visit one information resources.Here so-called information resources can be credit card, Web bank, network data base or the like.
12. determine input terminal, this input terminal is as the input terminal of visit information resource.In this step, also need the terminal of input password is specified, such as, determine that one has particular number portable terminal (such as the mobile phone of particular hand plane No.), has the fixed terminal (landline telephone of particular telephone number) of particular number or has the network terminal (computer with particular ip address) of particular ip address.
13. when receiving the user, require the user to use current terminal input current password for the access request of information resources.When the user asks the visit information resource, can be required to input password, because the input password must realize by some terminals, therefore, the current terminal that is used for inputing password is considered to current terminal, and the password of current input is considered to current password.
14. compare current password and the password of determining before, and the input terminal of current terminal and appointment, when the both is consistent, allow the user access information resource.
With the consumption of input credit card password is example, and the password of setting such as the user is " 123456 ", and the input terminal of appointment be telephone number is the mobile phone of " 00000000001 ".Then use this credit card to consume as the people, when needing the input password, verify not only whether its password is " 123456 ", also needing checking whether to be to use telephone number is that the mobile phone of " 00000000001 " is imported.Have only under the situation that the both meets, just allow to use this credit card.One of them condition does not meet, and all can not use this credit card.
Sometimes, the user may think when not needing to carry out dual checking in some cases, can set entry condition, when receiving the user,, then need current password and determine password before if satisfy entry condition for the access request of information resources, and the input terminal both of current terminal and appointment meets and just allows the user access information resource, if do not satisfy entry condition, then only need current password and password to meet, promptly allow the user access information resource.
With the Bank Account Number is example (credit card also is a kind of Bank Account Number), and entry condition is the predetermined amount of money.Such as setting the predetermined amount of money is more than 10000 yuan, then when the number of consuming during greater than 10000 yuan, starts dual checking, if below 10000 yuan, then only adopts password authentification.
With reference to shown in Figure 2, disclosed the structure of password input system, comprising:
Access server 24 for the user who is allowed to, makes the user access information resource;
Wherein, authentication server is determined the input terminal of an input terminal as the visit information resource;
When authentication server receives the user for the access request of information resources, require the user to use current terminal input current password, and compare current password and the password of determining before, and the input terminal of current terminal and appointment, when the both is consistent, allow the user access information resource.
Input terminal comprises: have particular number portable terminal, have the fixed terminal of particular number or have the network terminal of particular ip address.
When information resources were Bank Account Number, entry condition was the predetermined amount of money.
Described all details of associated methods can be applied in this system before, therefore no longer system are described in detail here.
Technical scheme of the present invention also needs input password employed terminal is verified in authentication password, like this, even when password is stolen, still can play effective protective effect.
Claims (8)
1. a cipher-code input method is characterized in that, comprising:
Determine password, this password is as the password of visit one information resources;
Determine input terminal, this input terminal is as the input terminal of the described information resources of visit;
When receiving the user, require the user to use current terminal input current password for the access request of described information resources;
More described current password and described password, and current terminal and described input terminal when the both is consistent, allow the described information resources of user capture.
2. cipher-code input method as claimed in claim 1 is characterized in that, also comprises:
Set entry condition, when receiving the user for the access request of described information resources, if satisfy described entry condition, then need current password and described password, and current terminal and described input terminal both meet and just allow the described information resources of user capture, if do not satisfy described entry condition, then only need current password and described password to meet, promptly allow the described information resources of user capture.
3. cipher-code input method as claimed in claim 2 is characterized in that, described input terminal comprises:
Have particular number portable terminal, have the fixed terminal of particular number or have the network terminal of particular ip address.
4. cipher-code input method as claimed in claim 2 is characterized in that, when described information resources were Bank Account Number, described entry condition was the predetermined amount of money.
5. a password input system is characterized in that, comprising:
Cipher server is used for determining password, and this password is as the password of visit one information resources;
The input server is used to receive the password input from input terminal;
Authentication server, whether the checking user obtains allowing for the access request of described information resources;
Access server for the user who is allowed to, makes the described information resources of described user capture;
Wherein, described authentication server is determined the input terminal of an input terminal as the described information resources of visit;
When authentication server receives the user for the access request of described information resources, require the user to use current terminal input current password, and more described current password and described password, and current terminal and described input terminal, when the both is consistent, allow the described information resources of user capture.
6. password input system as claimed in claim 5 is characterized in that,
Described authentication server is also set entry condition, when receiving the user for the access request of described information resources, if satisfy described entry condition, then need current password and described password, and current terminal and described input terminal both meet and just allow the described information resources of user capture, if do not satisfy described entry condition, then only need current password and described password to meet, promptly allow the described information resources of user capture.
