CN114745173B - Login verification method, login verification device, computer equipment and storage medium - Google Patents
Login verification method, login verification device, computer equipment and storage medium Download PDFInfo
- Publication number
- CN114745173B CN114745173B CN202210367756.4A CN202210367756A CN114745173B CN 114745173 B CN114745173 B CN 114745173B CN 202210367756 A CN202210367756 A CN 202210367756A CN 114745173 B CN114745173 B CN 114745173B
- Authority
- CN
- China
- Prior art keywords
- hash value
- user login
- login password
- user
- hash
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The application relates to a login verification method, a login verification device, computer equipment, a storage medium and a computer program product. The method comprises the following steps: acquiring a user login password transmitted by a client; judging whether the user login password is subjected to hash calculation or not according to the data characteristics of the user login password; if the user login password is subjected to hash calculation, carrying out hash calculation on the user login password again to obtain a secondary hash value; if the user login password is not subjected to hash calculation, performing hash calculation on the user login password to obtain a primary hash value, and performing hash calculation on the primary hash value again to obtain a secondary hash value; and comparing the secondary hash value with a locally stored target hash value, if the secondary hash value is consistent with the target hash value, verifying the validity of the user identity through comparing the secondary hash value with the target hash value, and improving the login verification efficiency.
Description
Technical Field
The present invention relates to the field of network security technologies, and in particular, to a login verification method, a login verification device, a computer device, a storage medium, and a program product.
Background
With the development of internet technology, more and more data are collected, and the problem of data security becomes an important problem to be solved currently.
In the current data transmission process, firstly, the validity of the user identity is verified, and the user password is stored in a server side to verify the user identity. However, the user password stored in the server is usually an encrypted password, and the user password is decrypted and then verified in the server, so that the server needs to interact with the client many times, and login verification efficiency is low.
Disclosure of Invention
In view of the foregoing, it is desirable to provide a login authentication method, apparatus, computer device, computer-readable storage medium, and computer program product that can improve authentication efficiency.
In a first aspect, the present application provides a login authentication method. The method comprises the following steps:
acquiring a user login password transmitted by a client;
judging whether the user login password is subjected to hash calculation or not according to the data characteristics of the user login password;
if the user login password is subjected to hash calculation, carrying out hash calculation on the user login password again to obtain a secondary hash value;
if the user login password is not subjected to hash calculation, performing hash calculation on the user login password to obtain a primary hash value, and performing hash calculation on the primary hash value again to obtain a secondary hash value;
and comparing the secondary hash value with a locally stored target hash value, and if the secondary hash value is consistent with the target hash value, verifying, wherein the target hash value is obtained by carrying out hash calculation on an original primary hash value again, and the original primary hash value is obtained by carrying out hash calculation on a user original password by a client.
In one embodiment, determining whether the user login password is hashed according to the data characteristic of the user login password includes: acquiring the length characteristics of a user login password and presetting the length of a hash value; and judging whether the user login password carries out hash calculation according to whether the length characteristics of the user login password are consistent with the length of the preset hash value.
In one embodiment, the preset hash value length is greater than the user's original password length.
In one embodiment, determining whether the user login password is hashed according to the data characteristic of the user login password includes: acquiring character characteristics of a user login password and presetting a magic character string; and judging whether the user login password carries out hash calculation according to whether a preset magic character string exists in character characteristics of the user login password.
In one embodiment, obtaining the user login password transmitted by the client includes: acquiring a login request sent by a client, and analyzing the login request to obtain a user identifier and a user login password; before comparing the secondary hash value with the locally stored target hash value, the method further comprises: and acquiring the locally stored target hash value according to the user identifier.
In one embodiment, the login request is generated by the client in response to user login operation and after judging whether the client is locally provided with a hash calculation tool; if the client side locally has a hash calculation tool, the user login password is hashed, and a login request is generated according to the user login password of Ha Xihou and the user identifier; if the client does not have a hash calculation tool locally, a login request is generated according to the user login password and the user identifier.
