CN103685311A

CN103685311A - Log-in validation method and device

Info

Publication number: CN103685311A
Application number: CN201310738898.8A
Authority: CN
Inventors: 卓辉; 周森
Original assignee: Netease Hangzhou Network Co Ltd
Current assignee: Hangzhou Netease Zhiqi Technology Co Ltd
Priority date: 2013-12-27
Filing date: 2013-12-27
Publication date: 2014-03-26
Anticipated expiration: 2033-12-27
Also published as: CN103685311B

Abstract

The execution mode of the invention provides a log-in validation method. For example, the method comprises: responding to received information that a user requests to log in, displaying an identification code for identifying a first terminal so as to facilitate a second terminal to collect the image of the identification code, and thus obtaining the pattern of the identification code, generating a login validation request according to the pattern of the identification code, sending the log-in validation request to a server so as to facilitate the server to obtain the user identity information of the second terminal and the content identified by the identification code according to the log-in validation request, performing log-in validation according to the user identity information of the second terminal, returning validation result to the first terminal identified by the identification code, receiving the validation result returned by the server, and thus achieving the purpose of ensuring the safety of user identity. Furthermore, the execution mode of the invention further provides a log-in validation device.

Description

A kind of login validation method and equipment

Technical field

Embodiments of the present invention relate to security fields, and more specifically, embodiments of the present invention relate to a kind of login validation method and equipment.

Background technology

The embodiments of the present invention that be intended to for stating in claims this part provide background or context.Description is not herein because be included in just admit it is prior art in this part.

For the needs of safety or operation, much runing commercial city needs user to input identity information in terminal, signs in to associated server and could use related application.But, under some scene, for example, it is very unsafe in the public terminals such as Internet bar, in other people private terminal, inputting identity information, probably in input identity information, by wooden horse recording and sending, to the server of appointment, is caused identity stolen.

Summary of the invention

Therefore, in the prior art, how login authentication can guarantee that user identity is safely very bothersome problem.

For this reason, be starved of a kind of login validation method, to realize the object that guarantees user identity safety.

In the present context, embodiments of the present invention expectation provides a kind of login validation method and equipment.

In the first aspect of embodiment of the present invention, the login validation method that is applied to first terminal is provided, for example, can comprise: in response to receiving user, ask the message of logining, show for identifying the identification code of described first terminal, so that the second terminal carries out to described identification code the figure that IMAQ obtains described identification code, according to the figure of described identification code, generate login authentication request, to server, send login authentication request, so that described server obtains the subscriber identity information of described the second terminal and the content that described identification code identifies according to described login authentication request, according to the subscriber identity information of described the second terminal, carry out login authentication, first terminal to described identification code sign returns to the result, the result that reception server returns.

In the second aspect of embodiment of the present invention, the login authentication equipment that is disposed at first terminal is provided, for example, can comprise: login receiving element, be configured in response to receiving user and ask the message of logining, show for identifying the identification code of described first terminal, so that the second terminal carries out to described identification code the figure that IMAQ obtains described identification code, according to the figure of described identification code, generate login authentication request, to server, send login authentication request, so that described server obtains the subscriber identity information of described the second terminal and the content that described identification code identifies according to described login authentication request, according to the subscriber identity information of described the second terminal, carry out login authentication, first terminal to described identification code sign returns to the result, checking receiving element, is configured for the result that reception server returns.

In the third aspect of embodiment of the present invention, the login validation method that is applied to the second terminal is provided, for example, can comprise: in response to user, identification code is carried out the operation of IMAQ, the identification code that first terminal is shown is carried out to the figure that IMAQ obtains identification code, wherein, described identification code is used for identifying described first terminal; According to the figure of described identification code, generate login authentication request; To server, send login authentication request, so that described server obtains the subscriber identity information of described the second terminal and the content that described identification code identifies according to described login authentication request, according to the subscriber identity information of described the second terminal, carry out login authentication, the first terminal identifying to described identification code returns to the result.

In the fourth aspect of embodiment of the present invention, the login authentication equipment that is disposed at the second terminal is provided, for example, can comprise: collecting unit, be configured for and in response to user, identification code carried out the operation of IMAQ, the identification code that first terminal is shown is carried out to the figure that IMAQ obtains identification code, and wherein, described identification code is used for identifying described first terminal; Request generation unit, is configured for according to the figure of described identification code and generates login authentication request; Send request unit, be configured for to server and send login authentication request, so that described server obtains the subscriber identity information of described the second terminal and the content that described identification code identifies according to described login authentication request, according to the subscriber identity information of described the second terminal, carry out login authentication, the first terminal identifying to described identification code returns to the result.

Embodiment of the present invention the 5th aspect in, the login validation method that is applied to server is provided, for example, can comprise: in response to the login authentication request that receives the second terminal transmission, wherein, described login authentication request is generated according to the figure of identification code by described the second terminal, wherein, the figure of described identification code specifically by the second terminal response in receiving the message of identification code being carried out to IMAQ, the shown identification code of first terminal is carried out to IMAQ to be obtained, wherein, described identification code is used for identifying described first terminal; According to described login authentication request, obtain the subscriber identity information of described the second terminal and the content that described identification code identifies; According to the subscriber identity information of described the second terminal, carry out login authentication; First terminal to described identification code sign returns to the result.

Embodiment of the present invention the 6th aspect in, the login authentication equipment that is disposed at server is provided, for example, can comprise: checking request reception unit, be configured for the login authentication request sending in response to receiving the second terminal, wherein, described login authentication request is generated according to the figure of identification code by described the second terminal, wherein, the figure of described identification code specifically by the second terminal response in receiving the message of identification code being carried out to IMAQ, the shown identification code of first terminal is carried out to IMAQ to be obtained, wherein, described identification code is used for identifying described first terminal, extraction unit, is configured for the subscriber identity information and the described identification code institute sign content that according to described login authentication request, obtain described the second terminal, authentication unit, is configured for according to the subscriber identity information of described the second terminal and carries out login authentication, return to unit, be configured for to the first terminal of described identification code sign and return to the result.

According to the login validation method of embodiment of the present invention and equipment, because user is when first terminal request is logined, do not need to input subscriber identity information, but shown for identifying the identification code of first terminal by first terminal, the identification code of using the second terminal to show first terminal by user is carried out IMAQ and is generated login authentication request according to the figure of identification code, thereby the login authentication request that server sends according to the second terminal obtains the subscriber identity information of the second terminal and the content that identification code identifies, therefore, server can carry out login authentication according to the subscriber identity information of the second terminal, first terminal to identification code sign returns to the result, therefore, user is without inputting identity information at first terminal, just can there is not subscriber identity information in the stolen safety problem of first terminal yet, realized the object that guarantees user identity safety.

In some possible implementations, the identifying code of having encrypted and other Information generations that identification code can be fed back for logging request according to server by first terminal, because identifying code is encrypted state in terminal and in transmitting procedure, can prevent that identifying code is maliciously tampered, therefore, server is after obtaining the identifying code that identification code identifies, whether before can be after decryption verification code to first terminal being, the terminal of request login be verified, the result is fed back in correct terminal, further guaranteed user identity safety.

In other possible implementations, identification code can be by first terminal according to the hardware information of self and other Information generations, thereby server or the second terminal are after obtaining the hardware information of the first terminal that identification code identifies, the hardware information that can identify identification code and common equipment hardware information compare and obtain common equipment the result, thereby in conjunction with this common equipment the result, carry out login authentication, further guaranteed user identity safety.

In other possible implementation, server is after receiving login authentication request, can also obtain geographical location information that the IP of first terminal is corresponding and the geographical location information corresponding to IP of the second terminal, by server or the second terminal, the two is compared and obtains different-place login the result, thereby in conjunction with this different-place login the result, carry out login authentication, further guaranteed user identity safety.

summary of the invention

The inventor finds to show that by a terminal identification code for identifying this terminal (for example, Quick Response Code), by user, use another terminal to carry out IMAQ and according to the figure of identification code, generate the login authentication request of carrying subscriber identity information identification code, thereby the login authentication request that server can send according to another terminal obtains the content that subscriber identity information and identification code identify, according to subscriber identity information, carry out login authentication, this terminal to identification code sign is returned to the result, therefore, user is without the terminal input identity information in identification code sign, just can there is not subscriber identity information in the stolen safety problem of terminal of identification code sign yet.

