CN107491670A - A kind of Windows system safe login methods based on OTP algorithm - Google Patents
A kind of Windows system safe login methods based on OTP algorithm Download PDFInfo
- Publication number
- CN107491670A CN107491670A CN201710722120.6A CN201710722120A CN107491670A CN 107491670 A CN107491670 A CN 107491670A CN 201710722120 A CN201710722120 A CN 201710722120A CN 107491670 A CN107491670 A CN 107491670A
- Authority
- CN
- China
- Prior art keywords
- windows
- login
- password
- dynamic password
- otp
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0863—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0872—Generation of secret information including derivation or calculation of cryptographic keys or passwords using geo-location information, e.g. location data, time, relative position or proximity to other entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3228—One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2133—Verifying human interaction, e.g., Captcha
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The present invention relates to a kind of Windows system safe login methods based on OTP algorithm, comprise the following steps:Start Windows, check whether that being provided with OTP logs in interception plug-in unit, if, then customization login interface of the displaying with dynamic password input frame, open mobile phone dynamic password APP, and current dynamic password is checked, input user name, password, and dynamic password in computer login interface, and click on login button, interception plug-in unit is logged in verify the user name, password, whether verification succeeds, if, log in and intercept plug-in unit using OTP algorithm verification dynamic password, further whether verification succeeds, if it is, being successfully entered Windows system desktops.The present invention extends original Windows login modes, improves the security of system, effectively protect the sensitive data of enterprise by cell phone application, the common cooperation of OTP algorithm, the Windows login interfaces customized.
Description
Technical field
The present invention relates to Windows system secure log technical fields, and OTP algorithm is based on more specifically to one kind
Windows system safe login methods.
Background technology
Most enterprises use Windows systems to set use as computer desktop, these Windows systems at present
Name in an account book protects data information, prevents unauthorized access with password;, it is necessary to first input user name with password to test before desktop is logged in
Demonstrate,prove identity.With requirement more and more higher of the enterprise to informatization security degree, traditional, stepping on based on user name and password combination
Record mode possibly can not meet the safety requirements of sensitive data:As long as example, anyone be aware of certain computer user name and
Password, you can log in other people system desktops, access sensitive data.
With the raising of each information level of the enterprise and the popularization of computer, enterprise staff is more at present uses Windows
System is handled official business.Every computer in enterprise more or less has the data related to enterprise, data, and these information can
Can be sensitive, be related to enterprise development and interests, be not intended to can be by unauthorized access.Enterprise is except setting physical security
Beyond (gate inhibition), last one of the barrier for accessing these sensitive informations is exactly the user name and password combination of Windows systems;One
Denier has lawless people to obtain user name and password, and breaches physical limit, i.e., can easily access the sensitive number in computer
According to causing inestimable loss to enterprise.
The content of the invention
The technical problem to be solved in the present invention is, is provided for the defects of prior art a kind of based on OTP algorithm
Windows system safe login methods.
The technical solution adopted for the present invention to solve the technical problems is:Construct a kind of Windows systems based on OTP algorithm
System safe login method, comprises the following steps:Start Windows, check whether that being provided with OTP logs in interception plug-in unit, if it is,
Then customization login interface of the displaying with dynamic password input frame, mobile phone dynamic password APP is then opened, and check current dynamic
Password, user name, password, and dynamic password are inputted in computer login interface, and click on login button, the login, which intercepts, inserts
Part verifies to the user name, password, and whether verification succeeds, if it is, described log in intercepts plug-in unit using OTP algorithm verification
Dynamic password, whether further verification succeeds, if it is, being successfully entered Windows system desktops.
In a kind of Windows system safe login methods based on OTP algorithm of the present invention, described
One software is installed in Windows systems, and key, algorithm are set, generates Quick Response Code.
In a kind of Windows system safe login methods based on OTP algorithm of the present invention, installed on mobile phone
One APP, scan the Quick Response Code of the generation.
In a kind of Windows system safe login methods based on OTP algorithm of the present invention, the Windows
After system starts, there is special login interface, prompting inputs user name, password, dynamic password.
In a kind of Windows system safe login methods based on OTP algorithm of the present invention, user uses mobile phone
APP, based on current time, key, algorithm, automatically generate OTP dynamic passwords.
In a kind of Windows system safe login methods based on OTP algorithm of the present invention, Yong Hu
Windows login interfaces input the dynamic password of user name, password and cell phone application generation.
In a kind of Windows system safe login methods based on OTP algorithm of the present invention, the Windows
The software of upper installation can intercept log-in events, and separately verify the real effectiveness of user name, password and dynamic password.
In a kind of Windows system safe login methods based on OTP algorithm of the present invention, if checking into
Work(, then continue to allow Windows systems to handle log-in events, complete desktop login.
In a kind of Windows system safe login methods based on OTP algorithm of the present invention, if checking is lost
Lose, then prompt user to terminate Windows login processes, do not allow access into desktop.
Implement a kind of Windows system safe login methods based on OTP algorithm of the present invention, have below beneficial to effect
Fruit:
The present invention utilizes cell phone application, based on current time, key and a kind of AES (OTP algorithm), produces one
Dynamic password of the group with time restriction, when user logs in windows desktop, it is necessary to input user name and password combination, together
When also need input handset APP generate dynamic password, then transfer to Windows carry out authentication;The present invention is in Windows systems
One interception software is installed on system, logging request can be intercepted, on the one hand carry out original username and the identity of password combination
Checking, the validation verification on the other hand carrying out dynamic password (are calculated also with the encryption of current time, key and matching
Method), when two kinds of verification modes by after, Successful login windows desktop;Otherwise login failure.The present invention passes through mobile phone
APP, OTP algorithm, the Windows login interfaces customized common cooperation, original Windows login modes are extended, improve system
The security of system, effectively protect the sensitive data of enterprise.
Brief description of the drawings
Below in conjunction with drawings and Examples, the invention will be further described, in accompanying drawing:
Fig. 1 is the step flow chart of the Windows system safe login methods based on OTP algorithm of the present invention.
Embodiment
In order to make the purpose , technical scheme and advantage of the present invention be clearer, it is right below in conjunction with drawings and Examples
The present invention is further elaborated.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, and
It is not used in the restriction present invention.
OTP:One-time Password, also referred to as dynamic password, be according to special algorithm every the N seconds generate one with
Time correlation, uncertain random digit combination;
Windows:The computer desktop operating system of Microsoft;
App:Mobile phone application software.
Fig. 1 shows the step flow chart of the Windows system safe login methods based on OTP algorithm of the present invention, bag
Include following steps:Start Windows, check whether that being provided with OTP logs in interception plug-in unit, if it is, displaying carries dynamic mouth
The customization login interface of input frame is made, then opens mobile phone dynamic password APP, and checks current dynamic password, is logged in computer
Interface inputs user name, password, and dynamic password, and clicks on login button, and described log in intercepts plug-in unit to the user name, close
Code is verified, and whether verification succeeds, if it is, the interception plug-in unit that logs in utilizes OTP algorithm verification dynamic password, further
Whether verification succeeds, if it is, being successfully entered Windows system desktops.
Specifically, as described above, starting Windows, check whether that being provided with OTP logs in interception plug-in unit, if it is not, then exhibition
Show acquiescence Windows login interfaces, the original logics that log in of Windows are handled, and are further successfully entered Windows system tables
Face.
Specifically, a software is installed in the Windows systems, and key, algorithm are set, generates Quick Response Code, only
It need to carry out once.
Specifically, an APP is installed on mobile phone, the Quick Response Code of the generation is scanned, need to only carry out once.
Specifically, after the Windows systems start, there is special login interface, prompting inputs user name, password,
Dynamic password.
Specifically, user uses cell phone application, based on current time, key, algorithm, automatically generates OTP dynamic passwords.
Specifically, user inputs the dynamic mouth of user name, password and cell phone application generation in Windows login interfaces
Order.
Specifically, the software installed on the Windows can intercept log-in events, and separately verify user name, password,
And the real effectiveness of dynamic password.
Specifically, if be proved to be successful, continue to allow Windows systems to handle log-in events, complete desktop login.
Specifically, if authentication failed, prompt user to terminate Windows login processes, do not allow access into desktop, i.e., can
Return to customization login interface of the displaying with dynamic password input frame and re-enter dynamic password login.
The present invention utilizes cell phone application, based on current time, key and a kind of AES (OTP algorithm), produces one
Dynamic password of the group with time restriction, when user logs in windows desktop, it is necessary to input user name and password combination, together
When also need input handset APP generate dynamic password, then transfer to Windows carry out authentication;The present invention is in Windows systems
One interception software is installed on system, logging request can be intercepted, on the one hand carry out original username and the identity of password combination
Checking, the validation verification on the other hand carrying out dynamic password (are calculated also with the encryption of current time, key and matching
Method), when two kinds of verification modes by after, Successful login windows desktop;Otherwise login failure.The present invention passes through mobile phone
APP, OTP algorithm, the Windows login interfaces customized common cooperation, original Windows login modes are extended, improve system
The security of system, effectively protect the sensitive data of enterprise.
Although being disclosed by above example to the present invention, protection scope of the present invention is not limited thereto,
Under conditions of without departing from present inventive concept, each component is done to more than deformation, replacements etc. will fall into right of the invention
In claimed range.
Claims (9)
1. a kind of Windows system safe login methods based on OTP algorithm, it is characterised in that comprise the following steps:Start
Windows, check whether that being provided with OTP logs in interception plug-in unit, if it is, customization of the displaying with dynamic password input frame is stepped on
Interface is recorded, mobile phone dynamic password APP is then opened, and checks current dynamic password, user name, close is inputted in computer login interface
Code, and dynamic password, and login button is clicked on, the interception plug-in unit that logs in verifies to the user name, password, and verification is
No success, if it is, described log in intercepts whether plug-in unit is succeeded using OTP algorithm verification dynamic password, further verification, if
It is then to be successfully entered Windows system desktops.
A kind of 2. Windows system safe login methods based on OTP algorithm as claimed in claim 1, it is characterised in that
One software is installed in the Windows systems, and key, algorithm are set, generates Quick Response Code.
A kind of 3. Windows system safe login methods based on OTP algorithm as claimed in claim 2, it is characterised in that
One APP is installed on mobile phone, scans the Quick Response Code of the generation.
A kind of 4. Windows system safe login methods based on OTP algorithm as claimed in claim 3, it is characterised in that institute
After stating the startup of Windows systems, there is special login interface, prompting inputs user name, password, dynamic password.
5. a kind of Windows system safe login methods based on OTP algorithm as claimed in claim 4, it is characterised in that use
Family uses cell phone application, based on current time, key, algorithm, automatically generates OTP dynamic passwords.
6. a kind of Windows system safe login methods based on OTP algorithm as claimed in claim 5, it is characterised in that use
Family inputs the dynamic password of user name, password and cell phone application generation in Windows login interfaces.
A kind of 7. Windows system safe login methods based on OTP algorithm as claimed in claim 6, it is characterised in that institute
Log-in events can be intercepted by stating the software installed on Windows, and separately verify the true of user name, password and dynamic password
Real validity.
8. a kind of Windows system safe login methods based on OTP algorithm as claimed in claim 7, it is characterised in that such as
Fruit is proved to be successful, then continues to allow Windows systems to handle log-in events, complete desktop login.
9. a kind of Windows system safe login methods based on OTP algorithm as claimed in claim 7, it is characterised in that such as
Fruit authentication failed, then prompt user to terminate Windows login processes, do not allow access into desktop.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710722120.6A CN107491670A (en) | 2017-08-22 | 2017-08-22 | A kind of Windows system safe login methods based on OTP algorithm |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710722120.6A CN107491670A (en) | 2017-08-22 | 2017-08-22 | A kind of Windows system safe login methods based on OTP algorithm |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107491670A true CN107491670A (en) | 2017-12-19 |
Family
ID=60646528
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710722120.6A Pending CN107491670A (en) | 2017-08-22 | 2017-08-22 | A kind of Windows system safe login methods based on OTP algorithm |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107491670A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109583160A (en) * | 2018-11-21 | 2019-04-05 | 安徽云融信息技术有限公司 | Computer opening identity authentication system and its authentication method |
CN111031539A (en) * | 2019-09-30 | 2020-04-17 | 武汉信安珞珈科技有限公司 | Method and system for enhancing login security of Windows operating system based on mobile terminal |
CN113177198A (en) * | 2021-05-18 | 2021-07-27 | 上海云扩信息科技有限公司 | Method for automatically unlocking Windows through software |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1431591A (en) * | 2003-01-29 | 2003-07-23 | 西安海星现代科技股份有限公司 | Dynamic password identity authentication system applicable to network based on software token |
CN1828623A (en) * | 2006-04-11 | 2006-09-06 | 北京飞天诚信科技有限公司 | Method for protecting computer login using disposable password |
CN101667917A (en) * | 2009-09-28 | 2010-03-10 | 张师祝 | Dynamic password input rule |
CN101710372A (en) * | 2009-04-27 | 2010-05-19 | 深圳市江波龙电子有限公司 | Scrambler capable of generating verification code and method thereof for verifying identity |
CN102164141A (en) * | 2011-04-24 | 2011-08-24 | 陈珂 | Method for protecting security of account |
CN105471891A (en) * | 2015-12-28 | 2016-04-06 | 湖南蚁坊软件有限公司 | Login method based on confidential order of trusted equipment |
CN106790138A (en) * | 2016-12-28 | 2017-05-31 | 山东浪潮云服务信息科技有限公司 | A kind of method of government affairs cloud application User logs in double factor checking |
-
2017
- 2017-08-22 CN CN201710722120.6A patent/CN107491670A/en active Pending
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1431591A (en) * | 2003-01-29 | 2003-07-23 | 西安海星现代科技股份有限公司 | Dynamic password identity authentication system applicable to network based on software token |
CN1828623A (en) * | 2006-04-11 | 2006-09-06 | 北京飞天诚信科技有限公司 | Method for protecting computer login using disposable password |
CN101710372A (en) * | 2009-04-27 | 2010-05-19 | 深圳市江波龙电子有限公司 | Scrambler capable of generating verification code and method thereof for verifying identity |
CN101667917A (en) * | 2009-09-28 | 2010-03-10 | 张师祝 | Dynamic password input rule |
CN102164141A (en) * | 2011-04-24 | 2011-08-24 | 陈珂 | Method for protecting security of account |
CN105471891A (en) * | 2015-12-28 | 2016-04-06 | 湖南蚁坊软件有限公司 | Login method based on confidential order of trusted equipment |
CN106790138A (en) * | 2016-12-28 | 2017-05-31 | 山东浪潮云服务信息科技有限公司 | A kind of method of government affairs cloud application User logs in double factor checking |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109583160A (en) * | 2018-11-21 | 2019-04-05 | 安徽云融信息技术有限公司 | Computer opening identity authentication system and its authentication method |
CN111031539A (en) * | 2019-09-30 | 2020-04-17 | 武汉信安珞珈科技有限公司 | Method and system for enhancing login security of Windows operating system based on mobile terminal |
CN113177198A (en) * | 2021-05-18 | 2021-07-27 | 上海云扩信息科技有限公司 | Method for automatically unlocking Windows through software |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10325085B1 (en) | Efficient logon | |
US9736154B2 (en) | System and method for integrating an authentication service within a network architecture | |
US9047473B2 (en) | System and method for second factor authentication services | |
WO2017000829A1 (en) | Method for checking security based on biological features, client and server | |
US10257209B2 (en) | System and methods for protecting users from malicious content | |
Khrais | Highlighting the vulnerabilities of online banking system | |
US11394712B2 (en) | Secure account access | |
CN106575281B (en) | System and method for implementing hosted authentication services | |
US20150261948A1 (en) | Two-factor authentication methods and systems | |
CN108684041A (en) | The system and method for login authentication | |
US20140164762A1 (en) | Apparatus and method of online authentication | |
CN107506624A (en) | A kind of Windows system safe login methods based on short message verification code | |
US20080072295A1 (en) | Method and System for Authentication | |
CN113841145A (en) | Lexus software in inhibit integration, isolation applications | |
CN103795724A (en) | Method for protecting account security based on asynchronous dynamic password technology | |
US11665156B2 (en) | Method and system for securely authenticating a user by an identity and access service using a pictorial code and a one-time code | |
CN107491670A (en) | A kind of Windows system safe login methods based on OTP algorithm | |
US20090177892A1 (en) | Proximity authentication | |
Jubur et al. | Bypassing push-based second factor and passwordless authentication with human-indistinguishable notifications | |
TW201544983A (en) | Data communication method and system, client terminal and server | |
US20090271629A1 (en) | Wireless pairing ceremony | |
Iyanda et al. | Development of two-factor authentication login system using dynamic password with SMS verification | |
CN110505199A (en) | Email safe login method based on the asymmetric identity of lightweight | |
Tellini et al. | Two-Factor Authentication: Selecting and implementing a two-factor authentication method for a digital assessment platform | |
WO2021106381A1 (en) | Information processing device, information processing method, authentication device, authentication method, authentication system, authentication method in authentication system, and computer program |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20171219 |