CN109409045B - Safety protection method and device for automatic login account of browser - Google Patents
Safety protection method and device for automatic login account of browser Download PDFInfo
- Publication number
- CN109409045B CN109409045B CN201811107173.8A CN201811107173A CN109409045B CN 109409045 B CN109409045 B CN 109409045B CN 201811107173 A CN201811107173 A CN 201811107173A CN 109409045 B CN109409045 B CN 109409045B
- Authority
- CN
- China
- Prior art keywords
- account
- browser
- key
- website
- login
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Abstract
The invention belongs to the technical field of information security, and discloses a method and a device for protecting the security of an automatic login account based on a browser, which are used for acquiring a URL (Uniform resource locator) address and a unique machine code of a current login website; judging whether the account needs to be saved; the account information is encrypted through a first secret key to generate ciphertext account information, and the public key encrypts the first secret key to generate a second secret key; acquiring a URL address and a unique machine code of a current login website, and judging whether an account exists in an automatic login list or not; acquiring an encrypted key and account information, decrypting the key through a private key, decrypting ciphertext account information through the decrypted key, and acquiring plaintext account information; and obtaining account user name and password information, and automatically filling the user name and the password to finish the automatic website login. The invention solves the problem that the user name and the password in the website are easy to leak, effectively protects the security of the login account, realizes automatic login and saves the login time of the user.
Description
Technical Field
The invention relates to the technical field of information security, in particular to a method and a device for protecting the security of an automatic login account based on a browser.
Background
Currently, the current state of the art commonly used in the industry is such that: the security of the network is to ensure the availability, integrity and confidentiality of network data by adopting various technologies and management measures to make the network system operate normally. The specific meaning of network security may vary with the "angle". Such as: from the perspective of users (individuals, businesses, etc.), they desire that information relating to personal privacy or commercial interests be protected from confidentiality, integrity, and authenticity when transmitted over a network. From the enterprise perspective, the most important is the security encryption and protection on the internal information.
In the prior art, a user name and a password can be automatically memorized in a cache of a browser through a function of memorizing the password, and a login website can realize automatic login by acquiring the cached user name and the password. Although the browser can automatically log in by automatically remembering the password, the user name and the password are stored in the browser cache, and the cache information is not encrypted for management, so that the reason for the non-encrypted management is that the module design is simple and practical and the complex safety protection design is not purposefully carried out. After the problem is solved, the security of the self account number and the password can be well realized, and the illegal person is prevented from being stolen and utilized; all of this username and password information is easily compromised. With the continuous development of informatization, personal user names and account numbers are more and more on different websites, one user name and one password exist on a plurality of website systems for the convenience of memory, once the user name and the password of one system are leaked, serious consequences can be caused, and personal privacy and money loss can be caused.
In the prior art, by establishing a corresponding relation between a tag and a user name and a password as well as a corresponding relation between the tag and a website, the user name and the password are encrypted and protected by using a fixed key, the user name and the password are decrypted by using the fixed key when the website is logged in, the user name and the password are automatically filled into a target webpage, and the target webpage is automatically logged in. Although the user name and the password are encrypted, when different websites use the same user name and password at the same time, the ciphertexts of all the user names and the passwords are the same, and once the user name and the password of one website are leaked, the user names and the passwords of all the websites are cracked; the site A is logged in on the machine A, automatic login of the site A can be achieved if the browser is copied to the machine B, and potential safety hazards exist. For example, once a user name and password ciphertext information of an employee is revealed when the employee logs in multiple website systems on the machine a, a lawbreaker can analyze that the user names and passwords of the multiple website systems are the same through the ciphertext, and can log in all the website systems by cracking one account. Because the account numbers are stored locally, automatic login can be realized once the account numbers are copied to other machines, and the logged-in website system can be realized without cracking the account numbers.
In summary, the problems of the prior art are as follows:
(1) in the prior art, a user name and a password are automatically memorized in a cache of a browser through a function of memorizing the password, and a login website automatically logs in by acquiring the cached user name and the password, but the cached information is not encrypted and managed, so that the user name and the password information are easily leaked.
(2) Although the user name and the password can be encrypted in the prior art, when different websites use the same user name and password at the same time, once the user name and the password of one website are leaked, the user names and the passwords of all the websites are cracked.
