CN101789057A - Hardware password confirming method - Google Patents
Hardware password confirming method Download PDFInfo
- Publication number
- CN101789057A CN101789057A CN 200910009623 CN200910009623A CN101789057A CN 101789057 A CN101789057 A CN 101789057A CN 200910009623 CN200910009623 CN 200910009623 CN 200910009623 A CN200910009623 A CN 200910009623A CN 101789057 A CN101789057 A CN 101789057A
- Authority
- CN
- China
- Prior art keywords
- password
- control module
- hardware
- application program
- controlling application
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Storage Device Security (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention provides a hardware password confirming method. The steps of the method are as follows: first, a controlling application program transmits a password confirming request to a control module with at least one preset password; second, after receiving the password confirming request, the control module generates a password input request and stands by; third, a user inputs the password by an input device connected with the control module; finally, the control module receives the input of the password and judges whether the password is the same as the preset one. If the password is the same as the preset one, the input password is correct and an execution mode starts; if the password is not the same as the preset one, a failure mode starts. Therefore, the password comparison is completely carried out in the control module without interaction with an operating system or other software, so as to effectively prevent an illegal user from stealing or damaging the password by a malicious software program.
Description
Technical field
The present invention relates to a kind of password confirming method, particularly relate to a kind of password confirming method of finishing by hardware.
Background technology
21st century is the society of an advanced IT application, the progress and development let us of science and technology can use the every things in the Computer Processing life widely, for example text-processing, data base administration, account calculating, computer graphics, digital photography, Flame Image Process, CD baking, and multimedia making or the like, computing machine all can provide rapidly, directly, high-quality and gratifying service.
Yet, also because people subsist beneficial cumulative for the dependence of computing machine, for example many financiers also release online service, for the client by the relevant various actions of network operation fund easily, as account transfer, purchase fund, stock etc., but it is relative, social events such as many users' computing machine number of the account and password is cracked, steals and usurp also take place with emerging in an endless stream, and wherein, the computer user is subjected to the trojan horse program stealing passwords because poison be the most large in the relevant crime of present computing machine.
Briefly, so-called trojan horse program, the program that allows the victim be carried out unintentionally with the mode of deceiving people exactly; The relatives and friends that the stranger for example arranged or poisoned have posted an envelope and have given a user with the letter of a malice execute file (trojan horse program just), and be the harmless file shared of relatives and friends and when carrying out as this user because take for, at this moment, this user just becomes the victim of trojan horse program infringement for this reason, and its any password or data of backward being inputed are also covered all at one glance with regard to being stolen.Therefore, trojan horse program is with general viral different, it can self-reproduction, can painstakingly not remove to infect other file yet, the behavioural characteristic of hidden, automatic startup that trojan horse program has, deception, self-recovery, destruction, transmission data, and by camouflage attraction user's download execution or installation, provide the illegal personage who disseminates trojan horse program to open by trojan horse program assaulter's computing machine door, make and disseminate the trojan horse program person can damage arbitrarily, steal by kind of person's file or operation screen, even the remote control computing machine of being invaded by trojan horse program.In addition, classify according to the trojan horse program purpose: its final purpose is gathered information exactly, is awaited a favorable opportunity and carries out the destruction task, is used as springboard and permeates.Its means comprise the track of hideing, capture, Remote, interception package, record key in data, destruction, transmission information, provide package to pass on to reach the springboard function ... etc.
Therefore, how to prevent effectively that password is stolen, make operating system can't obtain the password that the user inputs, just become the direction that relevant dealer institute desire is made great efforts research.
Summary of the invention
The objective of the invention is is providing a kind of hardware password confirming method.
Hardware password confirming method of the present invention comprises following steps:
(a) controlling application program password confirming request to that transmits has the control module of at least one preset password.
(b) this control module is after receiving this password confirming request, produces password input request and awaits orders.
(c) this control module receives the input of a password, and judges whether this password is identical with this preset password, if then the password of being inputed is correct, and enters an execution pattern, if not, then enters a Failure Mode.
Beneficial effect of the present invention is: directly receive the input of this password by this control module, and verify comparison, after confirming, comparison just carries out follow-up processing operation, therefore, this password does not return out this control module, thus the risk of having avoided password to be stolen by other rogue program.
Description of drawings
Fig. 1 is in the explanation hardware password confirming method of the present invention, a calcspar of a preferred embodiment of each arrangements of components form;
Fig. 2 is a process flow diagram of the preferred embodiment running.
Embodiment
The present invention is described in detail below in conjunction with drawings and Examples:
Consult Fig. 1 and Fig. 2, the preferred embodiment of hardware password confirming method of the present invention comprises following steps:
At first, shown in step 60, controlling application program 11 a password confirming request to that transmits has the control module 2 of at least one preset password.
It should be noted that in this preferred embodiment this controlling application program 11 is mounted on the operating system 1 just like Microsft Windows (Windows); And this control module 2 comprises that one is used for judging this password whether correct password comparing unit 22, has the processing unit 23 that carries out one group of processing capacity, and one is used for receiving the request of this controlling application program 11 and returns the hardware control unit 21 of the judged result of this password comparing unit 22; And this preset password is stored in this control module 2 on practice in advance, also can the preset password in this control module 2 be increased newly, change or delete according to a user demand.