In a second aspect, the present application further provides a login verification device. The device comprises:
the acquisition module is used for acquiring a user login password transmitted by the client;
the judging module is used for judging whether the user login password is subjected to hash calculation or not according to the data characteristics of the user login password;
the computing module is used for carrying out hash computation on the user login password again if the user login password is subjected to hash computation, so as to obtain a secondary hash value;
the calculation module is further used for carrying out hash calculation on the user login password to obtain a primary hash value if the user login password is not subjected to hash calculation, and carrying out hash calculation on the primary hash value again to obtain a secondary hash value;
and the comparison module is used for comparing the secondary hash value with a locally stored target hash value, and if the secondary hash value is consistent with the target hash value, the verification is passed, wherein the target hash value is obtained by carrying out hash calculation on an original primary hash value again, and the original primary hash value is obtained by carrying out hash calculation on an original password of a user by a client.
In a third aspect, the present application also provides a computer device. The computer device comprises a memory storing a computer program and a processor which when executing the computer program performs the steps of:
acquiring a user login password transmitted by a client;
judging whether the user login password is subjected to hash calculation or not according to the data characteristics of the user login password;
if the user login password is subjected to hash calculation, carrying out hash calculation on the user login password again to obtain a secondary hash value;
if the user login password is not subjected to hash calculation, performing hash calculation on the user login password to obtain a primary hash value, and performing hash calculation on the primary hash value again to obtain a secondary hash value;
and comparing the secondary hash value with a locally stored target hash value, and if the secondary hash value is consistent with the target hash value, verifying, wherein the target hash value is obtained by carrying out hash calculation on an original primary hash value again, and the original primary hash value is obtained by carrying out hash calculation on a user original password by a client.
In a fourth aspect, the present application also provides a computer-readable storage medium. The computer readable storage medium having stored thereon a computer program which when executed by a processor performs the steps of:
acquiring a user login password transmitted by a client;
judging whether the user login password is subjected to hash calculation or not according to the data characteristics of the user login password;
if the user login password is subjected to hash calculation, carrying out hash calculation on the user login password again to obtain a secondary hash value;
if the user login password is not subjected to hash calculation, performing hash calculation on the user login password to obtain a primary hash value, and performing hash calculation on the primary hash value again to obtain a secondary hash value;
and comparing the secondary hash value with a locally stored target hash value, and if the secondary hash value is consistent with the target hash value, verifying, wherein the target hash value is obtained by carrying out hash calculation on an original primary hash value again, and the original primary hash value is obtained by carrying out hash calculation on a user original password by a client.
In a fifth aspect, the present application also provides a computer program product. The computer program product comprising a computer program which, when executed by a processor, performs the steps of:
acquiring a user login password transmitted by a client;
judging whether the user login password is subjected to hash calculation or not according to the data characteristics of the user login password;
if the user login password is subjected to hash calculation, carrying out hash calculation on the user login password again to obtain a secondary hash value;
if the user login password is not subjected to hash calculation, performing hash calculation on the user login password to obtain a primary hash value, and performing hash calculation on the primary hash value again to obtain a secondary hash value;
and comparing the secondary hash value with a locally stored target hash value, and if the secondary hash value is consistent with the target hash value, verifying, wherein the target hash value is obtained by carrying out hash calculation on an original primary hash value again, and the original primary hash value is obtained by carrying out hash calculation on a user original password by a client.
The login verification method, the login verification device, the computer equipment, the storage medium and the computer program product acquire a user login password transmitted by a client; judging whether the user login password is subjected to hash calculation or not according to the data characteristics of the user login password; if the user login password is subjected to hash calculation, carrying out hash calculation on the user login password again to obtain a secondary hash value; if the user login password is not subjected to hash calculation, performing hash calculation on the user login password to obtain a primary hash value, and performing hash calculation on the primary hash value again to obtain a secondary hash value; and comparing the secondary hash value with a locally stored target hash value, and if the secondary hash value is consistent with the target hash value, verifying, wherein the target hash value is obtained by carrying out hash calculation on an original primary hash value again, and the original primary hash value is obtained by carrying out hash calculation on a user original password by a client. The whole scheme judges whether the user login password is subjected to hash calculation or not in the password verification process, if so, the user login password is subjected to hash again to obtain a secondary hash value, if not, the user login password is directly subjected to hash calculation twice to obtain a secondary hash value, and finally, the validity of the user identity is verified through comparison of the secondary hash value and the target hash value, so that the login verification efficiency is improved.