After having introduced basic principle of the present invention, lower mask body is introduced various non-limiting execution mode of the present invention.

application scenarios overview

First with reference to figure 1, first terminal 101 can be desktop computer, panel computer, Intelligent sliding moved end etc., and the second terminal 102 can be Intelligent sliding moved end.The login validation method that the application embodiment of the present invention provides, user is without input subscriber identity information on first terminal 101, the identification code of using 102 pairs of first terminals of the second terminal 101 to show is carried out IMAQ and is sent the login authentication request of carrying subscriber identity information, just can make server 103 carry out the login authentication of user identity, and by the result feedback of login authentication to first terminal 101, can effectively guarantee the safety of user identity.

one of illustrative methods

Below in conjunction with the application scenarios of Fig. 1, be described with reference to Figure 2 the login validation method that is applied to first terminal according to exemplary embodiment of the invention.It should be noted that above-mentioned application scenarios is only to illustrate for the ease of understanding spirit of the present invention and principle, embodiments of the present invention are unrestricted in this regard.On the contrary, any scene that embodiments of the present invention can be applied to be suitable for.

For example, referring to Fig. 2, one of login validation method schematic flow sheet that is applied to first terminal (for example, the first terminal 101 of Fig. 1) providing for the embodiment of the present invention.As shown in the figure, a kind of possible execution mode of the present invention can comprise:

S210, in response to receiving user, ask the message of logining, show for identifying the identification code of described first terminal, for example, so that the second terminal (, the second terminal 102 of Fig. 1) described identification code is carried out to the figure that IMAQ obtains described identification code, according to the figure of described identification code, generate login authentication request, to server (for example, the server 103 of Fig. 1) send login authentication request, so that described server obtains the subscriber identity information of described the second terminal and the content that described identification code identifies according to described login authentication request, according to the subscriber identity information of described the second terminal, carry out login authentication, first terminal to described identification code sign returns to the result,

The result that S220, reception server return.

Visible, according to the login validation method of embodiment of the present invention, because user is when first terminal request is logined, do not need to input subscriber identity information, but shown for identifying the identification code of first terminal by first terminal, the identification code of using the second terminal to show first terminal by user is carried out IMAQ and is generated login authentication request according to the figure of identification code, thereby the login authentication request that server can send according to the second terminal obtains the subscriber identity information of the second terminal and the content that identification code identifies, according to the subscriber identity information of the second terminal, carry out login authentication, first terminal to identification code sign returns to the result, therefore, user is without inputting identity information at first terminal, just can there is not subscriber identity information in the stolen safety problem of first terminal yet, realized the object that guarantees user identity safety.

Be understandable that, the identification code described in the embodiment of the present invention can be one dimension code, Quick Response Code, three-dimensional code or other forms of identification code etc.Wherein, the generating mode of described identification code is not limit.

For example, a kind of possible implementation can be, before showing described identification code, at first terminal 101 places of for example Fig. 1, to generate the identification code for the hardware information of identification service information, identifying code and/or first terminal.Below, in conjunction with a kind of possible signalling diagram of login validation method as shown in Figure 3, this implementation is described in detail.As shown in Figure 3, described method can comprise:

S310, first terminal receive the message that user asks login;

For example, first terminal can present webpage or the application program for logining, and user sends the message of request login by webpage or application program.

S320, first terminal send request the message of login to server;

S330, server for example generate, for identifying the identifying code (, Quick Response Code) of first terminal and encrypting;

S340, server return to the identifying code of having encrypted to first terminal;

S350, first terminal are according to business information (for example, instant messaging service, game service etc.), the hardware information of identifying code and/or first terminal (for example, the information such as board chip set model, CPU model, video card model, hard disk model, memory size, display and panel model) generate the identification code for the hardware information of identification service information, identifying code and/or first terminal, wherein, described business information can ask registering service to be determined according to user by first terminal, and first terminal shows described identification code;

For example, can generate the two-dimension code image for the hardware information of identification service information, identifying code and first terminal according to the hardware information of business information, identifying code and first terminal, two-dimension code image is shown at first terminal.

S360, the second terminal carry out to described identification code the figure that IMAQ obtains described identification code, generate the login authentication request of carrying subscriber identity information according to the figure of described identification code;

It should be noted that, the second terminal obtains the mode of subscriber identity information and does not limit.For example, the second terminal, when user carries out the operation of IMAQ to identification code, can be the second terminal that has completed user's login, or, can be also second terminal of not carrying out user's login.If completed the second terminal of user's login, second terminal can extract subscriber identity information (as, user account) from the information of user's login; If do not carry out the second terminal of user's login, the second terminal can require user to input subscriber identity information, according to user's input obtain subscriber identity information (as, account and password).Certainly, also can there be other implementations, do not limit in the present invention.

S370, the second terminal to server send described login authentication request;

The subscriber identity information of one or more and the second terminal in the hardware information of the business information that S380, server identify according to identification code, identifying code, first terminal carries out login authentication;

The first terminal that S390, server identify to described identifying code returns to the result.

Visible, in this embodiment, identification code can in the hardware information three of identification service information, identifying code, first terminal any or a plurality of, or can also be for identifying other information, wherein:

When for identification service information, whether server can to allowing user to should business login verifying;

When identifying the identifying code of having encrypted, because identifying code itself is through server for encrypting, the inside can comprise timestamp, the information such as general unique identifier, any other terminal cannot be deciphered and cannot be distorted, therefore, server is after obtaining the identifying code that identification code identifies, can after decryption verification code, to identifying code, verify, be equivalent to login authentication request for terminal be whether before the terminal of request login verify, thereby can guarantee the result to feed back in correct terminal, further guarantee user identity safety;

When identifying the hardware information of first terminal, the hardware information that server or the second terminal can identify identification code compares and obtains common equipment the result with the common equipment hardware information prestoring, thereby server can carry out login authentication in conjunction with this common equipment the result, thereby when other people usurp identity login by other equipment, can be verified out according to hardware information difference, further guarantee user identity safety.

In addition, in the possible implementation of another kind, server asks, after the message of login, can also comprise receiving the user that first terminal sends: the IP(Internet protocol of obtaining first terminal) address, inquires the geographical location information corresponding to IP address of first terminal; Server, after receiving the login authentication request of the second terminal transmission, can also comprise: obtain the IP address of the second terminal, inquire the geographical location information corresponding to IP address of the second terminal; The geographical location information corresponding to IP of geographical location information corresponding to the IP of described first terminal and described the second terminal compared and obtain different-place login the result, so that server carries out login authentication according to described different-place login the result; Or, to the second terminal, return to geographical location information that the IP of first terminal is corresponding and the geographical location information corresponding to IP of the second terminal, by the second terminal, the geographical location information corresponding to IP of geographical location information corresponding to the IP of described first terminal and described the second terminal compared and obtain different-place login the result, so that server carries out login authentication according to described different-place login the result.

In this embodiment, geographical location information corresponding to IP is such as being the information such as city, province, because server or the second terminal compare and obtain different-place login the result the geographical location information corresponding to IP of geographical location information corresponding to the IP of first terminal and described the second terminal, thereby server can carry out login authentication in conjunction with this different-place login the result, has further guaranteed user identity safety.

In the implementation in conjunction with above-mentioned two kinds of embodiment, the second terminal can be that non-common equipment and/or described different-place login the result are while being different-place login at described common equipment the result, present the information of whether authorizing non-common equipment and/or different-place login, if the second terminal receives the authorization message of user's input, to described server, send described authorization message, so that server carries out login authentication according to the subscriber identity information of authorization message and described the second terminal.

one of example devices

After having introduced one of the method for exemplary embodiment of the invention, next, with reference to one of login authentication equipment that is disposed at first terminal of 4 pairs of exemplary embodiment of the invention of figure, be introduced.

For example, referring to Fig. 4, one of a kind of login authentication device structure schematic diagram providing for the embodiment of the present invention.As shown in the figure, this a kind of possible execution mode that is disposed at the equipment of first terminal can comprise: login receiving element 410, can be configured in response to receiving user and ask the message of logining, show for identifying the identification code of described first terminal, so that the second terminal carries out to described identification code the figure that IMAQ obtains described identification code, according to the figure of described identification code, generate login authentication request, to server, send login authentication request, so that described server obtains the subscriber identity information of described the second terminal and the content that described identification code identifies according to described login authentication request, according to the subscriber identity information of described the second terminal, carry out login authentication, first terminal to described identification code sign returns to the result, checking receiving element 420, can be configured for the result that reception server returns.

Visible, according to the login authentication equipment of embodiment of the present invention, because user is when first terminal request is logined, do not need to input subscriber identity information, but shown for identifying the identification code of first terminal at first terminal by login receiving element 410, the identification code of using the second terminal to show first terminal by user is carried out IMAQ and is generated login authentication request according to the figure of identification code, thereby the login authentication request that server can send according to the second terminal obtains the subscriber identity information of the second terminal and the content that identification code identifies, according to the subscriber identity information of the second terminal, carry out login authentication, the result that the first terminal being identified to identification code by checking receiving element 420 reception servers again returns, therefore, user is without inputting identity information at first terminal, just can there is not subscriber identity information in the stolen safety problem of first terminal yet, realized the object that guarantees user identity safety.

Be understandable that, the identification code described in the embodiment of the present invention can be one dimension code, Quick Response Code, three-dimensional code or other forms of identification code etc.Wherein, the generating mode of described identification code is not limit.For example, described login authentication equipment can also comprise: identification code generation unit 430, can be configured for and generate for identification service information, the described identification code of the hardware information of identifying code and/or first terminal, wherein, described identifying code is used for identifying described first terminal, specifically by server, after the message of request login that receives first terminal, generated, encrypt and turn back to first terminal, described business information asks the business of login to be determined according to user, so that the business information that server identifies according to identification code, identifying code, one or more in the hardware information of first terminal, and the subscriber identity information of the second terminal carries out login authentication.

Visible, in this implementation, identification code can in the hardware information three of identification service information, identifying code, first terminal any or a plurality of, or can also be for identifying other information, wherein, when for identification service information, whether server can to allowing user to should business login verifying; When identifying the identifying code of having encrypted, because the identifying code of having encrypted is encrypted state in terminal and in transmitting procedure, can prevent that identifying code is maliciously tampered, therefore, server is after obtaining the identifying code that identification code identifies, can after decryption verification code, to identifying code, verify, be equivalent to login authentication request for terminal be whether before the terminal of request login verify, thereby can guarantee the result to feed back in correct terminal, further guarantee user identity safety; When identifying the hardware information of first terminal, the hardware information that server or the second terminal can identify identification code compares and obtains common equipment the result with the common equipment hardware information prestoring, thereby server can carry out login authentication in conjunction with this common equipment the result, thereby when other people usurp identity login by other equipment, can be verified out, further guarantee user identity safety.

It should be noted that identification code generation unit 430 use dotted lines in Fig. 4, to represent that this unit is not the necessary unit of present device.

two of illustrative methods

After having introduced one of the login validation method that is applied to first terminal, below in conjunction with Fig. 5, two of the login validation method that is applied to the second terminal that the embodiment of the present invention is provided describes in detail.

For example, referring to Fig. 5, two of the login validation method schematic flow sheet that is applied to the second terminal (for example, the second terminal 102 shown in Fig. 1) providing for the embodiment of the present invention.As shown in the figure, a kind of possible execution mode of the present invention can comprise:

S510, in response to user, identification code is carried out the operation of IMAQ, the identification code that first terminal is shown is carried out to the figure that IMAQ obtains identification code, wherein, described identification code is used for identifying described first terminal.

Be understandable that, the identification code described in the embodiment of the present invention can be one dimension code, Quick Response Code, three-dimensional code or other forms of identification code etc.

It should be noted that, the second terminal, when user carries out the operation of IMAQ to identification code, can be the second terminal that has completed user's login, or, can be also second terminal of not carrying out user's login.Do not limit in the present invention.For example: can, after user logins by the second terminal, in response to user, to identification code, carry out the operation of IMAQ; Or, after identification code is carried out to IMAQ, automatically carry out user in the operation of first terminal login; Or, when step S520 generates login authentication request according to the figure of identification code below, be the request in first terminal login to user, be also the request in the second terminal login; Again or, also can have any other possible implementation combining with login, do not limit in the present invention.

S520, according to the figure of described identification code, generate login authentication request.

For example, in a kind of possible implementation, can identify the figure of described identification code, obtain the hardware information of business information, identifying code and/or first terminal that described identification code identifies; By the hardware information of business information, identifying code and/or first terminal, and the subscriber identity information of described the second terminal is carried in checking request, generates checking request; Or, in the possible implementation of another kind, the figure of the subscriber identity information of described the second terminal and described identification code can be carried in checking request, generate checking request;

Wherein, described identification code can be generated by first terminal, and for the hardware information of identification service information, identifying code and/or described first terminal, wherein, described identifying code is used for identifying described first terminal.Particularly, signalling diagram as shown in Figure 3, described identifying code specifically can be generated described identifying code and encrypt by server after the message of request login that receives first terminal, again identifying code is turned back to first terminal, wherein, described business information can ask the business of login to be determined according to user by first terminal.

Because identification code can be for the hardware information of identification service information, identifying code and/or first terminal, the subscriber identity information of one or more and the second terminal in the hardware information of the business information that therefore, server can identify according to identification code, identifying code, first terminal carries out login authentication.When for identification service information, whether server can to allowing user to should business login verifying; When identifying the identifying code of having encrypted, can prevent that identifying code is maliciously tampered, thereby can guarantee the result to feed back in correct terminal, further guaranteed user identity safety; When identifying the hardware information of first terminal, the hardware information that server or the second terminal can identify identification code compares and obtains common equipment the result with the common equipment hardware information prestoring, thereby server can carry out login authentication in conjunction with this common equipment the result, thereby when other people usurp identity login by other equipment, can be verified out, further guarantee user identity safety.

S530, to server, send login authentication request, so that described server obtains the subscriber identity information of described the second terminal and the content that described identification code identifies according to described login authentication request, according to the subscriber identity information of described the second terminal, carry out login authentication, the first terminal identifying to described identification code returns to the result.

In a kind of possible implementation of the embodiment of the present invention, can also obtain one or more in rightness of business the result, identifying code legitimate verification result, common equipment the result by following steps, and then server can be according to the one or more login authentication of carrying out in rightness of business the result, identifying code legitimate verification result, common equipment the result, particularly, for example, the embodiment of the present invention can also comprise following arbitrary step or combination:

When described identification code is used for identification service information, can receive the rightness of business the result that described server returns for described checking request, wherein, described rightness of business the result specifically can obtain described subscriber identity information and described business information according to described checking request by server, and the described business information legitimate traffic corresponding with described subscriber identity information compared and obtained; When described identification code is used for identifying identifying code, can receive the identifying code legitimate verification result that described server returns for described checking request, wherein, described identifying code legitimate verification result specifically can obtain described identifying code according to described checking request by server, to the deciphering of described identifying code, to the terminal of the identifying code sign after deciphering, be whether that terminal that described identifying code identifies when generating judges and obtains; When described identification code is used for identifying the hardware information of first terminal, can receive the common equipment the result that described server returns for described checking request, wherein, whether described common equipment the result specifically can be obtained by server the hardware information of described subscriber identity information and described first terminal according to described checking request, to the hardware information of described first terminal, be that usual hardware information that described subscriber identity information is corresponding judges and obtains; When described identification code is used for identifying the hardware information of first terminal, can receive the usual hardware information corresponding with described subscriber identity information that described server returns for described checking request, the hardware information of the first terminal that described identification code is identified and described usual hardware information compare, and obtain common equipment the result.