7. password input system as claimed in claim 6 is characterized in that, described input terminal comprises:
Have particular number portable terminal, have the fixed terminal of particular number or have the network terminal of particular ip address.
8. password input system as claimed in claim 6 is characterized in that, when described information resources were Bank Account Number, described entry condition was the predetermined amount of money.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2008102019488A CN101394282A (en) | 2008-10-30 | 2008-10-30 | Cipher inputting method and system having identity verification |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2008102019488A CN101394282A (en) | 2008-10-30 | 2008-10-30 | Cipher inputting method and system having identity verification |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101394282A true CN101394282A (en) | 2009-03-25 |
Family
ID=40494380
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA2008102019488A Pending CN101394282A (en) | 2008-10-30 | 2008-10-30 | Cipher inputting method and system having identity verification |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101394282A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102571859A (en) * | 2010-12-29 | 2012-07-11 | 鸿富锦精密工业(深圳)有限公司 | System and method for controlling robot through cloud computation |
| CN107994996A (en) * | 2017-12-13 | 2018-05-04 | 山东渔翁信息技术股份有限公司 | A kind of method, apparatus and computer-readable recording medium for protecting key |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2002054243A1 (en) * | 2000-12-28 | 2002-07-11 | Morgan Stanley | Authentication method and device |
| CN101087193A (en) * | 2007-02-27 | 2007-12-12 | 马骏 | New method for using the mobile number bond with account for identity identification |
| CN101167079A (en) * | 2006-03-29 | 2008-04-23 | 日本三菱东京日联银行股份有限公司 | User affirming device, method and program |
-
2008
- 2008-10-30 CN CNA2008102019488A patent/CN101394282A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2002054243A1 (en) * | 2000-12-28 | 2002-07-11 | Morgan Stanley | Authentication method and device |
| CN101167079A (en) * | 2006-03-29 | 2008-04-23 | 日本三菱东京日联银行股份有限公司 | User affirming device, method and program |
| CN101087193A (en) * | 2007-02-27 | 2007-12-12 | 马骏 | New method for using the mobile number bond with account for identity identification |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102571859A (en) * | 2010-12-29 | 2012-07-11 | 鸿富锦精密工业(深圳)有限公司 | System and method for controlling robot through cloud computation |
| CN107994996A (en) * | 2017-12-13 | 2018-05-04 | 山东渔翁信息技术股份有限公司 | A kind of method, apparatus and computer-readable recording medium for protecting key |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101310286B (en) | Improved single sign on | |
| CN103377332B (en) | The method of access application and device | |
| US11317282B2 (en) | Intelligent method for sim-swap fraud detection and prevention | |
| CN110149328A (en) | Interface method for authenticating, device, equipment and computer readable storage medium | |
| CN103813334A (en) | Right control method and right control device | |
| CN105868970A (en) | Authentication method and electronic device | |
| WO2006065002A1 (en) | User authentication method in another network using digital signature made by mobile terminal | |
| CN106778138A (en) | The control method and device of software license limit | |
| KR20060102456A (en) | System and method for authenticating user, server for authenticating user and recording medium | |
| CN102610045B (en) | Trustable mobile payment system and mobile payment method | |
| CN106161710A (en) | A kind of user account safety management system based on smart mobile phone | |
| KR101607935B1 (en) | System for paying mobile using finger scan and method therefor | |
| CN102882682A (en) | GPS (global positioning system) based identity authentication method and system | |
| KR101548933B1 (en) | System for securiting mobile and method therefor | |
| CN102404305A (en) | Method for identity authentication of Internet user | |
| KR20140112785A (en) | Financial service system and method thereof, and apparatus applied to the same | |
| CN105871840B (en) | A kind of certificate management method and system | |
| CN101394282A (en) | Cipher inputting method and system having identity verification | |
| CN106375304A (en) | One-time authentication method realized by utilization of intelligent hardware | |
| CN106533685B (en) | Identity authentication method, device and system | |
| CN101854627A (en) | Login authentication system and method | |
| KR101103634B1 (en) | Method for attestating credit card company server and that server | |
| KR101611099B1 (en) | Method for issuing of authentication token for real name identification, method for certifying user using the authentication token and apparatus for performing the method | |
| CN109309917B (en) | eID digital identity authentication method and system based on mobile terminal software cryptographic module | |
| CN103235917A (en) | Application protection method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20090325 |