Drawings
FIG. 1 is an application environment diagram of a login authentication method in one embodiment;
FIG. 2 is a flow diagram of a login verification method in one embodiment;
FIG. 3 is a flow diagram of a login verification step in one embodiment;
FIG. 4 is a block diagram of a login authentication device according to one embodiment;
fig. 5 is an internal structural diagram of a computer device in one embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application will be further described in detail with reference to the accompanying drawings and examples. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the present application.
The login verification method provided by the embodiment of the application can be applied to an application environment shown in fig. 1. Wherein the client 102 communicates with the server 104 via a network. The data storage system may store data that the server 104 needs to process. The data storage system may be integrated on the server 104 or may be located on a cloud or other network server. The server 104 obtains a user login password transmitted by a client; judging whether the user login password is subjected to hash calculation or not according to the data characteristics of the user login password; if the user login password is subjected to hash calculation, carrying out hash calculation on the user login password again to obtain a secondary hash value; if the user login password is not subjected to hash calculation, performing hash calculation on the user login password to obtain a primary hash value, and performing hash calculation on the primary hash value again to obtain a secondary hash value; and comparing the secondary hash value with a locally stored target hash value, if the secondary hash value is consistent with the target hash value, passing the verification, and pushing verification passing information to the client 102, wherein the target hash value is obtained by performing hash calculation on an original primary hash value again, and the original primary hash value is obtained by performing hash calculation on an original password of the user by the client. The client 102 may be, but not limited to, various personal computers, notebook computers, smart phones, tablet computers, internet of things devices, and portable wearable devices, where the internet of things devices may be smart speakers, smart televisions, smart air conditioners, smart vehicle devices, and the like. The portable wearable device may be a smart watch, smart bracelet, headset, or the like. The server 104 may be implemented as a stand-alone server or as a server cluster of multiple servers.
In one embodiment, as shown in fig. 2, a login verification method is provided, and the method is applied to the server in fig. 1 for illustration, and includes the following steps:
Specifically, the server acquires a login request sent by the client, and analyzes the login request to obtain a user login password.
Step 204, judging whether the user login password is subjected to hash calculation or not according to the data characteristics of the user login password.
The data characteristic of the user login password can be a length characteristic or a character characteristic.
Specifically, the server extracts the data characteristic of the user login password to obtain a length characteristic or a character characteristic, and judges whether the user login password is subjected to hash calculation or not according to the length characteristic or the character characteristic of the user login password.
The Hash calculation process in the embodiment of the application is a unidirectional irreversible encryption Algorithm, which can be an SHA (Secure Hash Algorithm ), an MD5 (MD 5 Message-Digest Algorithm), an HMAC (Hash-based Message Authentication Code, hash Message authentication code) Algorithm, and the like, so that the security of storing the user password at the server side is ensured.
And 206, if the user login password is subjected to hash calculation, performing hash calculation on the user login password again to obtain a secondary hash value.
Specifically, if the server judges that the user login password is subjected to hash calculation, the user password is subjected to hash calculation again to obtain a secondary hash value, at this time, the first hash calculation in the secondary hash value is performed at the client, and the second hash calculation is performed at the server.
And step 208, if the user login password is not subjected to hash calculation, performing hash calculation on the user login password to obtain a primary hash value, and performing hash calculation on the primary hash value again to obtain a secondary hash value.
Specifically, if the server judges that the user login password is subjected to hash calculation, performing hash calculation on the user password to obtain a primary hash value, performing hash calculation on the primary hash value again to obtain a secondary hash value, and performing both the primary hash calculation and the secondary hash calculation in the secondary hash value at the moment.
The target hash value is obtained by carrying out hash calculation on the original primary hash value again, and the original primary hash value is obtained by carrying out hash calculation on the original password of the user by the client.
Specifically, the server acquires a stored target hash value from the local database, compares the secondary hash value with the locally stored target hash value, if the secondary hash value is consistent with the target hash value, the verification is passed, and a verification passing request is pushed to the client.