Secondly, shown in step 61, this control module 2 produces password input request and awaits orders after this password confirming request of reception.
Then, shown in step 62, this control module 2 receives the input of this user by the password of an input media 4, and this input media 4 directly is connected on this control module 2, so the message of being imported by this input media 4 all needs just to reach operating system 1 through this control module 2 earlier, and this input media 4 can be keyboard, mouse, Trackpad and other device that can supply message to import.
Then, shown in step 63, the password comparing unit 22 of this control module 2 judges whether this password is identical with this preset password, if then shown in step 64, represent that the password that this user inputs is correct, enter an execution pattern, and carry out the relevant treatment of follow-up step 65 to step 67; If not, then shown in step 68, enter a Failure Mode, and carry out step 69, this hardware control unit 21 returns a password authentification failed message to this controlling application program 11, and failure result is presented on the display device 3 (as screen).Yet the step 65 in this preferred embodiment is as follows to step 67 difference:
When password is compared when correct, shown in step 65, this password comparing unit 22, and is presented on this display device 3 to this controlling application program 11 by this hardware control unit 21 passbacks one password authentification success message.
Moreover, after password is compared successfully, except that carrying out above-mentioned steps 65, also carry out shown in step 66, allow of the message transmission of this controlling application program 11 by this hardware control unit 21, make the processing unit 23 of this control module 2 carry out these group processing capacities, and should group processing capacity just shown in step 67, with a file 5 transfer to hiding 51, read-only 52, only write 53 or rebuild 54 etc. function.
In addition, what must remark additionally is, after abovementioned steps 69, except that stopping password authentification program of the present invention at once, also resumes step 61 once more, and point out this user to input password once more, and use the password attempt method of various violence method to crack for fear of illegal personage, as dictionary attack (dictionary attack), when 22 pairs of this password accumulative totals of password comparing unit of this control module 2 are verified certain number of times (as three times), or after between a given period this password accumulative total being verified certain number of times, all runnings of this controlling application program 11 and this control module 2 just stop, prevent the effect that password is cracked to strengthen the present invention, yet, on practice, also can adopt other prior art or the technology that goes out of future development, and therefore the reality of the follow-up protection of password input number of times is not the feature of the present invention's improvement as mode, so do not repeat them here.
Then, will enumerate an actual operation example at hardware password confirming method of the present invention at this elaborates to do further:
When this user's desire utilized the present invention that this document 5 is hidden 51 processing, at first, this user carried out the controlling application program 11 that is installed in this operating system 1; Then, this controlling application program 11 is sent to hardware control unit 21 in this control module 2 by a USB driver 12 with this password confirming request; Then, this hardware control unit 21 just starts this password comparing unit 22, and this user compared by the password of being keyed in these control module 2 direct-connected input medias 4, find that through comparison this password conforms to original preset password that stores, this password comparing unit 22 just returns the password authentification success message to this hardware control unit 21, is presented on this display device 3 by USB driver 12, controlling application program 11, display driving software 15 in regular turn again; Then, this hardware control unit 21 is just notified this processing unit 23 to carry out follow-up file 5 and is handled, therefore, receive and to carry out attribute adjustment when operation to this document 5 when this processing unit 23, after this processing unit 23 is coordinated by a SATA driver 13 and a file system (file system) 14, this document 5 is converted to hiding 51 attributes, and finishes the operation that this user desires to reach.
What deserves to be mentioned is, in the above-mentioned concrete instance, suppose that this control module 2 is to be connected with this operating system 1 by USB interface, so this USB driver 12 of palpus transmits bridge as the message of intermediary, certainly, on practice, this control module 2 also can be carried out the message transmission by connectivity port and this operating system 1 of other form, this is that easy variation of those skilled in the art migrated, and therefore should not be limited to disclosed content in the preferred embodiment.
In addition, this user also can be after this password comparing unit 22 be for this password authentification success, deliver messages to this controlling application program 11 by this hardware control unit 21, relend by 11 pairs one application programs 16 of this controlling application program (as text-processing application program etc.) and carry out instruction issuing, and finish the service (as text maninulation etc.) that this application program 16 provides.
By above explanation as can be known, hardware password confirming method of the present invention, hardware control unit 21 by this control module 2 is receiving the password confirming request of this controlling application program 11, then the password that makes 22 couples of these users of this password comparing unit utilize this input media 4 to be transmitted is verified comparison, and whether decision enters this execution pattern, carrying out in order to follow-up processing operation, therefore, the comparison of this password is directly to pass by this input media 4 to give this password comparing unit 22 and check, only in this control module 2, carry out, and do not spread out of in this operating system 1, so this password is stolen because of this operating system 1 suffers illegal personage to implant rogue program with regard to not taking place, so can reach purpose of the present invention really.
