CN109547428A - It verifies password and accesses method, system and the storage medium of server - Google Patents

It verifies password and accesses method, system and the storage medium of server Download PDF

Info

Publication number
CN109547428A
CN109547428A CN201811354754.1A CN201811354754A CN109547428A CN 109547428 A CN109547428 A CN 109547428A CN 201811354754 A CN201811354754 A CN 201811354754A CN 109547428 A CN109547428 A CN 109547428A
Authority
CN
China
Prior art keywords
password
server
user
terminal device
access
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201811354754.1A
Other languages
Chinese (zh)
Inventor
王欣
刘大卫
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Yunge Artificial Intelligence Technology Co Ltd
Original Assignee
Shenzhen Yunge Artificial Intelligence Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Yunge Artificial Intelligence Technology Co Ltd filed Critical Shenzhen Yunge Artificial Intelligence Technology Co Ltd
Priority to CN201811354754.1A priority Critical patent/CN109547428A/en
Publication of CN109547428A publication Critical patent/CN109547428A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Storage Device Security (AREA)

Abstract

This application discloses a kind of verifying password and method, system and the storage mediums of access server.Wherein, the method for password is verified, comprising: the User ID and first password that server receiving terminal equipment is sent;Server obtains the second password corresponding with User ID;Server generates third password according to first password and the second password;Whether server authentication third password is correct;And server is in the case where verifying the correct situation of third password, request of accepting the interview.To which saboteur can not can obtain the login password of login service device needs only by the first password that user inputs.And then the technical effect for not easily causing login password to reveal when having reached user access server.And then the safety of password can't be completely secured in verifying cryptographic system when solving due to logging at present, so the technical issues of user be easy to cause the security risk of password leakage in login service device.