In the login verification method, a user login password transmitted by a client is obtained; judging whether the user login password is subjected to hash calculation or not according to the data characteristics of the user login password; if the user login password is subjected to hash calculation, carrying out hash calculation on the user login password again to obtain a secondary hash value; if the user login password is not subjected to hash calculation, performing hash calculation on the user login password to obtain a primary hash value, and performing hash calculation on the primary hash value again to obtain a secondary hash value; and comparing the secondary hash value with a locally stored target hash value, and if the secondary hash value is consistent with the target hash value, verifying, wherein the target hash value is obtained by carrying out hash calculation on an original primary hash value again, and the original primary hash value is obtained by carrying out hash calculation on a user original password by a client. The whole scheme judges whether the user login password is subjected to hash calculation or not in the password verification process, if so, the user login password is subjected to hash again to obtain a secondary hash value, if not, the user login password is directly subjected to hash calculation twice to obtain a secondary hash value, and finally, the validity of the user identity is verified through comparison of the secondary hash value and the target hash value, so that the login verification efficiency is improved.
In an alternative embodiment, obtaining the user login password transmitted by the client includes: acquiring a login request sent by a client, and analyzing the login request to obtain a user identifier and a user login password; before comparing the secondary hash value with the locally stored target hash value, the method further comprises: and acquiring the locally stored target hash value according to the user identifier.
Specifically, the server acquires a login request sent by the client, analyzes the login request, and analyzes the login request to obtain a user identifier and a user login password. The server extracts the data characteristic of the user login password to obtain a length characteristic or a character characteristic, and judges whether the user login password is subjected to hash calculation or not according to the length characteristic or the character characteristic of the user login password. If the server judges that the user login password is subjected to hash calculation, the user password is subjected to hash calculation again, and a secondary hash value is obtained. If the server judges that the user login password is subjected to hash calculation, performing hash calculation on the user password to obtain a primary hash value, and performing hash calculation on the primary hash value again to obtain a secondary hash value. The server acquires a target hash value corresponding to the user identifier from a local database according to the locally stored target hash value, compares the secondary hash value with the locally stored target hash value, and if the secondary hash value is consistent with the target hash value, the verification is passed, and a verification passing request is pushed to the client.
In an alternative embodiment, the login request is generated after the client responds to the user login operation and judges whether the client has a hash calculation tool locally; if the client side locally has a hash calculation tool, the user login password is hashed, and a login request is generated according to the user login password of Ha Xihou and the user identifier; if the client does not have a hash calculation tool locally, a login request is generated according to the user login password and the user identifier.
Specifically, after the client monitors the user login operation, responding to the user login operation, judging whether the client locally has a hash calculation tool, if the client locally has the hash calculation tool, hashing the user login password, and generating a login request according to the user login password and the user identifier of Ha Xihou; if the client does not have a hash calculation tool locally, a login request is generated according to the user login password and the user identifier. Further, since the hash computation is implemented through the javascript, if the javascript plug-in of the client is disabled, the client does not have a hash computation tool locally.
In an alternative embodiment, determining whether the user login password is hashed according to the data characteristic of the user login password includes: acquiring the length characteristics of a user login password and presetting the length of a hash value; and judging whether the user login password carries out hash calculation according to whether the length characteristics of the user login password are consistent with the length of the preset hash value.
Specifically, the server extracts the length characteristic of the user login password according to the number of digits of the user login password, acquires the preset hash value length stored locally, and judges whether the user login password is subjected to hash calculation according to whether the length characteristic of the user login password is consistent with the preset hash value length. Since Ha Xiji is to calculate the data as another fixed length value, hash calculation is performed on different numbers, and the lengths of the obtained numbers are the same. If the length characteristic of the user login password is equal to the length of the preset hash value, the user login password is subjected to hash calculation. If the length characteristic of the user login password is smaller than the length of the preset hash value, the user login password is not subjected to hash calculation.
In the embodiment, the server judges whether the user login password is subjected to hash calculation or not according to the length characteristics of the user login password, so that the method is simple and efficient, and the password verification efficiency is further improved.
In an alternative embodiment, the preset hash value length is greater than the user's original password length. Therefore, the accuracy of whether the hash calculation judgment is carried out according to the length characteristics of the user login password can be ensured, and the length limitation can be carried out when the user sets the password, so that the original password length of the user is smaller than the length of a preset hash value, and the length of the preset hash value is larger than the length of the user login password in the same way.