Claims (11)
1. hardware password confirming method is characterized in that comprising following steps:
(1) one controlling application program transmits a password confirming request to and has the control module of at least one preset password;
(2) this control module is after receiving this password confirming request, produces password input request and awaits orders; And
(3) this control module receives the input of a password, and judges whether this password is identical with this preset password, if then the password of being inputed is correct, and enters an execution pattern, if not, then enters a Failure Mode.
2. hardware password confirming method as claimed in claim 1, it is characterized in that: in this step (), this control module comprises that one is used for judging this password whether correct password comparing unit, has the processing unit that carries out one group of processing capacity, and one is used for receiving the request of this controlling application program and returns the hardware control unit of the judged result of this password comparing unit.
3. hardware password confirming method as claimed in claim 2, it is characterized in that: in this step (three), when entering this execution pattern, allow of the message transmission of this controlling application program by this hardware control unit, make this processing unit carry out this group processing capacity.
4. hardware password confirming method as claimed in claim 3 is characterized in that: in this step (three), this group processing capacity of this processing unit is hiding, read-only by a file is transferred to, only write and rebuild the group that function is formed.
5. hardware password confirming method as claimed in claim 4, it is characterized in that: in this step (three), when entering this Failure Mode, this hardware control unit returns a password authentification failed message to this controlling application program, and failure result is presented on a display device, return this step (two).
6. hardware password confirming method as claimed in claim 5 is characterized in that: in this step (three), after this control module was verified certain number of times to this password accumulative total, this controlling application program and this control module ceased to function.
7. hardware password confirming method as claimed in claim 5 is characterized in that: in this step (three), in this control module is between a given period, this password accumulative total verified certain number of times after, this controlling application program and this control module cease to function.
8. hardware password confirming method as claimed in claim 4, it is characterized in that: in this step (three), this Failure Mode is that passback one password authentification failed message is presented on the display device to this controlling application program and with failure result, and this controlling application program and this control module cease to function.
9. as each the described hardware password confirming method in the claim 5 to 8, it is characterized in that: in this step (three), this password is to import by an input media that connects this control module.
10. hardware password confirming method as claimed in claim 9 is characterized in that: in this step (three), this input media is a keyboard, and this display device is a screen.
11. hardware password confirming method as claimed in claim 1, it is characterized in that: in this step (three), when entering this execution pattern, this password comparing unit is compared success message to this controlling application program by this hardware control unit passback password, and is presented on this display device.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200910009623 CN101789057A (en) | 2009-01-23 | 2009-01-23 | Hardware password confirming method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200910009623 CN101789057A (en) | 2009-01-23 | 2009-01-23 | Hardware password confirming method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101789057A true CN101789057A (en) | 2010-07-28 |
Family
ID=42532266
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200910009623 Pending CN101789057A (en) | 2009-01-23 | 2009-01-23 | Hardware password confirming method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101789057A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108734015A (en) * | 2017-04-20 | 2018-11-02 | 周宏建 | Storage device and access authority control method thereof |
-
2009
- 2009-01-23 CN CN 200910009623 patent/CN101789057A/en active Pending
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108734015A (en) * | 2017-04-20 | 2018-11-02 | 周宏建 | Storage device and access authority control method thereof |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110602052B (en) | Micro-service processing method and server | |
| US11763305B1 (en) | Distributed ledger for device management | |
| US10216956B2 (en) | Virtualization input component | |
| CN107169344B (en) | Method for blocking unauthorized application and apparatus using the same | |
| CN102037472B (en) | Software reputation establishment and monitoring system and method | |
| US11924201B1 (en) | Authentication for application downloads | |
| CN1981277A (en) | Quarantine system | |
| US10812471B1 (en) | Bank speech authentication | |
| US10841315B2 (en) | Enhanced security using wearable device with authentication system | |
| JP2018502410A (en) | Common identification data replacement system and method | |
| US11570168B2 (en) | Techniques for repeat authentication | |
| CN103975567B (en) | Two-factor authentication method and virtual machine facility | |
| CN111414612A (en) | Security protection method and device for operating system mirror image and electronic equipment | |
| JP2010086435A (en) | Information processing method and computer | |
| CN113904821A (en) | Identity authentication method and device and readable storage medium | |
| EP1542135A1 (en) | A method which is able to centralize the administration of the user registered information across networks | |
| TWI451740B (en) | Hardware Password Verification Method and Its System | |
| US11715079B2 (en) | Maintaining secure access to a self-service terminal (SST) | |
| US20210306330A1 (en) | Authentication server, and non-transitory storage medium | |
| CN101789057A (en) | Hardware password confirming method | |
| CN106415567B (en) | Security token based on web browser COOKIE possesses method of proof and equipment | |
| CN111444530B (en) | System data access authority control method and device based on block chain and modules | |
| US11874752B1 (en) | Methods and systems for facilitating cyber inspection of connected and autonomous electrical vehicles using smart charging stations | |
| US8914901B2 (en) | Trusted storage and display | |
| US20170214680A1 (en) | Verification request |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Open date: 20100728 |