The difficulty and significance for solving the technical problems are as follows: the account information is difficult to crack and is only effective on a logged machine, so that the account information is ineffective when being separated from the machine environment, and the account security is protected really.
Disclosure of Invention
Aiming at the problems in the prior art, the invention provides a method and a device for protecting the safety of an automatic login account based on a browser, so as to at least solve the problem that a user name and a password in a website are easy to leak.
The invention is realized in such a way that a safety protection method based on an automatic login account of a browser comprises the following steps:
the browser detects that the user successfully logs in the website server through the user name and the password; the browser judges whether an account corresponding to the user name needs to be stored or not; and if the account needs to be saved, encrypting the account information through a first key to generate ciphertext account information, encrypting the first key through a public key to generate a second key, and saving the generated second key and the ciphertext account information in an automatic login list.
Further, the browser prompts the user whether to initiate an automatic login.
Further, acquiring a URL address and a unique machine code of the current login website; performing hash operation on the URL address of the website and the unique machine code to generate a string of hash values; if the hash value is stored, no processing is carried out, otherwise, account encryption protection is carried out.
Further, when the browser loads a website URL address, the current login website URL address and the unique machine code are obtained; performing hash operation on the URL address of the website and the unique machine code to generate a string of hash values; and searching whether the generated hash value exists in the automatic login list, if not, indicating that the site cannot be automatically logged in without processing, otherwise, decrypting the account.
Further, the secret key is decrypted through the private key, and the ciphertext account information is decrypted through the decrypted secret key to obtain the plaintext account information.
And further, acquiring account user name and password information, and automatically filling the user name and the password to complete automatic website login.
Another object of the present invention is to provide a browser-based automatic login account security protection apparatus for implementing the browser-based automatic login account security protection method, the browser-based automatic login account security protection apparatus comprising:
the browser detects that the user successfully logs in the website server through the user name and the password; the browser judges whether the account corresponding to the user name needs to be saved or not; and the account number encryption module is used for encrypting the account number information through a first secret key to generate ciphertext account number information if the account number needs to be stored, encrypting the first secret key through a public key to generate a second secret key, and storing the generated second secret key and the ciphertext account number information into the automatic login list.
The invention also aims to provide a computer program for realizing the browser-based automatic login account security protection method.
The invention also aims to provide an information data processing terminal for realizing the browser-based automatic login account security protection method.
It is another object of the present invention to provide a computer-readable storage medium, which includes instructions that, when executed on a computer, cause the computer to perform the method for securing a browser-based auto-login account.
The invention also aims to provide a computer for realizing the safety protection method for the automatic login account based on the browser.
In summary, the advantages and positive effects of the invention are: the invention enables the user to automatically log in the target server under the condition of not inputting the user name and the password, can ensure the safety of the user name and the password, and is convenient and safe. According to the invention, the protection of the user account information is greatly enhanced through the account safety protection device, the automatic login can be realized through the automatic login list information storage, the user does not need to input the user name and the password, the time for the user to login is greatly saved, the inconvenience of inputting the user name and the password by using a browser login system is avoided, and convenience is provided for the user. In the prior art, a fixed key is adopted for an account, and once the key is revealed, potential safety hazards exist in the account.
Drawings
Fig. 1 is a schematic structural diagram of a security protection device for automatically logging in an account based on a browser according to an embodiment of the present invention;
in the figure: 1. an account login module; 2. a judging account number saving module; 3. an account number encryption module; 4. detecting and loading a website module; 5. an account number decryption module; 6. and an automatic login module.
Fig. 2 is a flowchart of a method for protecting security of an automatic login account based on a browser according to an embodiment of the present invention.
Fig. 3 is a flowchart of an implementation of a method for protecting security of an account automatically logged in based on a browser according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail with reference to the following embodiments. It is to be understood that the described embodiments are merely exemplary of a portion of the invention and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that the terms "first," "second," and the like in the description and claims of the present invention and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the invention described herein are capable of operation in sequences other than those illustrated or described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
Example 1
The method aims to solve the problems that user name and password information are easily leaked and user names and passwords of all websites are cracked in the prior art. The invention enables the user to automatically log in the target server under the condition of not inputting the user name and the password, can ensure the safety of the user name and the password, and is convenient and safe.
The following detailed description of the principles of the invention is provided in connection with the accompanying drawings.