In the another kind of possible implementation of the embodiment of the present invention, can also obtain different-place login the result by following steps, and then server can also carry out login authentication in conjunction with different-place login the result.Particularly, the embodiment of the present invention can also comprise the following steps:

Receive geographical location information that the IP of the described first terminal that described server returns for described checking request is corresponding and the geographical location information corresponding to IP of described the second terminal, the geographical location information corresponding to IP of geographical location information corresponding to the IP of described first terminal and described the second terminal compared and obtain different-place login the result; Or, receive the different-place login the result that described server returns for described checking request, wherein, after described different-place login the result specifically receives described checking request by described server, inquire about geographical location information that the IP of described first terminal is corresponding and the geographical location information corresponding to IP of described the second terminal, the geographical location information corresponding to IP of geographical location information corresponding to the IP of described first terminal and described the second terminal compared and obtained.

It should be noted that, carrying out and relatively obtain in the implementation of different-place login the result by the second terminal, can also return to described different-place login the result so that server carries out login authentication in conjunction with login authentication result by the second terminal to server.

Or, in the implementation in conjunction with above-mentioned two kinds of embodiment, if server is determined subscriber identity information and is verified, and rightness of business the result is that legal, described common equipment the result is that common equipment and/or described different-place login the result are non-different-place login, can directly determine that the result of login is for logining successfully.

two of example devices

Introduced exemplary embodiment of the invention method two after, next, with reference to two of the login authentication equipment that is disposed at the second terminal of 6 pairs of exemplary embodiment of the invention of figure, be introduced.

For example, referring to Fig. 6, two of a kind of login authentication device structure schematic diagram providing for the embodiment of the present invention.As shown in the figure, this kind of possible execution mode that is disposed at the equipment of the second terminal can comprise:

Collecting unit 610, can be configured for and in response to user, identification code be carried out the operation of IMAQ, and the identification code that first terminal is shown is carried out to the figure that IMAQ obtains identification code, and wherein, described identification code is used for identifying described first terminal; Request generation unit 620, can be configured for according to the figure of described identification code and generate login authentication request; Send request unit 630, can be configured for to server and send login authentication request, so that described server obtains the subscriber identity information of described the second terminal and the content that described identification code identifies according to described login authentication request, according to the subscriber identity information of described the second terminal, carry out login authentication, the first terminal identifying to described identification code returns to the result.

Visible, according to the second terminal login authentication equipment that is disposed at of embodiment of the present invention, by collecting unit 610, gathered the figure of the identification code of first terminal demonstration, request generation unit 620 generates login authentication request according to the figure of identification code, send request unit 630 and send login authentication request to server, thereby server can carry out login authentication according to the subscriber identity information of the second terminal, first terminal to identification code sign returns to the result, therefore, user is without inputting identity information at first terminal, just can there is not subscriber identity information in the stolen safety problem of first terminal yet, realized the object that guarantees user identity safety.

In a kind of possible implementation of the embodiment of the present invention, as shown in Figure 6, described request generation unit 620 can comprise: the first recognin unit 621, can be configured for the figure of described identification code is identified, obtain the hardware information of business information, identifying code and/or first terminal that described identification code identifies; Generate subelement 622, can be configured for the hardware information of business information, identifying code and/or first terminal, and the subscriber identity information of described the second terminal is carried in checking request, generate checking request; Or described request generation unit 620, can be configured for the figure of the login account of described the second terminal and described identification code is carried in checking request, generates checking request.

It should be noted that, wherein said identification code specifically can be generated by first terminal, and for the hardware information of identification service information, identifying code and/or described first terminal, wherein, described identifying code can be for identifying described first terminal.Particularly, signalling diagram as shown in Figure 3, specifically by server, after the message of request login that receives first terminal, generate, encrypt and turn back to first terminal, wherein, described business information can ask the business of login to be determined according to user by first terminal.

In a kind of possible implementation of the embodiment of the present invention, can also be by obtain rightness of business the result with lower unit, identifying code legitimate verification result, one or more in common equipment the result, and then server can be according to rightness of business the result, identifying code legitimate verification result, one or more login authentication of carrying out in common equipment the result, particularly, for example, the embodiment of the present invention can also comprise following any unit or combination: business the result receiving element 640, can be configured for when described identification code is during for identification service information, receive the rightness of business the result that described server returns for described checking request, wherein, described rightness of business the result specifically obtains described subscriber identity information and described business information by server according to described checking request, the described business information legitimate traffic corresponding with described subscriber identity information compared and obtained, identifying code the result receiving element 650, can be configured for when described identification code is when identifying identifying code, receive the identifying code legitimate verification result that described server returns for described checking request, wherein, described identifying code legitimate verification result specifically obtains described identifying code by server according to described checking request, to the deciphering of described identifying code, to the terminal of the identifying code sign after deciphering, be whether that terminal that described identifying code identifies when generating judges and obtains, conventional the result receiving element 660, can be configured for when described identification code is when identifying the hardware information of first terminal, receive the common equipment the result that described server returns for described checking request, wherein, whether described common equipment the result is specifically obtained the hardware information of described subscriber identity information and described first terminal according to described checking request by server, to the hardware information of described first terminal, be that usual hardware information that described subscriber identity information is corresponding judges and obtains, general information receiving element 670, can be configured for when described identification code is when identifying the hardware information of first terminal, receives the usual hardware information corresponding with described subscriber identity information that described server returns for described checking request, the first conventional judging unit, the hardware information and the described usual hardware information that are configured for the first terminal that described identification code that general information receiving element is received identifies compare, and obtain common equipment the result.

In the another kind of possible implementation of the embodiment of the present invention, can also be by obtain different-place login the result with lower unit, and then server can also carry out login authentication in conjunction with different-place login the result.Particularly, the embodiment of the present invention can also comprise: geography information receiving element 680, can be configured for and receive geographical location information that the IP of the described first terminal that described server returns for described checking request is corresponding and the geographical location information corresponding to IP of described the second terminal; The first geography information comparing unit 681, the geographical location information corresponding to IP that can be configured for geographical location information that the IP of the first terminal that geography information receiving element is received is corresponding and the second terminal compares and obtains different-place login the result; Or, geographical the result receiving element 682, can be configured for and receive the different-place login the result that described server returns for described checking request, wherein, after described different-place login the result specifically receives described checking request by described server, inquire about geographical location information that the IP of described first terminal is corresponding and the geographical location information corresponding to IP of described the second terminal, the geographical location information corresponding to IP of geographical location information corresponding to the IP of described first terminal and described the second terminal compared and obtained.

In the implementation in conjunction with above-mentioned two kinds of embodiment, the login authentication equipment that is disposed at the second terminal can also comprise: Tip element 690, can be configured for when described common equipment the result be non-common equipment and/or described different-place login the result while being different-place login, present the information of whether authorizing non-common equipment and/or different-place login; Authorize transmitting element 691, if can be configured for the authorization message that receives user's input, to described server, send described authorization message, so that server carries out login authentication according to the subscriber identity information of authorization message and described the second terminal.

It should be noted that, in the present embodiment, the first recognin unit 621, generation subelement 622, business the result receiving element 640, identifying code the result receiving element 650, conventional the result receiving element 660, general information receiving element 670, geography information receiving element 680, the first geography information comparing unit 681, geographical the result receiving element 682, Tip element 690, mandate transmitting element 691 are used dotted lines in Fig. 6, to represent that this unit is not the necessary unit of present device.

three of illustrative methods

Introduced exemplary embodiment of the invention method two after, next, with reference to three of the login validation method that is applied to server of 7 pairs of exemplary embodiment of the invention of figure, be introduced.

For example, referring to Fig. 7, three of the login validation method schematic flow sheet that is applied to server (for example, the server shown in Fig. 1 103) providing for the embodiment of the present invention.As shown in the figure, this a kind of possible execution mode that is applied to the login validation method of server can comprise: S710, in response to the login authentication request that receives the second terminal and send, wherein, described login authentication request is generated according to the figure of identification code by described the second terminal, wherein, the figure of described identification code specifically by the second terminal response in receiving the message of identification code being carried out to IMAQ, the shown identification code of first terminal is carried out to IMAQ to be obtained, wherein, described identification code is used for identifying described first terminal; It should be noted that, wherein, described the second terminal can be the second terminal that has completed user's login, or, can be also second terminal of not carrying out user's login.Do not limit in the present invention.

