Disclosure of Invention
In view of the above, the present application provides a verification method and apparatus.
Specifically, the method is realized through the following technical scheme:
a method of verification, the method comprising:
acquiring a confusion password input by a user;
judging whether the obfuscated password comprises a check password set by a user;
and if the obfuscated password comprises the verification password, confirming that the verification is passed.
Further, the determining whether the obfuscated password includes a verification password set by the user includes:
dividing the confusion password into N sections according to the input sequence of a user, wherein N is a natural number which is more than or equal to 1;
and judging whether one or more sections of obfuscated passwords are matched with the verification password according to a preset combination rule, and if one or more sections of obfuscated passwords are matched with the verification password, confirming that the obfuscated passwords comprise the verification password. Further, the determining whether the obfuscated password includes a verification password set by the user includes:
segmenting the confusion password and the verification password respectively according to the input sequence of a user;
and judging whether the obfuscated password comprises each section of verification password, and if the obfuscated password comprises each section of verification password, confirming that the obfuscated password comprises the verification password.
Further, the determining whether the obfuscated password includes a verification password set by the user includes:
and judging whether each character of the verification password is included in the obfuscated password.
Further, the determining whether each character of the password for confusion includes the check password comprises:
and judging whether each character of the verification password is included in the obfuscated password according to the input sequence of the user.
Further, before obtaining the obfuscated password input by the user, the method further includes:
acquiring a first check password and a second check password input by a user;
and when the first check password is matched with the second check password, setting the first check password or the second check password as the check password.
Further, the obfuscated password includes: one or more of letters, numbers, Chinese characters, and figures.
A verification device, the device comprising:
a first acquisition unit that acquires an obfuscated password input by a user;
the password judgment unit is used for judging whether the obfuscated password comprises a check password set by a user;
and the password verification unit is used for confirming that the verification is passed when the obfuscated password comprises the verification password.
Further, the password judgment unit divides the obfuscated password into N segments according to the input sequence of the user, wherein N is a natural number greater than or equal to 1;
and judging whether one or more sections of obfuscated passwords are matched with the verification password according to a preset combination rule, and if one or more sections of obfuscated passwords are matched with the verification password, confirming that the obfuscated passwords comprise the verification password.
Further, the password judgment unit specifically segments the obfuscated password and the verification password according to an input sequence of a user;
and judging whether the obfuscated password comprises each section of verification password, and if the obfuscated password comprises each section of verification password, confirming that the obfuscated password comprises the verification password.
Further, the password determination unit specifically determines whether each character of the verified password is included in the obfuscated password.
Further, the password determination unit specifically determines whether each character of the verification password is included in the obfuscated password according to an input sequence of a user.
Further, the apparatus further comprises:
the second acquisition unit is used for acquiring the first check password and the second check password input by the user;
and a password setting unit that sets the first verification password or the second verification password as the verification password when the first verification password and the second verification password match.
Further, the obfuscated password includes: one or more of letters, numbers, Chinese characters, and figures.
It can be seen from the above description that, in the password verification process, when the obfuscated password input by the user includes the verification password set by the user, the verification can be confirmed to pass, so that when the user is in the crowd, the user can realize the verification by inputting the obfuscated password including the verification password, even if the obfuscated password is peeped by other people, the user cannot know the real verification password, and the security of the verification password is enhanced.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present application. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present application, as detailed in the appended claims.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in this application and the appended claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any and all possible combinations of one or more of the associated listed items.
It is to be understood that although the terms first, second, third, etc. may be used herein to describe various information, such information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, first information may also be referred to as second information, and similarly, second information may also be referred to as first information, without departing from the scope of the present application. The word "if" as used herein may be interpreted as "at … …" or "when … …" or "in response to a determination", depending on the context.
In order to solve the problems, the application provides a verification scheme which can effectively enhance the safety of password verification.
Referring to fig. 1, the present application provides a verification method, which includes the following steps:
step 101, obtaining the confusion password input by the user.
And 102, judging whether the obfuscated password comprises a verification password set by a user.
And 103, if the obfuscated password comprises the verification password, confirming that the verification is passed.
It can be seen from the above description that, in the password verification process, when the obfuscated password input by the user includes the verification password set by the user, the verification can be confirmed to pass, so that when the user is in the crowd, the user can realize the verification by inputting the obfuscated password including the verification password, even if the obfuscated password is peeped by other people, the user cannot know the real verification password, and the security of the verification password is enhanced.
Specific implementations of the present application are described in detail below with reference to examples.
Referring to fig. 2, a flow chart of a verification method in an embodiment of the present application is shown, where the verification method is used to verify a password input by a user. The application scenario of password verification can be login, payment and the like. The verification method may include the steps of:
step 201, a first verification password and a second verification password input by a user are obtained.
In this embodiment, in an application scenario where a handwriting password needs to be verified, a user needs to set a verification password in advance. Specifically, the client may provide a setting interface for a user to check a password, and generally speaking, the user is required to input two check passwords in the setting interface, which may be referred to as a first check password and a second check password respectively. The password includes: one or more of letters, numbers, chinese characters, and figures may be freely combined by a user, which is not limited in this application.
Step 202, determining whether the first check password and the second check password match, and if the first check password and the second check password match, executing step 203.
Based on the foregoing step 201, after the first check password and the second check password are obtained, it is determined whether the first check password and the second check password are matched. If the first and second verification passwords match, step 203 is performed. If the first check password and the second check password are not matched, a non-matching prompt can be output to remind the user to input the first check password and the second check password again.
Specifically, in this step, the first verification password and the second verification password may be matched according to a preset matching rule. The preset matching rules comprise: pattern matching, character matching, etc., as this is not a limitation of the present application. Taking the pattern matching as an example, when the pattern matching degree of the first check password and the second check password reaches a preset ratio, for example: and 90%, confirming that the first check password and the second check password are matched. In this embodiment, a pattern matching algorithm known in the related art may be selected to match the first check code and the second check code, for example: a least squares matching algorithm, a feature matching algorithm, etc., which are not limited in this application.
It should be noted that the present step may be executed by the client or the server. If the verification is executed by the server, the client is required to send the acquired first verification password and the acquired second verification password input by the user to the server for the server to judge. Preferably, this step is performed by the client to relieve stress on the server.
Step 203, setting the first check password or the second check password as a check password.
In this step, the first check password or the second check password is set as a check password, and the check password is saved for the user to determine when checking the password.
It should be noted that, if step 202 is executed by the client, in this step, the client needs to send the check password to the server for the server to store.
Step 204, obtaining the confusion password input by the user.
When the user needs to perform identity verification, the client provides a user interface for the user to input a password. Generally speaking, a user needs to input a preset verification password in the user interface for identity verification. In the application, the user can input the confusion password comprising the verification password to realize the identity verification.
Step 205, determining whether the obfuscated password includes the check password, and if the obfuscated password includes the check password, executing step 206.
In this step, the obfuscated password and the verification password may be determined according to a preset matching rule, and if the obfuscated password includes the verification password, step 206 is performed. And if the obfuscated password does not comprise the verification password, outputting a prompt to remind the user to re-input the obfuscated password.
Taking the matching rule as the example of pattern matching, segmenting the obfuscated passwords according to the input sequence of a user, and then judging whether one or more segments of obfuscated passwords are matched with the verification passwords. For a confusing password input by a user, the confusing password may be segmented according to the number of times the user inputs. Specifically, it is an input by the user from the time the user's finger touches the touch screen until the user leaves the touch screen. The obfuscated password may come from one input by the user or from multiple inputs by the user. For example, the obfuscated password C is usually from one input of the user, and the obfuscated password K may be from one input of the user, or may be from two or three inputs of the user, depending on the input habits of the user.
In this embodiment, the obfuscated password is divided into N sections according to the input sequence of the user, where N is a natural number greater than or equal to 1, and then one or more sections of obfuscated passwords are combined together according to a preset combination rule to determine whether the obfuscated passwords match the verification password. Referring to fig. 3 and 4, it is assumed that fig. 3 is a verification password ABC set by a user in an embodiment of the present application, and fig. 4 is a obfuscated password KABCD input by the user, and for convenience of description, it is assumed that the obfuscated password may be divided into 5 segments, which are respectively: K. a, B, C and D, i.e., the user completes entry of the obfuscated password by 5 entries, one character at a time. The preset combination rule can be set by a developer, such as: and matching each section of obfuscated password with the verification password, if the matching is not successful, matching any two sections of combinations of 5 sections of obfuscated passwords with the verification password, and if the matching is not successful, matching any three sections of the 5 sections of obfuscated passwords with the verification password after being combined, and so on, and the application is not limited in this respect.
Preferably, the matching is performed starting from the first obfuscated password entered by the user and the verification password. Such as: firstly, judging whether the first section of confusion password K is matched with the check password ABC or not. And if not, judging whether the combination KA of the first section of the confusion password K and the second section of the confusion password A is matched with the check password ABC or not. And if not, judging whether a combination KAB matched with the first three sections of obfuscated passwords is matched with the verification password ABC or not, and repeating the steps. And when the combination of the first section of the obfuscated password K and other sections of the obfuscated passwords is not matched with the verification password ABC, judging from the second section of the obfuscated password A. If the combination ABC of the second, third and fourth obfuscated passwords a, B and C is found to match the check password ABC, the step 206 is executed if the obfuscated password KABCD includes the check password ABC.
It should be noted that, for the graph matching, in the verification of the present application, the verification password may be considered as the whole graph, and the verification password is not segmented. Referring further to fig. 5, if the obfuscated password input by the user is KBCAD, it can be confirmed that the obfuscated password KBCAD does not include the verification password ABC, and the matching fails according to the above method. In a preferred embodiment of the present application, the verification password input by the user may also be segmented according to the input sequence, and then it is determined whether each segment of the verification password is included in the obfuscated password. Still referring to fig. 5, if the obfuscated password input by the user is KBCAD, assuming that the obfuscated password is segmented into K, B, C, A and D and the check password ABC set by the user is segmented into A, B and C, if it is judged that B, C, A in the obfuscated password and each segment in the check password are: B. c, A, step 206 is performed.
Taking the matching rule as an example of character matching, in this step, it is determined whether each character of the verification password is included in the obfuscated password. Such as: and judging whether the obfuscated password comprises a verification password set by the user according to the password input sequence of the user. For example, the user sets the verification password to be 1234, and the user inputs the obfuscated password to be 781234, and the obfuscated password includes the verification password. For character matching, it is necessary to perform character distinguishing on the obfuscated password input by the user at the time of judgment, that is, to split the obfuscated password into characters "7", "8", "1", "2", "3", "4", and then judge whether the characters "1", "2", "3", "4" of the verification password 1234 are included therein.
In the actual implementation process, for character matching, it is also not necessary to distinguish whether the order of the verification passwords included in the confusion password is consistent with the order set by the user during verification. Taking the user-set verification password of 1234 as an example, if the obfuscated password entered by the user is 782341, each character of the verification password is included in the obfuscated password, and the verification is confirmed to pass. The specific verification method may be set by a developer, and the present application is not limited thereto.
Of course, the pattern matching and the character matching may also be used in combination, for example, first performing the character matching, and then performing the pattern matching after the character matching is successful, or selectively selecting the corresponding matching mode according to a certain condition, for example: according to the risk level of the user, when the risk level of the user is high, graph matching is selected, and when the risk level of the user is low, character matching is selected. Meanwhile, the above pattern matching or character matching can be used alone, or can be used in combination with other security verification methods, such as: a digital certificate.
Step 206, the verification is confirmed to pass.
It should be noted that, in the present application, the process of verifying the obfuscated password input by the user in steps 204 to 206 may be executed by the client, or may be executed by the server. If the client executes the password, the client needs to store the verification password set by the user, and when the user inputs the obfuscated password, the obfuscated password is verified according to the verification password. If the verification password is executed by the server, the client does not store the verification password set by the user, and after receiving the confusion password input by the user through the touch screen, the client sends the confusion password to the server, and the server judges the confusion password and returns a judgment result.
It can be seen from the above description that, in the password verification process, when the obfuscated password input by the user includes the verification password set by the user, the verification can be confirmed to pass, so that when the user is in the crowd, the user can realize the verification by inputting the obfuscated password including the verification password, even if the obfuscated password is peeped by other people, the user cannot know the real verification password, and the security of the verification password is enhanced.
Corresponding to the embodiment of the checking method, the application also provides a checking device. The apparatus described in this application may be implemented by software, or by hardware, or by a combination of hardware and software. Taking software implementation as an example, the verification device of the present application is a device in a logical sense, and is formed by reading corresponding computer program instructions in a non-volatile memory into a memory through a processor of a device in which the verification device is located to run.
Referring to fig. 6 and 7, the present application provides a verification apparatus 600, where the verification apparatus 600 includes: a first acquisition unit 601, a password judgment unit 602, a password verification unit 603, a second acquisition unit 604, and a password setting unit 605.
The first acquisition unit 601 acquires an obfuscated password input by a user.
The password determination unit 602 determines whether the obfuscated password includes a verification password set by the user.
The password verification unit 603, when the obfuscated password includes the verification password, confirms that the verification is passed.
Further, the password determination unit 602 divides the obfuscated password into N segments according to an input sequence of the user, where N is a natural number greater than or equal to 1;
and judging whether one or more sections of obfuscated passwords are matched with the verification password according to a preset combination rule, and if one or more sections of obfuscated passwords are matched with the verification password, confirming that the obfuscated passwords comprise the verification password.
Further, the password determination unit 602 specifically segments the obfuscated password and the verification password according to an input sequence of a user;
and judging whether the obfuscated password comprises each section of verification password, and if the obfuscated password comprises each section of verification password, confirming that the obfuscated password comprises the verification password.
Further, the password determination unit 602 specifically determines whether each character of the verified password is included in the obfuscated password.
Further, the password determination unit 602 specifically determines whether each character of the verification password is included in the obfuscated password according to an input sequence of the user.
Further, the apparatus further comprises:
the second obtaining unit 604 obtains the first verification password and the second verification password input by the user.
The password setting unit 605 sets the first verification password or the second verification password as the verification password when the first verification password and the second verification password match.
Further, the obfuscated password includes: one or more of letters, numbers, Chinese characters, and figures.
The implementation process of the functions and actions of each unit in the above device is specifically described in the implementation process of the corresponding step in the above method, and is not described herein again.
The above description is only exemplary of the present application and should not be taken as limiting the present application, as any modification, equivalent replacement, or improvement made within the spirit and principle of the present application should be included in the scope of protection of the present application.