As shown in fig. 1, an automatic login account security protection apparatus provided in an embodiment of the present invention includes:
the account login module 1: the browser prompts a user whether to start automatic login, if so, an account safety protection device is started, and if not, no processing is performed;
the judgment account number saving module 2: acquiring a URL address and a unique machine code of a current login website, performing hash operation on the URL address and the unique machine code of the website to generate a string of hash values, storing the generated hash values without any processing, and otherwise, performing account encryption protection;
the unique machine code comprises a network card MAC address, a hard disk serial number, a hardware equipment serial number and the like.
The account number encryption module 3: the account information is encrypted through a first key to generate ciphertext account information, the first key is encrypted through a public key to generate a second key, and the generated second key and the ciphertext account information are stored in an automatic login list;
and the website detecting and loading module 4: acquiring a URL address and a unique machine code of a current login website, performing hash operation on the URL address and the unique machine code of the website to generate a string of hash values, wherein when the hash values do not exist, the website cannot be automatically logged in without processing, otherwise, an account is decrypted;
the account number decryption module 5: acquiring an encrypted key and account information from the automatic login list, decrypting the key through a private key, and decrypting ciphertext account information through the decrypted key to acquire plaintext account information;
the automatic login module 6: and obtaining account user name and password information, and automatically filling the user name and the password to complete the process of automatically logging in the site.
Example 2
As shown in fig. 2, the method for protecting security of an account automatically logged in based on a browser according to an embodiment of the present invention includes the following steps:
s101: when the browser detects that a user inputs a user name and a password and successfully logs in a website server, the browser prompts the user whether to start automatic login;
s102: acquiring a URL address and a unique machine code of a current login website, performing hash operation on the URL address and the unique machine code of the website to generate a hash value, storing the hash value without any processing, and otherwise, performing account encryption protection;
the unique machine code comprises a network card MAC address, a hard disk serial number, a hardware equipment serial number and the like.
S103: the account information is encrypted through a first key to generate ciphertext account information, the first key is encrypted through a public key to generate a second key, and the generated second key and the ciphertext account information are stored in an automatic login list;
s104: acquiring a URL address and a unique machine code of a current login website, performing hash operation on the URL address and the unique machine code of the website to generate a hash value, wherein when the hash value does not exist, the website cannot be automatically logged in without processing, otherwise, an account is decrypted;
s105: acquiring an encrypted key and account information from the automatic login list, decrypting the key through a private key, and decrypting ciphertext account information through the decrypted key to acquire plaintext account information;
s106: and obtaining account user name and password information, and automatically filling the user name and the password to complete the process of automatically logging in the site.
Example 3
The application of the principles of the present invention will now be described in further detail with reference to the accompanying drawings.
As shown in fig. 3, the method for protecting security of an automatic login account based on a browser according to an embodiment of the present invention specifically includes the following steps:
the method comprises the steps that a user logs in through an account, and when a browser detects that the user inputs a user name and a password and successfully logs in a website server, the browser prompts the user whether to start automatic login;
directly switching to a finishing link without starting automatic login; after the automatic login is started, judging whether the account information needs to be stored or not, wherein the account information does not need to be stored, and directly turning to a finishing link; the account information needs to be stored, a URL address and a unique machine code of a current login website are obtained, hash operation is carried out on the URL address and the unique machine code of the website to generate a hash value, and the account is encrypted;
the unique machine code comprises a network card MAC address, a hard disk serial number, a hardware equipment serial number and the like.
Entering a login site for detection, judging whether the site exists in the automatic login list, and if the site does not exist, directly switching to a finishing link; the account information is encrypted through a first key to generate ciphertext account information, the first key is encrypted through a public key to generate a second key, and the generated second key and the ciphertext account information are stored in an automatic login list;
after the website exists, acquiring a URL address and a unique machine code of a current login website, performing hash operation on the URL address and the unique machine code of the website to generate a hash value, and decrypting an account;
entering automatic login, acquiring the encrypted key and account information from the automatic login list, decrypting the key through a private key, and decrypting the ciphertext account information through the decrypted key to acquire plaintext account information; and obtaining account user name and password information, automatically filling the user name and the password, completing the process of automatically logging in the site, and completing automatic logging in.