S720, according to described login authentication request, obtain the subscriber identity information of described the second terminal and the content that described identification code identifies.

For example, in a kind of possible implementation, can work as described login authentication request while carrying the content of identification code sign and the subscriber identity information of the second terminal, resolve described login authentication request and obtain the content of described identification code sign and the subscriber identity information of the second terminal; Or, in the possible implementation of another kind, can work as described login authentication request while carrying the figure of identification code and the subscriber identity information of the second terminal, resolve described login authentication request and obtain the figure of described identification code and the subscriber identity information of the second terminal, the figure of described identification code is identified to the content that obtains described identification code sign.

It should be noted that, wherein, described identification code specifically can be generated by first terminal, hardware information for identification service information, identifying code and/or described first terminal, wherein, described identifying code can be for identifying described first terminal, signalling diagram as shown in Figure 3, described identifying code specifically can generate, encrypt and turn back to first terminal by server after the message of request login that receives first terminal, wherein, described business information can ask the business of login to be determined according to user by first terminal.

When for identification service information, whether server can to allowing user to should business login verifying; When identifying the identifying code of having encrypted, can prevent that identifying code is maliciously tampered, thereby can guarantee the result to feed back in correct terminal, further guaranteed user identity safety; When identifying the hardware information of first terminal, the hardware information that server or the second terminal can identify identification code compares and obtains common equipment the result with the common equipment hardware information prestoring, thereby server can carry out login authentication in conjunction with this common equipment the result, thereby when other people usurp identity login by other equipment, can be verified out, further guarantee user identity safety.

S730, according to the subscriber identity information of described the second terminal, carry out login authentication.It should be noted that, the subscriber identity information that obtains described the second terminal according to described login authentication request can be the subscriber identity information that user has logined in the second terminal, according to this subscriber identity information, carry out login authentication, can be specifically to determine that according to this subscriber identity information user, in the second terminal login, determines one's identity and is verified etc.Or, can to be user preserve but the subscriber identity information of login not in the second terminal the subscriber identity information that obtains described the second terminal according to described login authentication request, whether according to this subscriber identity information, carry out login authentication, can be specifically according to this subscriber identity information, in legal identity information database, to mate the checking that determines one's identity to pass through etc.Again or, also can have other possible implementations, do not limit in the present invention.

For example, in a kind of possible implementation, the subscriber identity information of one or more and the second terminal in the hardware information of the business information that can identify according to identification code, identifying code, first terminal carries out login authentication.

S740, the first terminal identifying to described identification code return to the result.

Visible, according to the login validation method of embodiment of the present invention, because user is without at first terminal input identity information, just can there is not subscriber identity information in the stolen safety problem of first terminal yet, realized the object that guarantees user identity safety.

When described identification code is used for identification service information, can obtain described subscriber identity information and described business information according to described checking request, the described business information legitimate traffic corresponding with described subscriber identity information compared and obtain rightness of business the result;

When described identification code is used for identifying identifying code, can obtain described identifying code according to described checking request, to the deciphering of described identifying code, to the terminal of the identifying code sign after deciphering, be whether that terminal that described identifying code identifies when generating judges and is verified a yard legitimate verification result;

When described identification code is used for identifying the hardware information of first terminal, whether can obtain according to described checking request the hardware information of described subscriber identity information and described first terminal, be that usual hardware information that described subscriber identity information is corresponding judges and obtains common equipment the result to the hardware information of described first terminal;

When described identification code is used for identifying the hardware information of first terminal, can inquire about the usual hardware information that described subscriber identity information is corresponding, to described the second terminal, return to described usual hardware information, so that the hardware information of the first terminal that the second terminal identifies described identification code and described usual hardware information compare, obtain common equipment the result.

Inquire about geographical location information that the IP of described first terminal is corresponding and the geographical location information corresponding to IP of described the second terminal, to the second terminal, return to geographical location information that the IP of described first terminal is corresponding and the geographical location information corresponding to IP of described the second terminal, so that the second terminal compares the geographical location information corresponding to IP of geographical location information corresponding to the IP of described first terminal and described the second terminal to obtain different-place login the result;

Or,

Inquire about geographical location information that the IP of described first terminal is corresponding and the geographical location information corresponding to IP of described the second terminal, the geographical location information corresponding to IP of geographical location information corresponding to the IP of described first terminal and described the second terminal compared and obtain different-place login the result.

In a kind of implementation in conjunction with above-mentioned two kinds of embodiment, described in step S730, according to the subscriber identity information of the second terminal, carrying out login authentication is specifically as follows, any one or more according in described rightness of business the result, identifying code legitimate verification result, common equipment the result, different-place login the result, and the subscriber identity information of described the second terminal carries out login authentication.

In the another kind of implementation in conjunction with above-mentioned two kinds of embodiment, described in step S730, according to the subscriber identity information of the second terminal, carry out login authentication and be specifically as follows, according to the subscriber identity informations one or more and described the second terminal in described rightness of business the result, identifying code legitimate verification result, authorization message, carry out login authentication;

Wherein, described authorization message specifically can receive from the second terminal, by the second terminal when described common equipment the result be that non-common equipment and/or described different-place login the result are while being different-place login, present after the information of whether authorizing non-common equipment and/or different-place login, according to the authorization message of user's input, obtain.

Again or, in the implementation in conjunction with above-mentioned two kinds of embodiment, if server is determined subscriber identity information and is verified, and rightness of business the result is that legal, described common equipment the result is that common equipment and/or described different-place login the result are non-different-place login, can directly determine that the result of login is for logining successfully.

In addition, also it should be noted that, the server described in the embodiment of the present invention can be divided according to function, by a plurality of servers, formed, such as: described server can comprise service server, account authentication server, IP server etc.Wherein, service server can be logined the relevant data such as business information to user for preserving; Account authentication server can be for identifying user identity, generation identifying code, admin-authentication code, identification identifying code etc.; IP server can be for inquiring about geographical location information corresponding to IP address etc.Be understandable that, the server described in the embodiment of the present invention is not limited in this kind of framework, can be any three the server that can apply login validation method that the embodiment of the present invention provides.

three of example devices

Introduced exemplary embodiment of the invention method three after, next, with reference to three of the login authentication equipment that is disposed at server of 8 pairs of exemplary embodiment of the invention of figure, be introduced.

For example, referring to Fig. 8, three of a kind of login authentication device structure schematic diagram providing for the embodiment of the present invention.As shown in the figure, this kind of possible execution mode that is disposed at the login authentication equipment of server can comprise:

Checking request reception unit 810, can be configured for the login authentication request sending in response to receiving the second terminal, wherein, described login authentication request is generated according to the figure of identification code by described the second terminal, wherein, the figure of described identification code specifically by the second terminal response in receiving the message of identification code being carried out to IMAQ, the shown identification code of first terminal is carried out to IMAQ and obtains, wherein, described identification code is used for identifying described first terminal; Extraction unit 820, can be configured for the subscriber identity information and the described identification code institute sign content that according to described login authentication request, obtain described the second terminal; Authentication unit 830, can be configured for according to the subscriber identity information of described the second terminal and carry out login authentication; Return to unit 840, can be configured for to the first terminal of described identification code sign and return to the result.

Visible, according to the login authentication equipment that is disposed at server of embodiment of the present invention, the login authentication request that extraction unit 820 can receive according to checking request reception unit 810, obtain subscriber identity information and the described identification code institute sign content of described the second terminal, authentication unit 830 can carry out login authentication according to the subscriber identity information of described the second terminal, return to unit 840 and can return to the result to the first terminal of described identification code sign, therefore, user is without inputting identity information at first terminal, just can there is not subscriber identity information in the stolen safety problem of first terminal yet, realized the object that guarantees user identity safety.