Description

It verifies password and accesses method, system and the storage medium of server
Technical field
This application involves computer field, more particularly to a kind of verifying password and access the method for server, system with And storage medium.
Background technique
With the development of internet technology, more and more Internet applications initially enter among the life of users, Such as: shopping website, chat software etc..It is well known that needing to register one when user accesses these applications for the first time Account and password can just log among these applications with password by account access later.So once password is revealed Go out, it will cause serious consequence, so the safety problem of user password become guarantee one of internet security it is important Project.The safety of password can't be completely secured in verifying cryptographic system when due to logging at present, so user is in login service The security hidden trouble for be easy to causeing password to reveal when device.
For it is above-mentioned it is existing in the prior art due to logging at present when verifying cryptographic system can't be completely secured The safety of password, so the technical issues of user be easy to cause the security risk of password leakage in login service device, at present still It does not put forward effective solutions.
Summary of the invention
Embodiment of the disclosure provides a kind of method, system and storage medium verified password and access server, With at least solve it is existing due to logging at present when verifying cryptographic system the safety of password can't be completely secured, so user The technical issues of security risk for be easy to causeing password to reveal in login service device.
According to the one aspect of the embodiment of the present disclosure, a kind of method for verifying password is provided, comprising: server receives eventually User ID, access request and the first password that end equipment is sent;Server obtains the second password corresponding with ID;Server root According to first password and the second password, third password is generated;Whether server authentication third password is correct;And server is being verified In the correct situation of third password, request of accepting the interview.
According to the another aspect of the embodiment of the present disclosure, a kind of method for accessing server is additionally provided, comprising: terminal device Receive the access request for requesting access to server, virtual SIM card and the first password of user's input;Terminal device asks access It asks, User ID corresponding to the user and first password are sent to server;And terminal device receives visit in response to server The operation for asking request, accesses to server.
According to the other side of the embodiment of the present disclosure, a kind of storage medium is additionally provided, storage medium includes storage Program, wherein the method as described in processor execution any of the above one in program operation.
According to the other side of the embodiment of the present disclosure, a kind of system for verifying password is additionally provided, comprising: first receives Module, User ID, access request and first password for being sent by server receiving terminal equipment;Module is obtained, is used Corresponding with ID the second password is obtained in passing through server;Generation module, for passing through server according to first password and second Password generates third password;Authentication module, for whether correct by server authentication third password;And receiving module, it uses In by server in the case where verifying the correct situation of third password, request of accepting the interview.
According to the other side of the embodiment of the present disclosure, a kind of system for accessing server is additionally provided, comprising: third connects Module is received, for receiving the access request for requesting access to server, the virtual SIM card and that user inputs by terminal device One password;Second sending module, for passing through terminal device for access request, User ID corresponding to the user and first password It is sent to server;And access modules, for being accepted the interview the operation of request by terminal device in response to server, to clothes Business device accesses.
According to the other side of the embodiment of the present disclosure, a kind of system for verifying password is additionally provided, comprising: the first processing Device;And first memory, it is connect with first processor, for providing the finger for handling following processing step for first processor It enables: User ID, access request and the first password sent by server receiving terminal equipment;Pass through server acquisition and ID Corresponding second password;By server according to first password and the second password, third password is generated;Pass through server authentication Whether three passwords are correct;And server is in the case where verifying the correct situation of third password, request of accepting the interview.
According to the other side of the embodiment of the present disclosure, a kind of system for accessing server is additionally provided, comprising: at second Manage device;And second memory, it is connect with second processor, for providing the finger for handling following processing step for second processor Enable: by terminal device receive user input the access request for requesting access to server, User ID corresponding to the user and First password;User ID and first password are sent to server by terminal device;And by terminal device in response to Server is accepted the interview the operation of request, is accessed to server.
In the embodiments of the present disclosure, server by the first password that inputs user and is pre-saved in server Second password combines, and generates third password.Then third password is compared server with preset login password, thus Server judges whether to receive user's access according to comparison result.And in the case where user has access server demands, User, which only needs to input first password, can realize the purpose of access.To reached saboteur be can not be only by user The first password of input can obtain the login password of login service device needs.And then when having reached user access server not The technical effect for easily causing login password to reveal.And then verifying cryptographic system when solving due to logging at present can't be complete Guarantee the safety of password, so the technical issues of user be easy to cause the security risk of password leakage in login service device.
Detailed description of the invention
Attached drawing described herein is used to provide further understanding of the disclosure, constitutes part of this application, this public affairs The illustrative embodiments and their description opened do not constitute the improper restriction to the disclosure for explaining the disclosure.In the accompanying drawings:
Fig. 1 is for realizing the hardware block diagram of the terminal of the method according to the embodiment of the present disclosure 1;
Fig. 2 is the schematic diagram of the system of the verifying password according to the embodiment of the present disclosure 1 and access server;
Fig. 3 is the flow diagram that the method for password is verified according to the first aspect of the embodiment of the present disclosure 1;
Fig. 4 is the schematic diagram of the virtual SIM card according to the first aspect of the embodiment of the present disclosure 1;
Fig. 5 is the flow diagram that the method for server is accessed according to the second aspect of the embodiment of the present disclosure 1;
Fig. 6 is the schematic diagram of the verifying cryptographic system according to the first aspect of the embodiment of the present disclosure 2;
Fig. 7 is the schematic diagram of the access server system according to the second aspect of the embodiment of the present disclosure 2;
Fig. 8 is the schematic diagram of the verifying cryptographic system according to the first aspect of the embodiment of the present disclosure 3;And
Fig. 9 is the schematic diagram of the access server system according to the second aspect of the embodiment of the present disclosure 3.
Specific embodiment
In order to make those skilled in the art more fully understand the technical solution of the disclosure, implement below in conjunction with the disclosure Attached drawing in example, is clearly and completely described the technical solution in the embodiment of the present disclosure.Obviously, described embodiment The only embodiment of disclosure a part, instead of all the embodiments.Based on the embodiment in the disclosure, this field is common Disclosure protection all should belong in technical staff's every other embodiment obtained without making creative work Range.
It should be noted that the specification and claims of the disclosure and term " first " in above-mentioned attached drawing, " Two " etc. be to be used to distinguish similar objects, without being used to describe a particular order or precedence order.It should be understood that using in this way Data be interchangeable under appropriate circumstances, so as to embodiment of the disclosure described herein can in addition to illustrating herein or Sequence other than those of description is implemented.In addition, term " includes " and " having " and their any deformation, it is intended that cover Cover it is non-exclusive include, for example, the process, method, system, product or equipment for containing a series of steps or units are not necessarily limited to Step or unit those of is clearly listed, but may include be not clearly listed or for these process, methods, product Or other step or units that equipment is intrinsic.
Embodiment 1
According to the present embodiment, a kind of embodiment of the method verified password and access server is additionally provided, needs to illustrate It is that step shown in the flowchart of the accompanying drawings can execute in a computer system such as a set of computer executable instructions, Also, although logical order is shown in flow charts, and it in some cases, can be to be different from sequence execution herein Shown or described step.
Embodiment of the method provided by the present embodiment can be in mobile terminal, terminal or similar arithmetic unit Middle execution.Fig. 1 show it is a kind of for realizing verifying password method and access server method terminal (or Mobile device) hardware block diagram.As shown in Figure 1, terminal 10 (or mobile device 10) may include one or more A (102a, 102b ... ... being used in figure, 102n is shown) (processor 102 can include but is not limited to micro- place to processor 102 Manage the processing unit of device MCU or programmable logic device FPGA etc.), memory 104 for storing data and for communicating The transmission module 106 of function.It in addition to this, can also include: display, input/output interface (I/O interface), general serial Port bus (USB) (a port that can be used as in the port of I/O interface is included), network interface, power supply and/or phase Machine.It will appreciated by the skilled person that structure shown in FIG. 1 is only to illustrate, not to the knot of above-mentioned electronic device It is configured to limit.For example, terminal 10 may also include than shown in Fig. 1 more perhaps less component or have with Different configuration shown in Fig. 1.
It is to be noted that said one or multiple processors 102 and/or other data processing circuits lead to herein Can often " data processing circuit " be referred to as.The data processing circuit all or part of can be presented as software, hardware, firmware Or any other combination.In addition, data processing circuit for single independent processing module or all or part of can be integrated to meter In any one in other elements in calculation machine terminal 10 (or mobile device).As involved in the embodiment of the present disclosure, The data processing circuit controls (such as the selection for the variable resistance end path connecting with interface) as a kind of processor.
Memory 104 can be used for storing the software program and module of application software, such as the verifying in the embodiment of the present disclosure The method of password and the corresponding program instruction/data storage device of method for accessing server, processor 102 are deposited by operation The software program and module stored up in memory 104 are realized above-mentioned thereby executing various function application and data processing Application program verifying password method and access server method.Memory 104 may include high speed random access memory, It may also include nonvolatile memory, as one or more magnetic storage device, flash memory or other nonvolatile solid states are deposited Reservoir.In some instances, memory 104 can further comprise the memory remotely located relative to processor 102, these are remote Journey memory can pass through network connection to terminal 10.The example of above-mentioned network includes but is not limited to internet, enterprise Intranet, local area network, mobile radio communication and combinations thereof.
Transmitting device 106 is used to that data to be received or sent via a network.Above-mentioned network specific example may include The wireless network that the communication providers of terminal 10 provide.In an example, transmitting device 106 includes that a network is suitable Orchestration (Network Interface Controller, NIC), can be connected by base station with other network equipments so as to Internet is communicated.In an example, transmitting device 106 can be radio frequency (Radio Frequency, RF) module, For wirelessly being communicated with internet.
Display can such as touch-screen type liquid crystal display (LCD), the liquid crystal display aloow user with The user interface of terminal 10 (or mobile device) interacts.
Herein it should be noted that in some optional embodiments, above-mentioned computer equipment shown in FIG. 1 (or movement is set It is standby) it may include hardware element (including circuit), software element (including the computer generation that may be stored on the computer-readable medium Code) or both hardware element and software element combination.It should be pointed out that Fig. 1 is only a reality of particular embodiment Example, and it is intended to show that the type for the component that may be present in above-mentioned computer equipment (or mobile device).
Fig. 2 is the system signal for the method verified the method for password according to the present embodiment and access server Figure.The system for example can be the interaction platform based on commercial relations, when user accesses the business interaction platform, server meeting Verify the password of user.Referring to shown in Fig. 2, which includes: server 210, operates in a block chain in server 210 211 and terminal device 220.Wherein, server 210 for example can be the server configured with interactive business platform, for User 230 provides social activity relevant to commercial affairs.User 230 can be accessed by terminal device 220 configured with business interaction The server 210 of platform.Terminal device 220 can be mobile terminal, and operation has the friendship based on commercial relations on the mobile terminal Mutual platform.Wherein, hardware configuration shown in Fig. 1 can be adapted for terminal device 220 and server shown in Fig. 2 210。
Under above-mentioned running environment, according to the first aspect of the present embodiment, a kind of method for verifying password is provided, it should Method is realized by server 210 shown in Fig. 2.Fig. 3 shows the flow diagram of this method, refering to what is shown in Fig. 3, this method Include:
S301: User ID, access request and the first password that server receiving terminal equipment is sent;
S302: server obtains the second password corresponding with User ID;
S303: server generates third password according to first password and the second password;
S304: whether server authentication third password is correct;And
S305: server is in the case where verifying the correct situation of third password, request of accepting the interview.
As described in foregoing Background, need to register account and close when user accesses application for the first time Code can just log among these applications with password by account access later.So once password leaks out, it will Cause serious consequence.The safety of password can't be completely secured in verifying cryptographic system when due to logging at present, so user The security hidden trouble for be easy to causeing password to reveal in login service device.
For it is above-mentioned due to logging at present when verifying cryptographic system the safety of password, institute can't be completely secured The technical issues of security risk for be easy to causeing password to reveal in login service device with user.Refering to what is shown in Fig. 2, the present embodiment Technical solution provided by 210 receiving terminal apparatus 220 of server send User ID, access request and first password. Wherein, first password is that user 230 passes through the required password when access server 210 of terminal device 220, and is stored in Terminal device 220 is local.Such as the first password can be one for login six passwords.Then, server 210 obtains The second password corresponding with the User ID, and obtain the second password corresponding with the User ID.
Further, server 210 is according to first password (i.e. the password of 210 receiving terminal apparatus 220 of server transmission) With the second password (i.e. server generated based on the User ID a password) generate third password (such as: the third password can To be the password being mutually spliced to form by the tail portion of first password and the stem of the second password).Then, server 210 is verified Whether the third password is correct.Finally, server 210 receives the access request in the case where confirming the correct situation of third password.
Thus in this way, the access request and first password that 210 receiving terminal apparatus 220 of server is sent, Then server 210 receives User ID from terminal device 220, and transfers the second password according to User ID.Then server 210 According to the first password and the second password, generates third password and whether verify third password correct.Finally, server 210 exists It determines in the correct situation of third password, request of accepting the interview.First password that server 210 sends terminal device 220 with Server 210 generates third password according to the second password that User ID is transferred.Then in the case where determining the correct situation of third password, Server 210 is accepted the interview request.To which saboteur can not can be logged in only by the first password that user inputs Service the password needed.And then the technical effect for not easily causing login password to reveal when having reached user access server.In turn The safety of password can't be completely secured in verifying cryptographic system when solving due to logging at present, so user is in login service The technical issues of security risk for be easy to causeing password to reveal when device.
It needs further to supplement, which can be the ID of virtual SIM card.Fig. 4 shows showing for virtual SIM card It is intended to.Apply for obtaining the request of virtual SIM card according to user 230, server 210 generates a virtual SIM card.As shown in figure 4, It include the ID for representing 240 identity of user and the two dimensional code for representing 240 identity of user on virtual SIM card.Such as, but not limited to, User 240 can be logged in by way of sweeping two dimensional code, can also be logged in by way of inputting ID.Then it services The virtual SIM card is sent to the terminal device 220 of user 230 by device 210.And server 210 is based on virtual SIM card and generates one A password (i.e. the second password) saves.When user 230 using the virtual SIM card and passes through the access service of terminal device 220 When device 210, the ID for including in virtual SIM card corresponding with user 230 is sent to server 210 by terminal device 220.
Optionally, server generates the operation of third password according to first password and the second password, including according to following institute Any one mode stated generates third password: first password is set to the second password end and is connected by server, is generated Third password;Second password is arranged server is connected with first password end, generates third password;And server will Character in character and the second password in first password carries out translocation sorting, generates third password.
Specifically, according to first password and the second password, first password can be set to the second password by server 210 End is connected, and then generates third password.Server 210 second password can also be set to the end of first password into Row linking, and then generate third password.Server 210 can also by the character in the character and the second password in first password into Row translocation sorting, and then generate third password.In this way, saboteur can not be only by the first of the input of user 230 Password obtains third password.Also, the third password that server 210 generates has diversity, and then improves the safety of password Property.
Optionally, whether server authentication third password correctly operates, comprising: it is close that server transfers preset login Code, wherein login password is the password that the first password being arranged when server accesses for the first time according to user and the second password generate; Third password is compared server with login password;And whether just server verifies third password according to comparison result Really.
Specifically, correctly whether in verifying third password operation, server 210 transfers preset step on to server 210 Record password.Wherein the login password is the password being arranged when being accessed for the first time by user 230 and server 210 according to user 230 What the password that User ID generates combined.Then server 210 compares third password and the login password, finally Whether server 210 is correct according to the result verification third password of comparison.In this way, server 210 is by first password Get up to generate third password with the second password combination, then server 210 carries out the third password and preset login password It compares, so that server 210 determines whether third password is correct, and then ensure that and carried out when user 230 accesses server 210 Secure log verifying.
Optionally, further includes: the request for the modification first password that server receiving terminal equipment is sent;And server root Login password is updated according to modified first password and the second password.
Specifically, there is the demand of modification first password in user 230, and sent out by terminal device 220 to server 210 In the case where sending modification to request, the request for the modification first password that 210 receiving terminal apparatus 220 of server is sent.Then it services Device 210 is updated login password according to modified first password and the second password.In this way, so that service Device 210 can be updated login password according to the demand of user 230, further ensure the reality of the login password of user Shi Xing, accuracy and safety, while also improving the usage experience of user.
Optionally, further includes: server receives user information relevant to the user of terminal device from terminal device;Service Device encrypts user information using public key corresponding with User ID, and generates encryption information, and wherein user information is user The information generated during accessing server;And encryption information is sent to terminal device by server.
Specifically, such as: during server of the access of user 240 configured with commercial social platform, server 210 User information relevant to the user 230 of terminal device 220 is received from terminal device 220.Then the utilization of server 210 and user The corresponding public key of 230 User ID encrypts user information, and generates encryption information.Then server 210 is by the encryption Information is sent to terminal device 220.Thus, server 210 after encrypting to user information by retransmiting to terminal device 220 mode, so that process of the user information that is generated during being interacted with server 210 of user 230 in transmission In have very high safety.
So that server 210 provided by the technical solution of the present embodiment passes through according to the first aspect of the present embodiment By first password that user 230 inputs in conjunction with the second password being pre-set in server 210, and generate third password. Then third password is compared server 210 with preset login password, so that server 210 judges according to comparison result Whether user 230 access is received.So that saboteur can not can be stepped on only by the first password that user inputs Record the login password that server needs.And then the technology effect for not easily causing login password to reveal when having reached user access server Fruit.The safety of password can't be completely secured in verifying cryptographic system when solving due to logging at present, so user is logging in The technical issues of security risk for be easy to causeing password to reveal when server.
In addition, providing a kind of method for accessing server, this method is by Fig. 2 according to the second aspect of the present embodiment Shown in terminal device 220 realize.Fig. 5 shows the flow diagram of this method, refering to what is shown in Fig. 5, this method comprises:
S501: terminal device receives the access request for requesting access to server of user's input, user corresponding to the user ID and first password;
S502: access request, User ID and first password are sent to server by terminal device;And
S503: terminal device is accepted the interview the operation of request in response to server, is accessed to server.
Specifically, refering to what is shown in Fig. 2, terminal device 220 receives the visit for requesting access to server 210 that user 220 inputs Ask request, User ID corresponding to the user and first password, wherein the first password is that user 230 passes through terminal device 220 For accessing the password of server 210.Then, access request, User ID and first password are sent to clothes by terminal device 220 Business device 210.Last terminal device 220 receives the operation of the access of user 230 in response to server 210, visits server 210 It asks.Such as: when server 210, which is accepted the interview, requests, user 230 can access server 210 by terminal device 210.
Thus in this way, so that in the case where user 230 has access 210 demand of server, user 230 The purpose of access can be realized by needing to input first password, and then verifying cryptographic system when solving due to logging at present is also The safety of password cannot be completely secured, so the technology for the security risk that user be easy to cause password to reveal in login service device Problem.
Further, wherein the User ID can be the ID of virtual SIM card.When user 230 applies obtaining to server 210 When virtual SIM card, server 210 can generate a virtual SIM card, include the ID for representing user identity on the virtual SIM card And the two dimensional code generated according to the identity information of user.
Optionally, further includes: terminal device from server receiving encryption key, wherein encryption information be server by utilizing with The corresponding public key of ID carries out the encryption information of encryption generation to the user information of the user of terminal device;Terminal device utilizes and ID Corresponding private key pair encryption information is decrypted, and obtains user information;And terminal device shows user information.
Specifically, terminal device 220 is from 210 receiving encryption key of server, and then terminal device 220 utilizes and user The encryption information is decrypted in the corresponding private key of 230 ID, and obtains user information.Then terminal device 220 shows the use Family information is browsed and is inquired for user 230.
Further, user 230 also can use private key and encrypt to user information, at this point, terminal device 220 receives The instruction encrypted using private key to user information inputted to user 230, encrypts the user information.Then terminal Equipment 220 can will carry out encrypted user information with private key and be stored in local data base according to the demand of user 230, And/or encrypted user information will be carried out with private key and be sent to server 210, to be interacted with the server 210.It is logical This mode is crossed, further the information of user is encrypted, and then increases user and is produced during accessing server The safety of raw interactive information.
It should be noted that for the various method embodiments described above, for simple description, therefore, it is stated as a series of Combination of actions, but those skilled in the art should understand that, the present invention is not limited by the sequence of acts described because According to the present invention, some steps may be performed in other sequences or simultaneously.Secondly, those skilled in the art should also know It knows, the embodiments described in the specification are all preferred embodiments, and related actions and modules is not necessarily of the invention It is necessary.
Through the above description of the embodiments, those skilled in the art can be understood that according to above-mentioned implementation The method of example can be realized by means of software and necessary general hardware platform, naturally it is also possible to by hardware, but it is very much In the case of the former be more preferably embodiment.Based on this understanding, technical solution of the present invention is substantially in other words to existing The part that technology contributes can be embodied in the form of software products, which is stored in a storage In medium (such as ROM/RAM, magnetic disk, CD), including some instructions are used so that a terminal device (can be mobile phone, calculate Machine, server or network equipment etc.) execute method described in each embodiment of the present invention.
Embodiment 2
Fig. 6 show according to the first aspect of the present embodiment verify password system 600, the system 600 with It is corresponding according to method described in the first aspect of embodiment 1.Refering to what is shown in Fig. 6, the system 600 includes: the first reception mould Block 610, User ID, access request and first password for being sent by server receiving terminal equipment;Obtain module 620, for obtaining the second password corresponding with ID by server;Generation module 630, for close according to first by server Code and the second password generate third password;Authentication module 640, for whether correct by server authentication third password;And Receiving module 650, for passing through server in the case where verifying the correct situation of third password, request of accepting the interview.
Optionally, generation module 630, generate submodule including any one as described below: first generates submodule, uses It is connected in first password is set to the second password end by server, generates third password;Second generates submodule, It is connected for the second password to be arranged by server with first password end, generates third password;And third generates Submodule, for the character in the character and the second password in first password to be carried out translocation sorting, generation the by server Three passwords.
Optionally, authentication module 640, comprising: submodule is transferred, for transferring preset login password by server, Wherein login password is the password that the first password being arranged when server accesses for the first time according to user and the second password generate;It compares Submodule, for third password to be compared with login password by server;And verifying submodule, for passing through service Whether device is correct according to comparison result verifying third password.
Optionally, further includes: modified module, the modification first password for being sent by server receiving terminal equipment Request;And update module, for by server according to modified first password and the second password to login password into Row updates.
Optionally, further includes: the second receiving module, for the use with terminal device to be received from terminal device by server The relevant user information in family;Encrypting module, for being carried out by server by utilizing public key corresponding with User ID to user information Encryption, and encryption information is generated, wherein user information is the information that user generates during accessing server;And first Sending module, for encryption information to be sent to terminal device by server.
So that system 600 provided by the technical solution of the present embodiment passes through clothes according to the first aspect of the present embodiment The first password that user inputs is generated third password in conjunction with the second password in the system that is pre-set at 600 by business device, and will Third password is compared with preset login password.To which system 600 judges whether to receive user's access according to comparison result. To which saboteur can not can obtain the login password of login service device needs only by the first password that user inputs.Into And the technical effect for not easily causing login password to reveal when having reached user access server.And then it solves due to logging at present When verifying cryptographic system the safety of password can't be completely secured, so user be easy to cause password to let out in login service device The technical issues of security risk of dew.
In addition, Fig. 7 shows the system 700 for accessing server according to the second aspect of the present embodiment, this is System 700 is corresponding with the method according to the second aspect of embodiment 1.Refering to what is shown in Fig. 7, the system 700 includes: third Receiving module 710, for receiving the access request for requesting access to server, corresponding with user of user's input by terminal device User ID and first password;Second sending module 720, for by terminal device by access request, User ID and the One password is sent to server;And access modules 730, for being accepted the interview request by terminal device in response to server Operation, accesses to server.
Optionally, further includes: the 4th receiving module, for passing through terminal device from server receiving encryption key, wherein Encryption information is that server by utilizing public key corresponding with User ID carries out encryption generation to the user information of the user of terminal device Encryption information;Deciphering module, for being decrypted by terminal device using private key pair encryption information corresponding with User ID, Obtain user information;And display module, for showing user information by terminal device.
To which in this way, so that having in user, in the case where accessing server demands, user only needs to input First password can realize the purpose of access.And then verifying cryptographic system when solving due to logging at present can't be complete Guarantee the safety of password, so the technical issues of user be easy to cause the security risk of password leakage in login service device.
Embodiment 3
Fig. 7 show according to the first aspect of the present embodiment verify password system 800, the system 800 with It is corresponding according to method described in the first aspect of embodiment 1.Refering to what is shown in Fig. 8, the system 800 includes: first processor 810;And first memory 820, it is connect with first processor 810, for providing processing following processing for first processor 810 The instruction of step: User ID, access request and the first password sent by server receiving terminal equipment;Pass through server Obtain the second password corresponding with User ID;By server according to first password and the second password, third password is generated;Pass through Whether server authentication third password is correct;And it is accepted the interview by server in the case where verifying the correct situation of third password Request.
Optionally, by server according to first password and the second password, generate the operation of third password, including according to Under any one mode generate third password: first password is set to by the second password end by server and is connected, Generate third password;The second password is arranged by server and is connected with first password end, third password is generated;And The character in the character and the second password in first password is subjected to translocation sorting by server, generates third password.
Optionally, whether correctly operated by server authentication third password, comprising: transferred by server preset Login password, wherein login password is that the first password being arranged when server accesses for the first time according to user and the second password generate Password;Third password is compared with login password by server;And by server according to comparison result verifying the Whether three passwords are correct.
Optionally, first memory 820 is also used to provide the instruction for handling following processing step for first processor 810: Pass through the request for the modification first password that server receiving terminal equipment is sent;And by server according to modified first Password and the second password are updated login password.
Optionally, first memory 820 is also used to provide the instruction for handling following processing step for first processor 810: User information relevant to the user of terminal device is received from terminal device by server;It is corresponding with ID by server by utilizing Public key user information is encrypted, and generate encryption information, wherein user information is process of the user in access server The information of middle generation;And encryption information is sent to by terminal device by server.
In addition, Fig. 9 shows a kind of system 900 of access server according to the second aspect of the present embodiment, The system 900 is corresponding with the method according to the second aspect of embodiment 1.Refering to what is shown in Fig. 9, the system 900 includes: Second processor 910;And second memory 920, it is connect with second processor 910, for providing place for second processor 910 It manages the instruction of following processing step: the access request for requesting access to server of user's input being received by terminal device and is used The corresponding User ID in family and first password;Access request, User ID and first password are sent to clothes by terminal device Business device;And accepted the interview the operation of request by terminal device in response to server, it accesses to server.
Optionally, second memory 920 is also used to provide the instruction for handling following processing step for second processor 910: By terminal device from server receiving encryption key, wherein encryption information is server by utilizing public key corresponding with ID to terminal The user information of the user of equipment carries out the encryption information of encryption generation;By terminal device using private key corresponding with ID to adding Confidential information is decrypted, and obtains user information;And user information is shown by terminal device.
To which according to the present embodiment, by the program in processor run memory, the method for executing embodiment 1 passes through Server by first password that user inputs with pre-save in conjunction in the second password in server, and generate third password. Then third password is compared with preset login password by server, to be sentenced by server according to comparison result It is disconnected whether to receive user's access.And in the case where user has access server demands, user only needs to input first close Code can realize the purpose of access.To which saboteur can not can be logged in only by the first password that user inputs The login password that server needs.And then the technology effect for not easily causing login password to reveal when having reached user access server Fruit.And then the safety of password can't be completely secured in verifying cryptographic system when solving due to logging at present, so user exists The technical issues of security risk for be easy to causeing password to reveal when login service device.
The serial number of the above embodiments of the invention is only for description, does not represent the advantages or disadvantages of the embodiments.
In the above embodiment of the invention, it all emphasizes particularly on different fields to the description of each embodiment, does not have in some embodiment The part of detailed description, reference can be made to the related descriptions of other embodiments.
In several embodiments provided herein, it should be understood that disclosed technology contents can pass through others Mode is realized.Wherein, the apparatus embodiments described above are merely exemplary, such as the division of the unit, only A kind of logical function partition, there may be another division manner in actual implementation, for example, multiple units or components can combine or Person is desirably integrated into another system, or some features can be ignored or not executed.Another point, shown or discussed is mutual Between coupling, direct-coupling or communication connection can be through some interfaces, the INDIRECT COUPLING or communication link of unit or module It connects, can be electrical or other forms.
The unit as illustrated by the separation member may or may not be physically separated, aobvious as unit The component shown may or may not be physical unit, it can and it is in one place, or may be distributed over multiple In network unit.It can select some or all of unit therein according to the actual needs to realize the mesh of this embodiment scheme 's.
It, can also be in addition, the functional units in various embodiments of the present invention may be integrated into one processing unit It is that each unit physically exists alone, can also be integrated in one unit with two or more units.Above-mentioned integrated list Member both can take the form of hardware realization, can also realize in the form of software functional units.
If the integrated unit is realized in the form of SFU software functional unit and sells or use as independent product When, it can store in a computer readable storage medium.Based on this understanding, technical solution of the present invention is substantially The all or part of the part that contributes to existing technology or the technical solution can be in the form of software products in other words It embodies, which is stored in a storage medium, including some instructions are used so that a computer Equipment (can for personal computer, server or network equipment etc.) execute each embodiment the method for the present invention whole or Part steps.And storage medium above-mentioned includes: that USB flash disk, read-only memory (ROM, Read-Only Memory), arbitrary access are deposited Various Jie that can store program code such as reservoir (RAM, RandomAccess Memory), mobile hard disk, magnetic or disk Matter.
The above is only a preferred embodiment of the present invention, it is noted that for the ordinary skill people of the art For member, various improvements and modifications may be made without departing from the principle of the present invention, these improvements and modifications are also answered It is considered as protection scope of the present invention.

Claims (10)

1. a kind of method for verifying password characterized by comprising
User ID, access request and the first password that server receiving terminal equipment is sent;
The server obtains the second password corresponding with the User ID;
The server generates third password according to the first password and second password;
Whether third password described in the server authentication is correct;And
The server receives the access request in the case where verifying the correct situation of third password.
2. the method according to claim 1, wherein being generated according to the first password and second password The operation of third password generates the third password including any one mode as described below:
The first password is set to second password end and is connected by the server, generates the third password;
Second password is arranged the server is connected with the first password end, generates the third password; And
Character in character and second password in the first password is carried out translocation sorting by the server, generates institute State third password.
3. the method according to claim 1, wherein whether third password described in the server authentication is correct Operation, comprising:
The server transfers preset login password, wherein the login password is that the server accesses for the first time according to user When the password that generates of the first password that is arranged and second password;
The third password is compared the server with the login password;And
Whether the server is correct according to the comparison result verifying third password.
4. according to the method described in claim 3, it is characterized by further comprising:
The request for the modification first password that the server receiving terminal equipment is sent;And
The server is updated the login password according to the modified first password and second password.
5. the method according to claim 1, wherein further include:
The server receives user information relevant to the user of the terminal device from the terminal device;
Server by utilizing public key corresponding with the User ID encrypts the user information, and generates encryption letter Breath, wherein the user information is the information that the user generates during accessing the server;And
The encryption information is sent to the terminal device by the server.
6. a kind of method for accessing server characterized by comprising
Terminal device receive user input the access request for requesting access to server, User ID corresponding with the user and First password;
The access request, the User ID and the first password are sent to the server by the terminal device;With And
The terminal device receives the operation of the access request in response to the server, accesses to the server.
7. according to the method described in claim 6, it is characterized by further comprising:
The terminal device is from the server receiving encryption key, wherein the encryption information is the server by utilizing and institute State the encryption information that the corresponding public key of User ID carries out encryption generation to the user information of the user of the terminal device;
The terminal device is decrypted the encryption information using private key corresponding with the User ID, obtains the user Information;And
The terminal device shows the user information.
8. a kind of storage medium, which is characterized in that the storage medium includes the program of storage, wherein run in described program When as processor perform claim require any one of 1 to 7 described in method.
9. a kind of system for verifying password characterized by comprising
First receiving module, User ID, access request and first password for being sent by server receiving terminal equipment;
Module is obtained, for obtaining the second password corresponding with the User ID by the server;
Generation module, for, according to the first password and second password, generating third password by the server;
Authentication module, for whether correct by third password described in the server authentication;And
Receiving module, for, in the case where verifying the correct situation of third password, receiving the access by the server and asking It asks.
10. a kind of system for accessing server characterized by comprising
Third receiving module, for receiving the access request for requesting access to server and the institute of user's input by terminal device State the corresponding User ID of user and first password;
Second sending module, for by the terminal device by the access request, the User ID and described first close Code is sent to the server;And
Access modules, for receiving the operation of the access request in response to the server by the terminal device, to institute Server is stated to access.
CN201811354754.1A 2018-11-14 2018-11-14 It verifies password and accesses method, system and the storage medium of server Pending CN109547428A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811354754.1A CN109547428A (en) 2018-11-14 2018-11-14 It verifies password and accesses method, system and the storage medium of server

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811354754.1A CN109547428A (en) 2018-11-14 2018-11-14 It verifies password and accesses method, system and the storage medium of server

Publications (1)

Publication Number Publication Date
CN109547428A true CN109547428A (en) 2019-03-29

Family

ID=65847572

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811354754.1A Pending CN109547428A (en) 2018-11-14 2018-11-14 It verifies password and accesses method, system and the storage medium of server

Country Status (1)

Country Link
CN (1) CN109547428A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112559991A (en) * 2020-12-21 2021-03-26 深圳市科力锐科技有限公司 System secure login method, device, equipment and storage medium
CN114615279A (en) * 2022-03-18 2022-06-10 中央财经大学 Credible multi-party data cooperation method and system based on block chain technology

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2007164337A (en) * 2005-12-12 2007-06-28 Hitachi Software Eng Co Ltd Authentication system
CN104113556A (en) * 2014-07-31 2014-10-22 国家超级计算深圳中心(深圳云计算中心) Network logon authentication method and system, mobile terminal and application server
CN106533677A (en) * 2016-12-30 2017-03-22 四川九洲电器集团有限责任公司 User login method, user terminal and server
US20170093862A1 (en) * 2015-09-29 2017-03-30 International Business Machines Corporation Cognitive password entry system
CN107070896A (en) * 2017-03-20 2017-08-18 智牛股权投资基金(平潭)合伙企业(有限合伙) A kind of safe and efficient block chain customization login method and security hardening system
CN107317791A (en) * 2016-12-15 2017-11-03 平安科技(深圳)有限公司 Login validation method, logging request method and Security Login System

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2007164337A (en) * 2005-12-12 2007-06-28 Hitachi Software Eng Co Ltd Authentication system
CN104113556A (en) * 2014-07-31 2014-10-22 国家超级计算深圳中心(深圳云计算中心) Network logon authentication method and system, mobile terminal and application server
US20170093862A1 (en) * 2015-09-29 2017-03-30 International Business Machines Corporation Cognitive password entry system
CN107317791A (en) * 2016-12-15 2017-11-03 平安科技(深圳)有限公司 Login validation method, logging request method and Security Login System
CN106533677A (en) * 2016-12-30 2017-03-22 四川九洲电器集团有限责任公司 User login method, user terminal and server
CN107070896A (en) * 2017-03-20 2017-08-18 智牛股权投资基金(平潭)合伙企业(有限合伙) A kind of safe and efficient block chain customization login method and security hardening system

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112559991A (en) * 2020-12-21 2021-03-26 深圳市科力锐科技有限公司 System secure login method, device, equipment and storage medium
CN114615279A (en) * 2022-03-18 2022-06-10 中央财经大学 Credible multi-party data cooperation method and system based on block chain technology
CN114615279B (en) * 2022-03-18 2023-06-20 中央财经大学 Trusted multiparty data collaboration method and system based on blockchain technology

Similar Documents

Publication Publication Date Title
CN105359486B (en) Resource is accessed using agent security
CN101171782B (en) Peer-to-peer authentication and authorization
CN110351228A (en) Remote entry method, device and system
JP6482601B2 (en) Management of secure transactions between electronic devices and service providers
CN104917807B (en) Resource transfers methods, devices and systems
CN105556891B (en) Method, system and the storage medium of session token are sent by passive client
CN105007577B (en) A kind of virtual SIM card parameter management method, mobile terminal and server
CN108351927A (en) For access management without cipher authentication
CN105359491A (en) User authentication in a cloud environment
CN109714168A (en) Trusted remote method of proof, device and system
CN105210327A (en) Providing devices as a service
CN104717261A (en) Login method and desktop management device
CN109873808A (en) Communication means and device, storage medium and electronic equipment between block chain node
CN105027107A (en) Secure virtual machine migration
CN111064749B (en) Network connection method, device and storage medium
CN106576043A (en) Virally distributable trusted messaging
EP2894891A2 (en) Mobile token
CN109905474A (en) Data safety sharing method and device based on block chain
CN110399717A (en) Key acquisition method and device, storage medium and electronic device
CN108737080A (en) Storage method, device, system and the equipment of password
CN110692073A (en) Configuration of card accounts based on notifications
CN109327431A (en) Handle the resource request in mobile device
CN110278179A (en) Single-point logging method, device and system and electronic equipment
CN110377856A (en) Netpage registration method, system, equipment and computer storage medium
CN109815659A (en) Safety certifying method, device, electronic equipment and storage medium based on WEB project

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20190329

RJ01 Rejection of invention patent application after publication