In the above embodiments, the implementation may be wholly or partially realized by software, hardware, firmware, or any combination thereof. When used in whole or in part, can be implemented in a computer program product that includes one or more computer instructions. When loaded or executed on a computer, cause the flow or functions according to embodiments of the invention to occur, in whole or in part. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable device. The computer instructions may be stored in a computer readable storage medium or transmitted from one computer readable storage medium to another, for example, the computer instructions may be transmitted from one website site, computer, server, or data center to another website site, computer, server, or data center via wire (e.g., coaxial cable, fiber optic, Digital Subscriber Line (DSL), or wireless (e.g., infrared, wireless, microwave, etc.)). The computer-readable storage medium can be any available medium that can be accessed by a computer or a data storage device, such as a server, a data center, etc., that includes one or more of the available media. The usable medium may be a magnetic medium (e.g., floppy Disk, hard Disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., Solid State Disk (SSD)), among others.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents and improvements made within the spirit and principle of the present invention are intended to be included within the scope of the present invention.
Claims (8)
1. A safety protection method based on an automatic login account of a browser is characterized by comprising the following steps:
the browser detects that the user successfully logs in the website server through the user name and the password;
the browser judges whether an account corresponding to the user name needs to be stored or not;
if the account needs to be stored, encrypting the account information through a first key to generate ciphertext account information, encrypting the first key through a public key to generate a second key, and storing the generated second key and the ciphertext account information in an automatic login list;
the browser judges whether the account corresponding to the user name needs to be saved, including:
acquiring a URL address and a unique machine code of a current login website;
performing hash operation on the website URL address and the unique machine code to generate a string of hash values;
if the hash value is stored, no processing is carried out, otherwise, account encryption protection is carried out.
2. The method for security protection of an account based on automatic login of a browser according to claim 1, wherein the browser detects that the user successfully logs in the website server through a user name and a password, and the method comprises the following steps: the browser prompts the user whether to start automatic login.
3. The browser-based auto-login account security protection method of any one of claims 1-2, wherein after saving the generated second key and the ciphertext account information to an auto-login list, the method further comprises:
when the browser loads a website URL address, acquiring the URL address and the unique machine code of the current login website;
performing hash operation on the website URL address and the unique machine code to generate a string of hash values;
and searching whether the generated hash value exists in the automatic login list, if not, indicating that the URL address of the website cannot be automatically logged in, not processing, and otherwise, decrypting the account.
4. The browser-based automatic login account security protection method of claim 3, wherein decrypting the account comprises:
and decrypting the key through the private key, and decrypting the ciphertext account information through the decrypted key to obtain the plaintext account information.
5. The browser-based automatic login account security protection method of claim 4, after obtaining the plaintext account information, comprising: and obtaining account user name and password information, and automatically filling the user name and the password to finish the automatic website login.
6. A browser-based automatic login account security protection device for operating the browser-based automatic login account security protection method according to claim 1, wherein the browser-based automatic login account security protection device comprises:
the browser detects that the user successfully logs in the website server through the user name and the password;
the judging account number saving module is used for judging whether the account number corresponding to the user name needs to be saved or not by the browser;
the account encryption module is used for encrypting the account information through a first key to generate ciphertext account information if the account needs to be stored, encrypting the first key through a public key to generate a second key, and storing the generated second key and the ciphertext account information into an automatic login list;
the judgment account number saving module comprises:
acquiring a URL address and a unique machine code of a current login website;
performing hash operation on the website URL address and the unique machine code to generate a string of hash values;
if the hash value is stored, no processing is carried out, otherwise, account encryption protection is carried out.
7. An information data processing terminal for implementing the browser-based automatic login account security protection method according to any one of claims 1 to 5.
8. A computer-readable storage medium comprising instructions that, when executed on a computer, cause the computer to perform the method for browser-based auto-login account security protection according to any one of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811107173.8A CN109409045B (en) | 2018-09-21 | 2018-09-21 | Safety protection method and device for automatic login account of browser |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811107173.8A CN109409045B (en) | 2018-09-21 | 2018-09-21 | Safety protection method and device for automatic login account of browser |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109409045A CN109409045A (en) | 2019-03-01 |
| CN109409045B true CN109409045B (en) | 2020-01-03 |
Family
ID=65466252
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811107173.8A Active CN109409045B (en) | 2018-09-21 | 2018-09-21 | Safety protection method and device for automatic login account of browser |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109409045B (en) |
Families Citing this family (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110445768B (en) * | 2019-07-18 | 2021-11-09 | 创新先进技术有限公司 | Login method and device and electronic equipment |
| CN110601823A (en) * | 2019-08-22 | 2019-12-20 | 上海达龙信息科技有限公司 | Account security management method and system, storage medium and client |
| CN110620814A (en) * | 2019-09-10 | 2019-12-27 | 西安交大捷普网络科技有限公司 | Control method and system for operation and maintenance login of Web browser |
| CN110826083A (en) * | 2019-10-08 | 2020-02-21 | 云深互联(北京)科技有限公司 | Browser data encryption method, device, system and storage medium |
| CN112073174B (en) * | 2020-07-28 | 2023-06-27 | 广州骏伯网络科技有限公司 | Communication account decryption method, device, equipment, storage medium and information interaction system |
| CN112632584A (en) * | 2020-12-30 | 2021-04-09 | 绿盟科技集团股份有限公司 | Webpage password storage method and device |
| CN112784256A (en) * | 2021-01-28 | 2021-05-11 | 北京明略昭辉科技有限公司 | Account password management method and system |
| CN113709181A (en) * | 2021-09-10 | 2021-11-26 | 未鲲(上海)科技服务有限公司 | Website login method, device, equipment and storage medium based on browser plug-in |
| CN114338192B (en) * | 2021-12-30 | 2023-06-06 | 苏州浪潮智能科技有限公司 | Web request security processing method, device, equipment and medium |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103036899A (en) * | 2012-12-25 | 2013-04-10 | 广东欧珀移动通信有限公司 | Method and system of automatic login user account |
| CN104283680A (en) * | 2013-07-05 | 2015-01-14 | 腾讯科技(深圳)有限公司 | Data transmission method, client side, server and system |
| CN105095782A (en) * | 2014-05-13 | 2015-11-25 | 腾讯科技(深圳)有限公司 | Data protection method and system |
| CN104320392A (en) * | 2014-10-22 | 2015-01-28 | 成都卫士通信息产业股份有限公司 | Unified user authentication method |
| CN105450637A (en) * | 2015-11-09 | 2016-03-30 | 歌尔声学股份有限公司 | Single sign-on method and device for multiple application systems |
| CN106302539A (en) * | 2016-10-12 | 2017-01-04 | 广州市芯德电子技术有限公司 | A kind of embedded type WEB safety certifying method |
-
2018
- 2018-09-21 CN CN201811107173.8A patent/CN109409045B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN109409045A (en) | 2019-03-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109409045B (en) | Safety protection method and device for automatic login account of browser | |
| JP6941146B2 (en) | Data security service | |
| US9906513B2 (en) | Network authorization system | |
| JP5860815B2 (en) | System and method for enforcing computer policy | |
| CN106453361B (en) | A kind of security protection method and system of the network information | |
| CN109981665B (en) | Resource providing method and device, and resource access method, device and system | |
| CN103246850A (en) | Method and device for processing file | |
| Zdziarski | Identifying back doors, attack points, and surveillance mechanisms in iOS devices | |
| US20130067217A1 (en) | System and method for protecting access to authentication systems | |
| US20180053018A1 (en) | Methods and systems for facilitating secured access to storage devices | |
| CN114244522B (en) | Information protection method, device, electronic equipment and computer readable storage medium | |
| US20170201528A1 (en) | Method for providing trusted service based on secure area and apparatus using the same | |
| US10623400B2 (en) | Method and device for credential and data protection | |
| CN111611620B (en) | Access request processing method and related device of access platform | |
| CN110807210B (en) | Information processing method, platform, system and computer storage medium | |
| CN109960945B (en) | Active safety protection method and system for browser | |
| CN106850592A (en) | A kind of information processing method, server and terminal | |
| US20200259815A1 (en) | User enrollment and authentication across providers having trusted authentication and identity management services | |
| KR20110128371A (en) | Mobile authentication system and central control system, and the method of operating them for mobile clients | |
| CN111338841A (en) | Data processing method, device, equipment and storage medium | |
| US11550932B2 (en) | Method for a terminal to acquire and access data | |
| CN111669746A (en) | Protection system for information security of Internet of things | |
| CN110619236A (en) | File authorization access method, device and system based on file credential information | |
| US11804969B2 (en) | Establishing trust between two devices for secure peer-to-peer communication | |
| CN106992976B (en) | Network security management method and server |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |