CN107491670A - A kind of Windows system safe login methods based on OTP algorithm - Google Patents

A kind of Windows system safe login methods based on OTP algorithm Download PDF

Info

Publication number
CN107491670A
CN107491670A CN201710722120.6A CN201710722120A CN107491670A CN 107491670 A CN107491670 A CN 107491670A CN 201710722120 A CN201710722120 A CN 201710722120A CN 107491670 A CN107491670 A CN 107491670A
Authority
CN
China
Prior art keywords
windows
login
password
dynamic password
otp
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710722120.6A
Other languages
Chinese (zh)
Inventor
沈默
杨悦
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Zhuyun Science & Technology Co Ltd
Original Assignee
Shenzhen Zhuyun Science & Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Zhuyun Science & Technology Co Ltd filed Critical Shenzhen Zhuyun Science & Technology Co Ltd
Priority to CN201710722120.6A priority Critical patent/CN107491670A/en
Publication of CN107491670A publication Critical patent/CN107491670A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0863Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0872Generation of secret information including derivation or calculation of cryptographic keys or passwords using geo-location information, e.g. location data, time, relative position or proximity to other entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2133Verifying human interaction, e.g., Captcha

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The present invention relates to a kind of Windows system safe login methods based on OTP algorithm, comprise the following steps:Start Windows, check whether that being provided with OTP logs in interception plug-in unit, if, then customization login interface of the displaying with dynamic password input frame, open mobile phone dynamic password APP, and current dynamic password is checked, input user name, password, and dynamic password in computer login interface, and click on login button, interception plug-in unit is logged in verify the user name, password, whether verification succeeds, if, log in and intercept plug-in unit using OTP algorithm verification dynamic password, further whether verification succeeds, if it is, being successfully entered Windows system desktops.The present invention extends original Windows login modes, improves the security of system, effectively protect the sensitive data of enterprise by cell phone application, the common cooperation of OTP algorithm, the Windows login interfaces customized.

Description

A kind of Windows system safe login methods based on OTP algorithm
Technical field
The present invention relates to Windows system secure log technical fields, and OTP algorithm is based on more specifically to one kind Windows system safe login methods.
Background technology
Most enterprises use Windows systems to set use as computer desktop, these Windows systems at present Name in an account book protects data information, prevents unauthorized access with password;, it is necessary to first input user name with password to test before desktop is logged in Demonstrate,prove identity.With requirement more and more higher of the enterprise to informatization security degree, traditional, stepping on based on user name and password combination Record mode possibly can not meet the safety requirements of sensitive data:As long as example, anyone be aware of certain computer user name and Password, you can log in other people system desktops, access sensitive data.
With the raising of each information level of the enterprise and the popularization of computer, enterprise staff is more at present uses Windows System is handled official business.Every computer in enterprise more or less has the data related to enterprise, data, and these information can Can be sensitive, be related to enterprise development and interests, be not intended to can be by unauthorized access.Enterprise is except setting physical security Beyond (gate inhibition), last one of the barrier for accessing these sensitive informations is exactly the user name and password combination of Windows systems;One Denier has lawless people to obtain user name and password, and breaches physical limit, i.e., can easily access the sensitive number in computer According to causing inestimable loss to enterprise.
The content of the invention
The technical problem to be solved in the present invention is, is provided for the defects of prior art a kind of based on OTP algorithm Windows system safe login methods.
The technical solution adopted for the present invention to solve the technical problems is:Construct a kind of Windows systems based on OTP algorithm System safe login method, comprises the following steps:Start Windows, check whether that being provided with OTP logs in interception plug-in unit, if it is, Then customization login interface of the displaying with dynamic password input frame, mobile phone dynamic password APP is then opened, and check current dynamic Password, user name, password, and dynamic password are inputted in computer login interface, and click on login button, the login, which intercepts, inserts Part verifies to the user name, password, and whether verification succeeds, if it is, described log in intercepts plug-in unit using OTP algorithm verification Dynamic password, whether further verification succeeds, if it is, being successfully entered Windows system desktops.
In a kind of Windows system safe login methods based on OTP algorithm of the present invention, described One software is installed in Windows systems, and key, algorithm are set, generates Quick Response Code.
In a kind of Windows system safe login methods based on OTP algorithm of the present invention, installed on mobile phone One APP, scan the Quick Response Code of the generation.
In a kind of Windows system safe login methods based on OTP algorithm of the present invention, the Windows After system starts, there is special login interface, prompting inputs user name, password, dynamic password.
In a kind of Windows system safe login methods based on OTP algorithm of the present invention, user uses mobile phone APP, based on current time, key, algorithm, automatically generate OTP dynamic passwords.
In a kind of Windows system safe login methods based on OTP algorithm of the present invention, Yong Hu Windows login interfaces input the dynamic password of user name, password and cell phone application generation.
In a kind of Windows system safe login methods based on OTP algorithm of the present invention, the Windows The software of upper installation can intercept log-in events, and separately verify the real effectiveness of user name, password and dynamic password.
In a kind of Windows system safe login methods based on OTP algorithm of the present invention, if checking into Work(, then continue to allow Windows systems to handle log-in events, complete desktop login.
In a kind of Windows system safe login methods based on OTP algorithm of the present invention, if checking is lost Lose, then prompt user to terminate Windows login processes, do not allow access into desktop.
Implement a kind of Windows system safe login methods based on OTP algorithm of the present invention, have below beneficial to effect Fruit:
The present invention utilizes cell phone application, based on current time, key and a kind of AES (OTP algorithm), produces one Dynamic password of the group with time restriction, when user logs in windows desktop, it is necessary to input user name and password combination, together When also need input handset APP generate dynamic password, then transfer to Windows carry out authentication;The present invention is in Windows systems One interception software is installed on system, logging request can be intercepted, on the one hand carry out original username and the identity of password combination Checking, the validation verification on the other hand carrying out dynamic password (are calculated also with the encryption of current time, key and matching Method), when two kinds of verification modes by after, Successful login windows desktop;Otherwise login failure.The present invention passes through mobile phone APP, OTP algorithm, the Windows login interfaces customized common cooperation, original Windows login modes are extended, improve system The security of system, effectively protect the sensitive data of enterprise.
Brief description of the drawings
Below in conjunction with drawings and Examples, the invention will be further described, in accompanying drawing:
Fig. 1 is the step flow chart of the Windows system safe login methods based on OTP algorithm of the present invention.
Embodiment
In order to make the purpose , technical scheme and advantage of the present invention be clearer, it is right below in conjunction with drawings and Examples The present invention is further elaborated.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, and It is not used in the restriction present invention.
OTP:One-time Password, also referred to as dynamic password, be according to special algorithm every the N seconds generate one with Time correlation, uncertain random digit combination;
Windows:The computer desktop operating system of Microsoft;
App:Mobile phone application software.
Fig. 1 shows the step flow chart of the Windows system safe login methods based on OTP algorithm of the present invention, bag Include following steps:Start Windows, check whether that being provided with OTP logs in interception plug-in unit, if it is, displaying carries dynamic mouth The customization login interface of input frame is made, then opens mobile phone dynamic password APP, and checks current dynamic password, is logged in computer Interface inputs user name, password, and dynamic password, and clicks on login button, and described log in intercepts plug-in unit to the user name, close Code is verified, and whether verification succeeds, if it is, the interception plug-in unit that logs in utilizes OTP algorithm verification dynamic password, further Whether verification succeeds, if it is, being successfully entered Windows system desktops.
Specifically, as described above, starting Windows, check whether that being provided with OTP logs in interception plug-in unit, if it is not, then exhibition Show acquiescence Windows login interfaces, the original logics that log in of Windows are handled, and are further successfully entered Windows system tables Face.
Specifically, a software is installed in the Windows systems, and key, algorithm are set, generates Quick Response Code, only It need to carry out once.
Specifically, an APP is installed on mobile phone, the Quick Response Code of the generation is scanned, need to only carry out once.
Specifically, after the Windows systems start, there is special login interface, prompting inputs user name, password, Dynamic password.
Specifically, user uses cell phone application, based on current time, key, algorithm, automatically generates OTP dynamic passwords.
Specifically, user inputs the dynamic mouth of user name, password and cell phone application generation in Windows login interfaces Order.
Specifically, the software installed on the Windows can intercept log-in events, and separately verify user name, password, And the real effectiveness of dynamic password.
Specifically, if be proved to be successful, continue to allow Windows systems to handle log-in events, complete desktop login.
Specifically, if authentication failed, prompt user to terminate Windows login processes, do not allow access into desktop, i.e., can Return to customization login interface of the displaying with dynamic password input frame and re-enter dynamic password login.
The present invention utilizes cell phone application, based on current time, key and a kind of AES (OTP algorithm), produces one Dynamic password of the group with time restriction, when user logs in windows desktop, it is necessary to input user name and password combination, together When also need input handset APP generate dynamic password, then transfer to Windows carry out authentication;The present invention is in Windows systems One interception software is installed on system, logging request can be intercepted, on the one hand carry out original username and the identity of password combination Checking, the validation verification on the other hand carrying out dynamic password (are calculated also with the encryption of current time, key and matching Method), when two kinds of verification modes by after, Successful login windows desktop;Otherwise login failure.The present invention passes through mobile phone APP, OTP algorithm, the Windows login interfaces customized common cooperation, original Windows login modes are extended, improve system The security of system, effectively protect the sensitive data of enterprise.
Although being disclosed by above example to the present invention, protection scope of the present invention is not limited thereto, Under conditions of without departing from present inventive concept, each component is done to more than deformation, replacements etc. will fall into right of the invention In claimed range.