In an alternative embodiment, determining whether the user login password is hashed according to the data characteristic of the user login password includes: acquiring character characteristics of a user login password and presetting a magic character string; and judging whether the user login password carries out hash calculation according to whether a preset magic character string exists in character characteristics of the user login password.
The preset magic character string refers to a sign character string added to the prefix of the user login password, or a sign character string added to the suffix of the user login password, or a sign character string added to the prefix and the suffix of the user login password at the same time.
Specifically, the server extracts character characteristics of the user login password according to the constituent characters of the user login password, acquires a locally stored preset magic character string, and judges whether the user login password is subjected to hash calculation by judging whether the preset magic character string exists in the character characteristics of the user login password. If the character characteristics of the user login password have the preset magic character strings, the user login password is subjected to hash calculation. If the character characteristics of the user login password do not have the preset magic character strings, the user login password is not subjected to hash calculation.
In this embodiment, after performing hash calculation on the user login password, the client adds a preset magic string to the prefix, the suffix or one of the user login password after the hash calculation, generates a login request according to the user login password and the user identifier added with the preset magic string, and sends the login request to the server.
In the embodiment, the server judges whether the user login password is subjected to hash calculation or not according to the character characteristics of the user login password, so that the method is simple and efficient, and the password verification efficiency is further improved.
In order to easily understand the technical solution provided in the embodiments of the present application, as shown in fig. 3, a complete login verification process is used to briefly describe the login verification method provided in the embodiments of the present application:
(1) And the client responds to the user login operation and acquires the user identification and the user login password.
(2) The client judges whether the local has a hash calculation tool.
(3) If the client locally has a hash calculation tool, the user login password is hashed, and a login request is generated according to the user login password and the user identifier of Ha Xihou.
(4) If the client does not have a hash calculation tool locally, a login request is generated according to the user login password and the user identifier.
(5) The server acquires a login request sent by the client, analyzes the login request, and analyzes the login request to obtain a user identifier and a user login password.
(6) And the server extracts the data characteristics of the user login password to obtain the length characteristics or the character characteristics.
(7) And the server judges whether the user login password is subjected to hash calculation according to the length characteristics or character characteristics of the user login password.
(8) If the server judges that the user login password is subjected to hash calculation, performing hash calculation on the user password to obtain a primary hash value, and performing hash calculation on the primary hash value again to obtain a secondary hash value.
(9) If the server judges that the user login password is subjected to hash calculation, the user password is subjected to hash calculation again, and a secondary hash value is obtained.
(10) The server acquires a target hash value corresponding to the user identifier from a local database according to the locally stored target hash value, compares the secondary hash value with the locally stored target hash value, and if the secondary hash value is consistent with the target hash value, the verification is passed.
It should be understood that, although the steps in the flowcharts related to the embodiments described above are sequentially shown as indicated by arrows, these steps are not necessarily sequentially performed in the order indicated by the arrows. The steps are not strictly limited to the order of execution unless explicitly recited herein, and the steps may be executed in other orders. Moreover, at least some of the steps in the flowcharts described in the above embodiments may include a plurality of steps or a plurality of stages, which are not necessarily performed at the same time, but may be performed at different times, and the order of the steps or stages is not necessarily performed sequentially, but may be performed alternately or alternately with at least some of the other steps or stages.
Based on the same inventive concept, the embodiment of the application also provides a login verification device for realizing the login verification method. The implementation of the solution provided by the device is similar to the implementation described in the above method, so the specific limitation in one or more embodiments of the login verification device provided below may refer to the limitation of the login verification method described above, and will not be repeated here.
In one embodiment, as shown in fig. 4, there is provided a login authentication apparatus including: an acquisition module 402, a judgment module 404, a calculation module 406, and a comparison module 408, wherein:
an obtaining module 402, configured to obtain a user login password transmitted by a client;
a judging module 404, configured to judge whether the user login password performs hash calculation according to the data feature of the user login password;
the calculation module 406 is configured to perform hash calculation on the user login password again if the user login password is subjected to hash calculation, so as to obtain a secondary hash value;
the calculation module 406 is further configured to perform hash calculation on the user login password if the user login password is not subjected to hash calculation, so as to obtain a primary hash value, and perform hash calculation on the primary hash value again, so as to obtain a secondary hash value;
and the comparison module 408 is configured to compare the secondary hash value with a locally stored target hash value, and if the secondary hash value is consistent with the target hash value, the verification is passed, wherein the target hash value is obtained by performing hash calculation on an original primary hash value again, and the original primary hash value is obtained by performing hash calculation on an original password of the user by the client.