In a kind of possible implementation of the embodiment of the present invention, as shown in Figure 8, described extraction unit 820, can be configured for when the subscriber identity information of identification code and the second terminal is carried in described login authentication request, resolve described login authentication request and obtain the content of described identification code sign and the subscriber identity information of the second terminal; Or, described extraction unit 820, can be configured for when the figure of identification code and the subscriber identity information of the second terminal are carried in described login authentication request, resolve described login authentication request and obtain the figure of described identification code and the subscriber identity information of the second terminal, the figure of described identification code is identified to the content that obtains described identification code sign;

Wherein, described identification code specifically can be generated by first terminal, hardware information for identification service information, identifying code and/or described first terminal, wherein, described identifying code specifically can generate, encrypt and turn back to first terminal by server after the message of request login that receives first terminal, be used for identifying described first terminal, wherein, described business information can ask the business of login to be determined according to user by first terminal;

In this implementation, described authentication unit 830, the subscriber identity informations one or more and the second terminal that can be configured in the hardware information of the business information that identifies according to identification code, identifying code, first terminal carry out login authentication.

In a kind of possible implementation of the embodiment of the present invention, can also be by obtain one or more in rightness of business the result, identifying code legitimate verification result, common equipment the result with lower unit, and then can be according to the one or more login authentication of carrying out in rightness of business the result, identifying code legitimate verification result, common equipment the result, particularly, for example, the embodiment of the present invention can also comprise following any unit or combination:

The legal judging unit 850 of business, in the time of can being configured for described identification code for identification service information, according to described checking request, obtain described subscriber identity information and described business information, the described business information legitimate traffic corresponding with described subscriber identity information compared and obtain rightness of business the result;

Identifying code judging unit 860, can be configured for when described identification code is when identifying identifying code, according to described checking request, obtain described identifying code, to the deciphering of described identifying code, to the terminal of the identifying code sign after deciphering, be whether that terminal that described identifying code identifies when generating judges and is verified a yard legitimate verification result;

The second conventional judging unit 870, can be configured for when described identification code is when identifying the hardware information of first terminal, whether according to described checking request, obtain the hardware information of described subscriber identity information and described first terminal, be that usual hardware information that described subscriber identity information is corresponding judges and obtains common equipment the result to the hardware information of described first terminal;

General information transmitting element 880, can be configured for when described identification code is when identifying the hardware information of first terminal, inquire about the usual hardware information that described subscriber identity information is corresponding, to described the second terminal, return to described usual hardware information, so that the hardware information of the first terminal that the second terminal identifies described identification code and described usual hardware information compare, obtain common equipment the result.

In the another kind of possible implementation of the embodiment of the present invention, can also be by obtain different-place login the result with lower unit, and then can also carry out login authentication in conjunction with different-place login the result.Particularly, the embodiment of the present invention can also comprise:

Geography information transmitting element 890, can be configured for the geographical location information corresponding to IP of the described first terminal of inquiry and the geographical location information corresponding to IP of described the second terminal, to the second terminal, return to geographical location information that the IP of described first terminal is corresponding and the geographical location information corresponding to IP of described the second terminal, so that the second terminal compares the geographical location information corresponding to IP of geographical location information corresponding to the IP of described first terminal and described the second terminal to obtain different-place login the result; Or, the second geography information comparing unit 891, can be configured for the geographical location information corresponding to IP of the described first terminal of inquiry and the geographical location information corresponding to IP of described the second terminal, the geographical location information corresponding to IP of geographical location information corresponding to the IP of described first terminal and described the second terminal compared and obtain different-place login the result.

In a kind of implementation in conjunction with above-mentioned two kinds of embodiment, described authentication unit 830, can be configured for any one or more according in described rightness of business the result, identifying code legitimate verification result, common equipment the result, different-place login the result, and the subscriber identity information of described the second terminal carries out login authentication.

In the another kind of implementation in conjunction with above-mentioned two kinds of embodiment, described authentication unit 830, can be configured for according to the login accounts one or more and described the second terminal in described rightness of business the result, identifying code legitimate verification result, authorization message and carry out login authentication;

It should be noted that, in the present embodiment, the legal judging unit 850 of business, identifying code judging unit the 860, second conventional judging unit 870, general information transmitting element 880, geography information transmitting element 890, the second geography information comparing unit 891 are used dotted lines in Fig. 8, to represent that this unit is not the necessary unit of present device.

Although it should be noted that some unit or the subelement of having mentioned login authentication equipment in above-detailed, this division is only not enforceable.In fact, according to the embodiment of the present invention, the feature of above-described two or more devices and function can be specialized in a device.Otherwise, the feature of an above-described device and function can Further Division for to be specialized by a plurality of devices.

In addition, although described in the accompanying drawings the operation of the inventive method with particular order,, this not requires or hint must be carried out these operations according to this particular order, or the operation shown in must carrying out all could realize the result of expectation.Additionally or alternatively, can omit some step, a plurality of steps be merged into a step and carry out, and/or a step is decomposed into a plurality of steps carries out.

Although described spirit of the present invention and principle with reference to some embodiments, but should be appreciated that, the present invention is not limited to disclosed embodiment, the division of each side is not meant that to the feature in these aspects can not combine to be benefited yet, and this division is only the convenience in order to explain.The present invention is intended to contain interior included various modifications and the equivalent arrangements of spirit and scope of claims.

Accompanying drawing explanation

By reference to accompanying drawing, read detailed description below, above-mentioned and other objects of exemplary embodiment of the invention, the feature and advantage easy to understand that will become.In the accompanying drawings, in exemplary and nonrestrictive mode, show some execution modes of the present invention, wherein:

Fig. 1 schematically shows the application scenarios according to embodiment of the present invention;

Fig. 2 schematically shows according to one of schematic flow sheet of the login validation method of embodiment of the present invention;

Fig. 3 schematically shows the Signalling exchange schematic diagram according to the login validation method of embodiment of the present invention;

Fig. 4 schematically shows according to one of structural representation of the login authentication equipment of embodiment of the present invention;

Fig. 5 schematically shows according to two of the schematic flow sheet of the login validation method of embodiment of the present invention;

Fig. 6 schematically shows according to two of the structural representation of the login authentication equipment of embodiment of the present invention;

Fig. 7 schematically shows according to three of the schematic flow sheet of the login validation method of embodiment of the present invention;

Fig. 8 schematically shows according to three of the structural representation of the login authentication equipment of embodiment of the present invention;

In the accompanying drawings, identical or corresponding label represents identical or corresponding part.

Embodiment

Below with reference to some illustrative embodiments, principle of the present invention and spirit are described.Should be appreciated that providing these execution modes is only used to make those skilled in the art can understand better and then realize the present invention, and not limit the scope of the invention by any way.On the contrary, it is in order to make the disclosure more thorough and complete that these execution modes are provided, and the scope of the present disclosure intactly can be conveyed to those skilled in the art.

Art technology technical staff knows, embodiments of the present invention can be implemented as a kind of system, device, equipment, method or computer program.Therefore, the disclosure can specific implementation be following form, that is: hardware, software (comprising firmware, resident software, microcode etc.), or the form of hardware and software combination completely completely.

According to the embodiment of the present invention, a kind of login validation method and equipment have been proposed.

In this article, it will be appreciated that, any number of elements in accompanying drawing is all unrestricted for example, and any name is all only for distinguishing, and does not have any limitation.

Below with reference to some representative embodiments of the present invention, explain in detail principle of the present invention and spirit.

Claims

1. a login validation method, is applied to first terminal, comprising:

In response to receiving user, ask the message of logining, show for identifying the identification code of described first terminal, so that the second terminal carries out to described identification code the figure that IMAQ obtains described identification code, according to the figure of described identification code, generate login authentication request, to server, send login authentication request, so that described server obtains the subscriber identity information of described the second terminal and the content that described identification code identifies according to described login authentication request, according to the subscriber identity information of described the second terminal, carry out login authentication, first terminal to described identification code sign returns to the result,

The result that reception server returns.

2. method according to claim 1, wherein, before showing described identification code, also comprises:

Generate the described identification code for the hardware information of identification service information, identifying code and/or first terminal, wherein, described identifying code is used for identifying described first terminal, specifically by server, after the message of request login that receives first terminal, generate, encrypt and turn back to first terminal, described business information asks the business of login to be determined according to user, so that the subscriber identity information of one or more and the second terminal in the hardware information of the business information that server identifies according to identification code, identifying code, first terminal carries out login authentication.

3. a login authentication equipment, is disposed at first terminal, comprising:

Login receiving element, be configured in response to receiving user and ask the message of logining, show for identifying the identification code of described first terminal, so that the second terminal carries out to described identification code the figure that IMAQ obtains described identification code, according to the figure of described identification code, generate login authentication request, to server, send login authentication request, so that described server obtains the subscriber identity information of described the second terminal and the content that described identification code identifies according to described login authentication request, according to the subscriber identity information of described the second terminal, carry out login authentication, first terminal to described identification code sign returns to the result,

Checking receiving element, is configured for the result that reception server returns.

4. equipment according to claim 3, wherein, also comprises:

Identification code generation unit, be configured for and generate for identification service information, the described identification code of the hardware information of identifying code and/or first terminal, wherein, described identifying code is used for identifying described first terminal, specifically by server, after the message of request login that receives first terminal, generated, encrypt and turn back to first terminal, described business information asks the business of login to be determined according to user, so that the business information that server identifies according to identification code, identifying code, one or more in the hardware information of first terminal, and the subscriber identity information of the second terminal carries out login authentication.

5. a login validation method, is applied to the second terminal, comprising:

In response to user, identification code is carried out the operation of IMAQ, the identification code that first terminal is shown is carried out to the figure that IMAQ obtains identification code, wherein, described identification code is used for identifying described first terminal;

According to the figure of described identification code, generate login authentication request;

To server, send login authentication request, so that described server obtains the subscriber identity information of described the second terminal and the content that described identification code identifies according to described login authentication request, according to the subscriber identity information of described the second terminal, carry out login authentication, the first terminal identifying to described identification code returns to the result.

6. method according to claim 5, wherein, the described figure according to identification code generates login authentication request and comprises:

Figure to described identification code is identified, and obtains the hardware information of business information, identifying code and/or first terminal that described identification code identifies; By the hardware information of business information, identifying code and/or first terminal, and the subscriber identity information of described the second terminal is carried in checking request, generate checking request, or, the figure of the subscriber identity information of described the second terminal and described identification code is carried in checking request, generate checking request, so that the subscriber identity information of one or more and the second terminal in the hardware information of the business information that server identifies according to identification code, identifying code, first terminal carries out login authentication;

Wherein, described identification code is specifically generated by first terminal, hardware information for identification service information, identifying code and/or described first terminal, wherein, described identifying code is used for identifying described first terminal, specifically by server, after the message of request login that receives first terminal, generate, encrypt and turn back to first terminal, wherein, described business information asks the business of login to be determined by first terminal according to user.

7. method according to claim 6, also comprises following arbitrary steps or combination:

When described identification code is used for identification service information, receive the rightness of business the result that described server returns for described checking request, wherein, described rightness of business the result specifically obtains described subscriber identity information and described business information by server according to described checking request, and the described business information legitimate traffic corresponding with described subscriber identity information compared and obtained;

When described identification code is used for identifying identifying code, receive the identifying code legitimate verification result that described server returns for described checking request, wherein, described identifying code legitimate verification result specifically obtains described identifying code by server according to described checking request, to the deciphering of described identifying code, to the terminal of the identifying code sign after deciphering, be whether that terminal that described identifying code identifies when generating judges and obtains;

When described identification code is used for identifying the hardware information of first terminal, receive the common equipment the result that described server returns for described checking request, wherein, whether described common equipment the result is specifically obtained the hardware information of described subscriber identity information and described first terminal according to described checking request by server, to the hardware information of described first terminal, be that usual hardware information that described subscriber identity information is corresponding judges and obtains;

When described identification code is used for identifying the hardware information of first terminal, receive the usual hardware information corresponding with described subscriber identity information that described server returns for described checking request, the hardware information of the first terminal that described identification code is identified and described usual hardware information compare, and obtain common equipment the result.

8. according to the method described in claim 5-7 any one, also comprise:

Receive geographical location information that the IP of the described first terminal that described server returns for described checking request is corresponding and the geographical location information corresponding to IP of described the second terminal, the geographical location information corresponding to IP of geographical location information corresponding to the IP of described first terminal and described the second terminal compared and obtain different-place login the result;

Or,

Receive the different-place login the result that described server returns for described checking request, wherein, after described different-place login the result specifically receives described checking request by described server, inquire about geographical location information that the IP of described first terminal is corresponding and the geographical location information corresponding to IP of described the second terminal, the geographical location information corresponding to IP of geographical location information corresponding to the IP of described first terminal and described the second terminal compared and obtained.

9. method according to claim 8, also comprises:

When described common equipment the result is non-common equipment and/or described different-place login the result while being different-place login, present the information of whether authorizing non-common equipment and/or different-place login;

If receive the authorization message of user's input, send described authorization message to described server, so that server carries out login authentication according to the subscriber identity information of authorization message and described the second terminal.

10. a login authentication equipment, is disposed at the second terminal, comprising:

Collecting unit, is configured for and in response to user, identification code is carried out the operation of IMAQ, and the identification code that first terminal is shown is carried out to the figure that IMAQ obtains identification code, and wherein, described identification code is used for identifying described first terminal;

Request generation unit, is configured for according to the figure of described identification code and generates login authentication request;

Send request unit, be configured for to server and send login authentication request, so that described server obtains the subscriber identity information of described the second terminal and the content that described identification code identifies according to described login authentication request, according to the subscriber identity information of described the second terminal, carry out login authentication, the first terminal identifying to described identification code returns to the result.

11. equipment according to claim 10, wherein,

Described request generation unit comprises: the first recognin unit, and be configured for the figure of described identification code is identified, obtain the hardware information of business information, identifying code and/or first terminal that described identification code identifies; Generate subelement, be configured for the hardware information of business information, identifying code and/or first terminal, and the subscriber identity information of described the second terminal is carried in checking request, generate checking request;

Or,

Described request generation unit, is configured for the figure of the login account of described the second terminal and described identification code is carried in checking request, generates checking request;

Wherein, described identification code is specifically generated by first terminal, hardware information for identification service information, identifying code and/or described first terminal, wherein, described identifying code specifically generates, encrypts and turn back to first terminal by server after the message of request login that receives first terminal, be used for identifying described first terminal, wherein, described business information asks the business of login to be determined by first terminal according to user.

12. equipment according to claim 11, also comprise following any unit or combination:

Business the result receiving element, be configured for when described identification code is during for identification service information, receive the rightness of business the result that described server returns for described checking request, wherein, described rightness of business the result specifically obtains described subscriber identity information and described business information by server according to described checking request, and the described business information legitimate traffic corresponding with described subscriber identity information compared and obtained;

Identifying code the result receiving element, be configured for when described identification code is when identifying identifying code, receive the identifying code legitimate verification result that described server returns for described checking request, wherein, described identifying code legitimate verification result specifically obtains described identifying code by server according to described checking request, to the deciphering of described identifying code, to the terminal of the identifying code sign after deciphering, be whether that terminal that described identifying code identifies when generating judges and obtains;

Conventional the result receiving element, be configured for when described identification code is when identifying the hardware information of first terminal, receive the common equipment the result that described server returns for described checking request, wherein, whether described common equipment the result is specifically obtained the hardware information of described subscriber identity information and described first terminal according to described checking request by server, to the hardware information of described first terminal, be that usual hardware information that described subscriber identity information is corresponding judges and obtains;

General information receiving element, is configured for when described identification code is when identifying the hardware information of first terminal, receives the usual hardware information corresponding with described subscriber identity information that described server returns for described checking request; The first conventional judging unit, the hardware information and the described usual hardware information that are configured for the first terminal that described identification code that general information receiving element is received identifies compare, and obtain common equipment the result.

13. according to the equipment described in claim 10-12 any one, also comprises:

Geography information receiving element, is configured for and receives geographical location information that the IP of the described first terminal that described server returns for described checking request is corresponding and the geographical location information corresponding to IP of described the second terminal; The first geography information comparing unit, geographical location information corresponding to IP that is configured for geographical location information that the IP of the first terminal that geography information receiving element is received is corresponding and the second terminal compares and obtains different-place login the result;

Geographical the result receiving element, be configured for and receive the different-place login the result that described server returns for described checking request, wherein, after described different-place login the result specifically receives described checking request by described server, inquire about geographical location information that the IP of described first terminal is corresponding and the geographical location information corresponding to IP of described the second terminal, the geographical location information corresponding to IP of geographical location information corresponding to the IP of described first terminal and described the second terminal compared and obtained.

14. equipment according to claim 13, also comprise:

Tip element, be configured for when described common equipment the result be non-common equipment and/or described different-place login the result while being different-place login, present the information of whether authorizing non-common equipment and/or different-place login;

Authorize transmitting element, if be configured for the authorization message that receives user's input, to described server, send described authorization message, so that server carries out login authentication according to the subscriber identity information of authorization message and described the second terminal.

15. 1 kinds of login validation methods, are applied to server end, comprising:

In response to the login authentication request that receives the second terminal transmission, wherein, described login authentication request is generated according to the figure of identification code by described the second terminal, wherein, the figure of described identification code specifically by the second terminal response in receiving the message of identification code being carried out to IMAQ, the shown identification code of first terminal is carried out to IMAQ and obtain, wherein, described identification code is used for identifying described first terminal;

According to described login authentication request, obtain the subscriber identity information of described the second terminal and the content that described identification code identifies;

According to the subscriber identity information of described the second terminal, carry out login authentication;

First terminal to described identification code sign returns to the result.

16. methods according to claim 15, wherein, the described content that request obtains the subscriber identity information of described the second terminal and described identification code sign according to login authentication comprises:

When the content of identification code sign and the subscriber identity information of the second terminal are carried in described login authentication request, resolve described login authentication request and obtain the content of described identification code sign and the subscriber identity information of the second terminal; Or, when the figure of identification code and the subscriber identity information of the second terminal are carried in described login authentication request, resolve described login authentication request and obtain the figure of described identification code and the subscriber identity information of the second terminal, the figure of described identification code is identified to the content that obtains described identification code sign;

Wherein, described identification code is specifically generated by first terminal, hardware information for identification service information, identifying code and/or described first terminal, wherein, described identifying code specifically generates, encrypts and turn back to first terminal by server after the message of request login that receives first terminal, be used for identifying described first terminal, wherein, described business information asks the business of login to be determined by first terminal according to user;

Wherein, describedly according to the subscriber identity information of the second terminal, carry out login authentication and be specially, the subscriber identity information of one or more and the second terminal in the hardware information of the business information identifying according to identification code, identifying code, first terminal carries out login authentication.

17. methods according to claim 16, also comprise following arbitrary steps or combination:

When described identification code is used for identification service information, according to described checking request, obtain described subscriber identity information and described business information, the described business information legitimate traffic corresponding with described subscriber identity information compared and obtain rightness of business the result;

When described identification code is used for identifying identifying code, according to described checking request, obtain described identifying code, to the deciphering of described identifying code, to the terminal of the identifying code sign after deciphering, be whether that terminal that described identifying code identifies when generating judges and is verified a yard legitimate verification result;

When described identification code is used for identifying the hardware information of first terminal, whether according to described checking request, obtain the hardware information of described subscriber identity information and described first terminal, be that usual hardware information that described subscriber identity information is corresponding judges and obtains common equipment the result to the hardware information of described first terminal;

When described identification code is used for identifying the hardware information of first terminal, inquire about the usual hardware information that described subscriber identity information is corresponding, to described the second terminal, return to described usual hardware information, so that the hardware information of the first terminal that the second terminal identifies described identification code and described usual hardware information compare, obtain common equipment the result.

18. according to the method described in claim 15-17 any one, also comprises:

19. methods according to claim 18, wherein, describedly according to the subscriber identity information of the second terminal, carry out login authentication and be specially, any one or more according in described rightness of business the result, identifying code legitimate verification result, common equipment the result, different-place login the result, and the subscriber identity information of described the second terminal carries out login authentication.

20. methods according to claim 18, wherein, describedly according to the subscriber identity information of the second terminal, carry out login authentication and be specially, according to the subscriber identity informations one or more and described the second terminal in described rightness of business the result, identifying code legitimate verification result, authorization message, carry out login authentication;

Wherein, described authorization message specifically receives from the second terminal, by the second terminal when described common equipment the result be that non-common equipment and/or described different-place login the result are while being different-place login, present after the information of whether authorizing non-common equipment and/or different-place login, according to the authorization message of user's input, obtain.

21. 1 kinds of login authentication equipment, are disposed at server, comprising:

Checking request reception unit, be configured for the login authentication request sending in response to receiving the second terminal, wherein, described login authentication request is generated according to the figure of identification code by described the second terminal, wherein, the figure of described identification code specifically by the second terminal response in receiving the message of identification code being carried out to IMAQ, the shown identification code of first terminal is carried out to IMAQ and obtains, wherein, described identification code is used for identifying described first terminal;

Extraction unit, is configured for the subscriber identity information and the described identification code institute sign content that according to described login authentication request, obtain described the second terminal;

Authentication unit, is configured for according to the subscriber identity information of described the second terminal and carries out login authentication;

Return to unit, be configured for to the first terminal of described identification code sign and return to the result.

22. equipment according to claim 21, wherein, described extraction unit, be configured for when the subscriber identity information of identification code and the second terminal is carried in described login authentication request, resolve described login authentication request and obtain the content of described identification code sign and the subscriber identity information of the second terminal; Or, when the figure of identification code and the subscriber identity information of the second terminal are carried in described login authentication request, resolve described login authentication request and obtain the figure of described identification code and the subscriber identity information of the second terminal, the figure of described identification code is identified to the content that obtains described identification code sign;

Wherein, described authentication unit, is configured for according to the subscriber identity information of one or more and the second terminal in the hardware information of identification code business information, identifying code, first terminal and carries out login authentication.

23. equipment according to claim 22, also comprise following any unit or combination:

The legal judging unit of business, while being configured for described identification code for identification service information, according to described checking request, obtain described subscriber identity information and described business information, the described business information legitimate traffic corresponding with described subscriber identity information compared and obtain rightness of business the result;

Identifying code judging unit, be configured for when described identification code is when identifying identifying code, according to described checking request, obtain described identifying code, to the deciphering of described identifying code, to the terminal of the identifying code sign after deciphering, be whether that terminal that described identifying code identifies when generating judges and is verified a yard legitimate verification result;

The second conventional judging unit, be configured for when described identification code is when identifying the hardware information of first terminal, whether according to described checking request, obtain the hardware information of described subscriber identity information and described first terminal, be that usual hardware information that described subscriber identity information is corresponding judges and obtains common equipment the result to the hardware information of described first terminal;

General information transmitting element, be configured for when described identification code is when identifying the hardware information of first terminal, inquire about the usual hardware information that described subscriber identity information is corresponding, to described the second terminal, return to described usual hardware information, so that the hardware information of the first terminal that the second terminal identifies described identification code and described usual hardware information compare, obtain common equipment the result.

24. according to the equipment described in claim 21-23 any one, also comprises:

Geography information transmitting element, be configured for the geographical location information corresponding to IP of the described first terminal of inquiry and the geographical location information corresponding to IP of described the second terminal, to the second terminal, return to geographical location information that the IP of described first terminal is corresponding and the geographical location information corresponding to IP of described the second terminal, so that the second terminal compares the geographical location information corresponding to IP of geographical location information corresponding to the IP of described first terminal and described the second terminal to obtain different-place login the result;

Or,

The second geography information comparing unit, be configured for the geographical location information corresponding to IP of the described first terminal of inquiry and the geographical location information corresponding to IP of described the second terminal, the geographical location information corresponding to IP of geographical location information corresponding to the IP of described first terminal and described the second terminal compared and obtain different-place login the result.

25. equipment according to claim 24, wherein, described authentication unit, be configured for any one or more according in described rightness of business the result, identifying code legitimate verification result, common equipment the result, different-place login the result, and the subscriber identity information of described the second terminal carries out login authentication.

26. equipment according to claim 24, wherein, described authentication unit, is configured for according to the login accounts one or more and described the second terminal in described rightness of business the result, identifying code legitimate verification result, authorization message and carries out login authentication;