Claims (9)

1. a kind of Windows system safe login methods based on OTP algorithm, it is characterised in that comprise the following steps:Start Windows, check whether that being provided with OTP logs in interception plug-in unit, if it is, customization of the displaying with dynamic password input frame is stepped on Interface is recorded, mobile phone dynamic password APP is then opened, and checks current dynamic password, user name, close is inputted in computer login interface Code, and dynamic password, and login button is clicked on, the interception plug-in unit that logs in verifies to the user name, password, and verification is No success, if it is, described log in intercepts whether plug-in unit is succeeded using OTP algorithm verification dynamic password, further verification, if It is then to be successfully entered Windows system desktops.
A kind of 2. Windows system safe login methods based on OTP algorithm as claimed in claim 1, it is characterised in that One software is installed in the Windows systems, and key, algorithm are set, generates Quick Response Code.
A kind of 3. Windows system safe login methods based on OTP algorithm as claimed in claim 2, it is characterised in that One APP is installed on mobile phone, scans the Quick Response Code of the generation.
A kind of 4. Windows system safe login methods based on OTP algorithm as claimed in claim 3, it is characterised in that institute After stating the startup of Windows systems, there is special login interface, prompting inputs user name, password, dynamic password.
5. a kind of Windows system safe login methods based on OTP algorithm as claimed in claim 4, it is characterised in that use Family uses cell phone application, based on current time, key, algorithm, automatically generates OTP dynamic passwords.
6. a kind of Windows system safe login methods based on OTP algorithm as claimed in claim 5, it is characterised in that use Family inputs the dynamic password of user name, password and cell phone application generation in Windows login interfaces.
A kind of 7. Windows system safe login methods based on OTP algorithm as claimed in claim 6, it is characterised in that institute Log-in events can be intercepted by stating the software installed on Windows, and separately verify the true of user name, password and dynamic password Real validity.
8. a kind of Windows system safe login methods based on OTP algorithm as claimed in claim 7, it is characterised in that such as Fruit is proved to be successful, then continues to allow Windows systems to handle log-in events, complete desktop login.
9. a kind of Windows system safe login methods based on OTP algorithm as claimed in claim 7, it is characterised in that such as Fruit authentication failed, then prompt user to terminate Windows login processes, do not allow access into desktop.
CN201710722120.6A 2017-08-22 2017-08-22 A kind of Windows system safe login methods based on OTP algorithm Pending CN107491670A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710722120.6A CN107491670A (en) 2017-08-22 2017-08-22 A kind of Windows system safe login methods based on OTP algorithm

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710722120.6A CN107491670A (en) 2017-08-22 2017-08-22 A kind of Windows system safe login methods based on OTP algorithm

Publications (1)

Publication Number Publication Date
CN107491670A true CN107491670A (en) 2017-12-19

Family

ID=60646528

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710722120.6A Pending CN107491670A (en) 2017-08-22 2017-08-22 A kind of Windows system safe login methods based on OTP algorithm

Country Status (1)

Country Link
CN (1) CN107491670A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109583160A (en) * 2018-11-21 2019-04-05 安徽云融信息技术有限公司 Computer opening identity authentication system and its authentication method
CN111031539A (en) * 2019-09-30 2020-04-17 武汉信安珞珈科技有限公司 Method and system for enhancing login security of Windows operating system based on mobile terminal
CN113177198A (en) * 2021-05-18 2021-07-27 上海云扩信息科技有限公司 Method for automatically unlocking Windows through software

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1431591A (en) * 2003-01-29 2003-07-23 西安海星现代科技股份有限公司 Dynamic password identity authentication system applicable to network based on software token
CN1828623A (en) * 2006-04-11 2006-09-06 北京飞天诚信科技有限公司 Method for protecting computer login using disposable password
CN101667917A (en) * 2009-09-28 2010-03-10 张师祝 Dynamic password input rule
CN101710372A (en) * 2009-04-27 2010-05-19 深圳市江波龙电子有限公司 Scrambler capable of generating verification code and method thereof for verifying identity
CN102164141A (en) * 2011-04-24 2011-08-24 陈珂 Method for protecting security of account
CN105471891A (en) * 2015-12-28 2016-04-06 湖南蚁坊软件有限公司 Login method based on confidential order of trusted equipment
CN106790138A (en) * 2016-12-28 2017-05-31 山东浪潮云服务信息科技有限公司 A kind of method of government affairs cloud application User logs in double factor checking

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1431591A (en) * 2003-01-29 2003-07-23 西安海星现代科技股份有限公司 Dynamic password identity authentication system applicable to network based on software token
CN1828623A (en) * 2006-04-11 2006-09-06 北京飞天诚信科技有限公司 Method for protecting computer login using disposable password
CN101710372A (en) * 2009-04-27 2010-05-19 深圳市江波龙电子有限公司 Scrambler capable of generating verification code and method thereof for verifying identity
CN101667917A (en) * 2009-09-28 2010-03-10 张师祝 Dynamic password input rule
CN102164141A (en) * 2011-04-24 2011-08-24 陈珂 Method for protecting security of account
CN105471891A (en) * 2015-12-28 2016-04-06 湖南蚁坊软件有限公司 Login method based on confidential order of trusted equipment
CN106790138A (en) * 2016-12-28 2017-05-31 山东浪潮云服务信息科技有限公司 A kind of method of government affairs cloud application User logs in double factor checking

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109583160A (en) * 2018-11-21 2019-04-05 安徽云融信息技术有限公司 Computer opening identity authentication system and its authentication method
CN111031539A (en) * 2019-09-30 2020-04-17 武汉信安珞珈科技有限公司 Method and system for enhancing login security of Windows operating system based on mobile terminal
CN113177198A (en) * 2021-05-18 2021-07-27 上海云扩信息科技有限公司 Method for automatically unlocking Windows through software

Similar Documents

Publication Publication Date Title
US10325085B1 (en) Efficient logon
US9736154B2 (en) System and method for integrating an authentication service within a network architecture
US9047473B2 (en) System and method for second factor authentication services
WO2017000829A1 (en) Method for checking security based on biological features, client and server
US10257209B2 (en) System and methods for protecting users from malicious content
Khrais Highlighting the vulnerabilities of online banking system
US11394712B2 (en) Secure account access
CN106575281B (en) System and method for implementing hosted authentication services
US20150261948A1 (en) Two-factor authentication methods and systems
CN108684041A (en) The system and method for login authentication
US20140164762A1 (en) Apparatus and method of online authentication
CN107506624A (en) A kind of Windows system safe login methods based on short message verification code
US20080072295A1 (en) Method and System for Authentication
CN113841145A (en) Lexus software in inhibit integration, isolation applications
CN103795724A (en) Method for protecting account security based on asynchronous dynamic password technology
US11665156B2 (en) Method and system for securely authenticating a user by an identity and access service using a pictorial code and a one-time code
CN107491670A (en) A kind of Windows system safe login methods based on OTP algorithm
US20090177892A1 (en) Proximity authentication
Jubur et al. Bypassing push-based second factor and passwordless authentication with human-indistinguishable notifications
TW201544983A (en) Data communication method and system, client terminal and server
US20090271629A1 (en) Wireless pairing ceremony
Iyanda et al. Development of two-factor authentication login system using dynamic password with SMS verification
CN110505199A (en) Email safe login method based on the asymmetric identity of lightweight
Tellini et al. Two-Factor Authentication: Selecting and implementing a two-factor authentication method for a digital assessment platform
WO2021106381A1 (en) Information processing device, information processing method, authentication device, authentication method, authentication system, authentication method in authentication system, and computer program

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20171219