In an alternative embodiment, the determining module 404 is further configured to obtain a length characteristic of the user login password and a preset hash value length; and judging whether the user login password carries out hash calculation according to whether the length characteristics of the user login password are consistent with the length of the preset hash value.
In an alternative embodiment, the preset hash value length is greater than the user's original password length.
In an alternative embodiment, the judging module 404 is further configured to obtain a character feature of the user login password and a preset magic string; and judging whether the user login password carries out hash calculation according to whether a preset magic character string exists in character characteristics of the user login password.
In an optional embodiment, the obtaining module 402 is further configured to obtain a login request sent by the client, and parse the login request to obtain a user identifier and a user login password; before comparing the secondary hash value with the locally stored target hash value, the method further comprises: and acquiring the locally stored target hash value according to the user identifier.
In an optional embodiment, the login verification module further includes a login request generation module, configured to determine, by the client, whether the client has a hash calculation tool locally and generate the login request in response to a user login operation; if the client side locally has a hash calculation tool, the user login password is hashed, and a login request is generated according to the user login password of Ha Xihou and the user identifier; if the client does not have a hash calculation tool locally, a login request is generated according to the user login password and the user identifier.
The above-described modules in the login authentication apparatus may be implemented in whole or in part by software, hardware, and combinations thereof. The above modules may be embedded in hardware or may be independent of a processor in the computer device, or may be stored in software in a memory in the computer device, so that the processor may call and execute operations corresponding to the above modules.
In one embodiment, a computer device is provided, which may be a server, the internal structure of which may be as shown in fig. 5. The computer device includes a processor, a memory, and a network interface connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device includes a non-volatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, computer programs, and a database. The internal memory provides an environment for the operation of the operating system and computer programs in the non-volatile storage media. The database of the computer device is used for storing a target hash value, a preset hash value length and a preset magic string. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program, when executed by a processor, implements a login authentication method.
It will be appreciated by those skilled in the art that the structure shown in fig. 5 is merely a block diagram of some of the structures associated with the present application and is not limiting of the computer device to which the present application may be applied, and that a particular computer device may include more or fewer components than shown, or may combine certain components, or have a different arrangement of components.
In an embodiment, there is also provided a computer device comprising a memory and a processor, the memory having stored therein a computer program, the processor implementing the steps of the method embodiments described above when the computer program is executed.
In one embodiment, a computer-readable storage medium is provided, on which a computer program is stored which, when executed by a processor, carries out the steps of the method embodiments described above.
In an embodiment, a computer program product is provided, comprising a computer program which, when executed by a processor, implements the steps of the method embodiments described above.
It should be noted that, the user information (including, but not limited to, a user identifier, a user login password, etc.) and the data (including, but not limited to, data for analysis, stored data, presented data, etc.) referred to in the present application are information and data authorized by the user or sufficiently authorized by each party.
Those skilled in the art will appreciate that implementing all or part of the above described methods may be accomplished by way of a computer program stored on a non-transitory computer readable storage medium, which when executed, may comprise the steps of the embodiments of the methods described above. Any reference to memory, database, or other medium used in the various embodiments provided herein may include at least one of non-volatile and volatile memory. The nonvolatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical Memory, high density embedded nonvolatile Memory, resistive random access Memory (ReRAM), magnetic random access Memory (Magnetoresistive Random Access Memory, MRAM), ferroelectric Memory (Ferroelectric Random Access Memory, FRAM), phase change Memory (Phase Change Memory, PCM), graphene Memory, and the like. Volatile memory can include random access memory (Random Access Memory, RAM) or external cache memory, and the like. By way of illustration, and not limitation, RAM can be in the form of a variety of forms, such as static random access memory (Static Random Access Memory, SRAM) or dynamic random access memory (Dynamic Random Access Memory, DRAM), and the like. The databases referred to in the various embodiments provided herein may include at least one of relational databases and non-relational databases. The non-relational database may include, but is not limited to, a blockchain-based distributed database, and the like. The processors referred to in the embodiments provided herein may be general purpose processors, central processing units, graphics processors, digital signal processors, programmable logic units, quantum computing-based data processing logic units, etc., without being limited thereto.
The technical features of the above embodiments may be arbitrarily combined, and all possible combinations of the technical features in the above embodiments are not described for brevity of description, however, as long as there is no contradiction between the combinations of the technical features, they should be considered as the scope of the description.
The above examples only represent a few embodiments of the present application, which are described in more detail and are not to be construed as limiting the scope of the present application. It should be noted that it would be apparent to those skilled in the art that various modifications and improvements could be made without departing from the spirit of the present application, which would be within the scope of the present application. Accordingly, the scope of protection of the present application shall be subject to the appended claims.
Claims (10)
1. A login authentication method, the method comprising:
acquiring a user login password transmitted by a client;
judging whether the user login password carries out hash calculation or not according to the data characteristics of the user login password; wherein, the data characteristic of the user login password comprises a length characteristic or a character characteristic;
if the user login password is subjected to hash calculation, carrying out hash calculation on the user login password again to obtain a secondary hash value;
if the user login password is not subjected to hash calculation, performing hash calculation on the user login password to obtain a primary hash value, and performing hash calculation on the primary hash value again to obtain a secondary hash value;
comparing the secondary hash value with a locally stored target hash value, and if the secondary hash value is consistent with the target hash value, passing verification, wherein the target hash value is obtained by performing hash calculation on an original primary hash value again, and the original primary hash value is obtained by performing hash calculation on a user original password by a client;
the obtaining the user login password transmitted by the client comprises the following steps:
acquiring a login request sent by a client, and analyzing the login request to obtain a user identifier and a user login password;
and the login request is generated after the client responds to user login operation and judges whether the client locally has a hash calculation tool.
2. The method of claim 1, wherein determining whether the user login password is hashed based on the data characteristic of the user login password comprises:
acquiring the length characteristics of the user login password and the length of a preset hash value;
and judging whether the user login password carries out hash calculation or not according to whether the length characteristics of the user login password are consistent with the length of the preset hash value.
3. The method of claim 2, wherein the predetermined hash value length is greater than the user's original password length.
4. The method of claim 1, wherein determining whether the user login password is hashed based on the data characteristic of the user login password comprises:
acquiring character characteristics of the user login password and a preset magic character string;
and judging whether the user login password carries out hash calculation or not according to whether a preset magic character string exists in character characteristics of the user login password.
5. The method of claim 1, wherein prior to comparing the secondary hash value with a locally stored target hash value, further comprising:
and acquiring a locally stored target hash value according to the user identifier.
6. The method of claim 1, wherein if the client has a hash computation tool locally, hashing the user login password, and generating a login request according to the user login password of Ha Xihou and a user identifier; and if the client does not have a hash calculation tool locally, generating a login request according to the user login password and the user identifier.
7. A login authentication device, the device comprising:
the acquisition module is used for acquiring a user login password transmitted by the client;
the judging module is used for judging whether the user login password is subjected to hash calculation or not according to the data characteristics of the user login password; wherein, the data characteristic of the user login password comprises a length characteristic or a character characteristic;
the computing module is used for carrying out hash computation on the user login password again if the user login password is subjected to hash computation, so as to obtain a secondary hash value;
the calculation module is further used for carrying out hash calculation on the user login password to obtain a primary hash value if the user login password is not subjected to hash calculation, and carrying out hash calculation on the primary hash value again to obtain a secondary hash value;
the comparison module is used for comparing the secondary hash value with a locally stored target hash value, and if the secondary hash value is consistent with the target hash value, verification is passed, wherein the target hash value is obtained by carrying out hash calculation on an original primary hash value again, and the original primary hash value is obtained by carrying out hash calculation on an original password of a user by a client;
the acquisition module is also used for acquiring a login request sent by the client, analyzing the login request and obtaining a user identifier and a user login password; and the login request is generated after the client responds to user login operation and judges whether the client locally has a hash calculation tool.
8. The apparatus of claim 7, wherein the determining module is further configured to obtain a length characteristic of the user login password and a preset hash value length;
and judging whether the user login password carries out hash calculation or not according to whether the length characteristics of the user login password are consistent with the length of the preset hash value.
9. A computer device comprising a memory and a processor, the memory storing a computer program, characterized in that the processor implements the steps of the method of any of claims 1 to 6 when the computer program is executed.
10. A computer readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements the steps of the method of any of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210367756.4A CN114745173B (en) | 2022-04-08 | 2022-04-08 | Login verification method, login verification device, computer equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210367756.4A CN114745173B (en) | 2022-04-08 | 2022-04-08 | Login verification method, login verification device, computer equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114745173A CN114745173A (en) | 2022-07-12 |
| CN114745173B true CN114745173B (en) | 2023-04-25 |
Family
ID=82280147
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210367756.4A Active CN114745173B (en) | 2022-04-08 | 2022-04-08 | Login verification method, login verification device, computer equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114745173B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115378694A (en) * | 2022-08-19 | 2022-11-22 | 山东大学 | Login verification method and system |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2007060581A (en) * | 2005-08-26 | 2007-03-08 | Nomura Research Institute Ltd | Information management system and method |
| CN107911343B (en) * | 2017-10-27 | 2020-09-15 | 深圳英飞拓科技股份有限公司 | Secure password storage verification method and device |
| CN109347835B (en) * | 2018-10-24 | 2021-09-07 | 苏州科达科技股份有限公司 | Information transmission method, client, server, and computer-readable storage medium |
| CN111553693A (en) * | 2020-05-21 | 2020-08-18 | 陈议尊 | Associated certificate storage method and system based on secondary hash |
| CN111639357B (en) * | 2020-06-05 | 2023-05-16 | 杭州安恒信息技术股份有限公司 | Encryption network disk system and authentication method and device thereof |
| CN111523124B (en) * | 2020-07-06 | 2020-10-13 | 飞天诚信科技股份有限公司 | Cloud sound box firmware protection method and system |
-
2022
- 2022-04-08 CN CN202210367756.4A patent/CN114745173B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN114745173A (en) | 2022-07-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10803205B1 (en) | Retrieving public data for blockchain networks using trusted execution environments | |
| US11586714B2 (en) | Verification request authentication machine | |
| US11481480B2 (en) | Verification request authentication machine | |
| US9602280B2 (en) | System and method for content encryption in a key/value store | |
| CN113704357A (en) | Smart city data sharing method and system based on block chain | |
| CN114745173B (en) | Login verification method, login verification device, computer equipment and storage medium | |
| CN111475690B (en) | Character string matching method and device, data detection method and server | |
| Sun et al. | Public data integrity auditing without homomorphic authenticators from indistinguishability obfuscation | |
| CN114553556B (en) | Data encryption method, device, computer equipment and storage medium | |
| CN116049802A (en) | Application single sign-on method, system, computer equipment and storage medium | |
| CN116010926A (en) | Login authentication method, login authentication device, computer equipment and storage medium | |
| CN114048453A (en) | User feature generation method and device, computer equipment and storage medium | |
| CN114398678A (en) | Registration verification method and device for preventing electronic file from being tampered, electronic equipment and medium | |
| Gao et al. | Similarity-based deduplication and secure auditing in IoT decentralized storage | |
| Wang et al. | sChain: An Efficient and Secure Solution for Improving Blockchain Storage | |
| CN113890766B (en) | Power equipment authentication method, device, server and system based on Internet of things and storage medium | |
| CN115174260B (en) | Data verification method, device, computer, storage medium and program product | |
| CN117714099A (en) | Anticreeper method, anticreeper device, computer equipment and storage medium | |
| CN112784314B (en) | Data integrity detection method and device, electronic equipment and storage medium | |
| Anil Kumar et al. | Framework Towards Higher Data Privacy by Novel Data Integrity Scheme | |
| Zhang et al. | On the security of a dynamic-hash-table based public auditing protocol | |
| Gao et al. | Similarity-based Secure Deduplication for IIoT Cloud Management System | |
| CN117792684A (en) | Data verification method, device, computer equipment and storage medium | |
| CN116821082A (en) | Log file processing method, device, computer equipment and storage medium | |
| CN117978446A (en) | Chip communication transmission encryption method, device, computer equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |