WO2019178984A1 - Account security management method and apparatus, computer device, and storage medium - Google Patents

Account security management method and apparatus, computer device, and storage medium Download PDF

Info

Publication number
WO2019178984A1
WO2019178984A1 PCT/CN2018/095320 CN2018095320W WO2019178984A1 WO 2019178984 A1 WO2019178984 A1 WO 2019178984A1 CN 2018095320 W CN2018095320 W CN 2018095320W WO 2019178984 A1 WO2019178984 A1 WO 2019178984A1
Authority
WO
WIPO (PCT)
Prior art keywords
account
time
password
face photo
account name
Prior art date
Application number
PCT/CN2018/095320
Other languages
French (fr)
Chinese (zh)
Inventor
刘阳
冯心
梁瑾
张瑞光
李俊
黄心官
刘文慧
Original Assignee
平安科技(深圳)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 平安科技(深圳)有限公司 filed Critical 平安科技(深圳)有限公司
Publication of WO2019178984A1 publication Critical patent/WO2019178984A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/107License processing; Key processing
    • G06F21/1078Logging; Metering
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2101Auditing as a secondary aspect

Definitions

  • the present application relates to the field of account security management, and in particular to an account security management method, apparatus, computer device and storage medium.
  • the business system is generally created by the administrator, instead of the registration method to generate the account name.
  • the administrator creates a password with weak or inconvenient memory. It is necessary to force the password to be changed at the initial login.
  • the account needs to be automatically unlocked after being locked, generally the timed task is set in the system, and the unlocking task is triggered within the set time point.
  • the configuration of the timing task requires the introduction of a third-party framework in the system, and the task execution process needs to consume a large amount of system resources, which undoubtedly increases the development workload and system hardware overhead, and extends the project development cycle; the second method, the initialization Accounts, which require additional tagging, will also increase development work. Therefore, providing a new account security management method to save development workload is an urgent problem to be solved.
  • the main purpose of the application is to provide an account security management method, device, computer device and storage medium without introducing a third-party time task management framework.
  • an account security management method including:
  • the account corresponding to the account name is successfully logged.
  • the method includes:
  • the method includes:
  • the method includes:
  • first face photo and the second face photo are face photos of the same person, all account rights of the current registrant are opened; if the first face photo and the second face photo are determined to be different
  • the person's face photo according to the preset rules, closes some of the current registrant's account rights.
  • the method includes:
  • the contour meets the preset criteria, it is determined that the currently photographed picture is a real person image, and an instruction to invoke the first human face photo is generated.
  • the method includes:
  • the method includes:
  • the application also provides an account security management device, including:
  • a determining unit configured to determine whether the received account name and password match
  • a record obtaining unit configured to record a first time of the current login, and a second time of obtaining the previous login of the account name, if the account name and password are successfully matched;
  • a calculating unit configured to calculate a time interval between the first time and the second time; wherein, if the second time is empty, the time interval is infinity;
  • the login unit is configured to successfully log in to the account corresponding to the account name if the time interval is greater than a preset time interval threshold.
  • the application further provides a computer device comprising a memory and a processor, the memory storing computer readable instructions, the processor executing the computer readable instructions to implement the steps of any of the methods described above.
  • the present application also provides a computer non-transitory readable storage medium having stored thereon computer readable instructions that, when executed by a processor, implement the steps of any of the methods described above.
  • the account security management method, device, computer device and storage medium of the present application do not need to refer to a third-party time task management framework for the account unlocking problem, and do not need to set additional marking bits for the initial user, thereby reducing development workload and shortening development time. .
  • the time for judging whether to release the locked state of the account is based on the login time of the user, and the time distribution of the unlocked state is relatively dispersed, and the time task management operation is not required in the background, thereby greatly reducing the overhead of system resources.
  • FIG. 1 is a schematic flowchart diagram of an account security management method according to an embodiment of the present application
  • FIG. 2 is a schematic flowchart of an account security management method according to an embodiment of the present application.
  • FIG. 3 is a schematic flowchart of an account security management method according to an embodiment of the present application.
  • FIG. 4 is a schematic flowchart diagram of an account security management method according to an embodiment of the present application.
  • FIG. 5 is a schematic block diagram showing the structure of an account security management apparatus according to an embodiment of the present application.
  • FIG. 6 is a schematic block diagram showing the structure of an account security management apparatus according to an embodiment of the present application.
  • FIG. 7 is a schematic block diagram showing the structure of an account security management apparatus according to an embodiment of the present application.
  • FIG. 8 is a schematic block diagram showing the structure of an account security management apparatus according to an embodiment of the present application.
  • FIG. 9 is a schematic block diagram showing the structure of a computer device according to an embodiment of the present application.
  • an embodiment of the present application provides an account security management method, including the following steps:
  • the account name refers to the name content that needs to be input when logging in to the corresponding account of the system.
  • the above password is used to verify that the account name is correct.
  • each account is generally set with a corresponding password.
  • an account can be configured with multiple passwords correspondingly, and when the account is logged in with a different password, the obtained rights are different.
  • This step S1 means that after receiving the account name and password input by the current user, the system determines whether the account name and the password match. If the matching is successful, the system can log in to the system. If the matching fails, an error message and the like are sent.
  • the first time is a time recorded by the system after the matching of the account name and the password, and the time may be the time when the user inputs the account name and the password and clicks the login time, or the system determines the account name and password. If the time is matched, you can set it according to the specific requirements.
  • the second time is the time when the system logs in the previous time.
  • the previous login refers to the operation of clicking the login after the user inputs the account name and password. If the login is successful after clicking the login, a time will be recorded. This time can be considered as the above. The second time.
  • step S3 if the second time is empty, the time interval is infinity; if the second time is empty, the current login account is the first time to log in, that is, the user has not logged in before this time. The above account, therefore, the second time does not exist, so the time interval between the first time and the second time can be considered to be infinite.
  • step S4 if the time interval is greater than the preset time interval threshold, the system corresponding to the account is successfully logged. That is, regardless of whether the account is locked or unlocked before the user logs in, the system will successfully log in to the system as long as the account name and password match and the time interval is greater than the preset time interval threshold. In another embodiment, if the time interval is less than or equal to the time interval threshold, if the account corresponding to the account name is in the locked state, the account cannot be successfully logged in, and if the account corresponding to the account name is not locked, the normal user will not be affected. Login.
  • the method includes:
  • the account corresponding to the account name may be an account assigned by the system administrator, and the password is generally simple or not easy to remember, and there is a risk in the later use, if the password It is relatively simple, it is easy to be cracked; if the password is not easy to remember, it is easy to forget, it is necessary to trouble the administrator to remind, etc., so the mandatory change password command is generated, the user is required to modify the password, and the user's own modified password is relative to the user. Easy to remember, you can also set a password that is more difficult. The process of forcibly changing the password is generated.
  • the specific process of modifying the password is as follows: when searching for the second time stored in the storage location, the search result is empty, that is, the first time is not stored, and the second time is determined to be empty. Then, the page will pop up a password change interface.
  • the interface has the option of entering the current password and the modified password, and the interface must be filled in correctly and saved, the interface for changing the password will be closed, otherwise the modification cannot be closed.
  • Password interface In a specific embodiment, the repaired password is not allowed to be the same as the password before the modification, and the specific execution process is: comparing the modified password with the password before the modification, if the two are the same, then issuing remind.
  • the modified password and the first face photo are respectively stored in the database in association with the account name, and the password, first face photo and account name to be modified are to be modified.
  • the first face photo of the person who modified the password ie, the above-mentioned user
  • the first face photo can be used for later secondary verification or authority management.
  • the modified password and the first face photo are respectively stored in the database in association with the account name, so as to compare the calling password and the first face photo according to the account name.
  • step S4 of successfully logging in to the account corresponding to the account name the method includes:
  • the first face photo and the second face photo are the same person's face photo, it means that the owner corresponding to the account name logs in, and has all the rights. If the first face photo and the second face photo are not the same person's face photo, it means that the login is performed by the owner corresponding to the account name. At this time, there are two possibilities, and the first one is the user friend to log in; The second is the account is stolen. In either case, the account permissions are set at this time to protect the security of the account. In other embodiments, when restricted by the authority, the current operator may send the authorization management information to the user.
  • the user may obtain a larger authority, which may be all rights or may be The user replies to a different authorization command and gives the corresponding permission.
  • the system is a bank automatic withdrawal system.
  • the method for comparing the first face photo and the second face photo is: inputting the first face photo into the predicted face recognition model to calculate, and obtaining the first face value; and the second face photo Input into the above-mentioned face recognition model to calculate, and obtain the second face value. If the difference between the first face value and the second face value is within the preset range, the first face photo and The second face photo is a face photo of the same person.
  • the method before the step S42 of retrieving the first face photo corresponding to the account name in the database, the method includes:
  • the ultrasonic wave transmitting device transmits ultrasonic waves to the imaging region, and then receives the reflected waves of the ultrasonic waves, and calculates the distance between the respective reflection points and the emission points according to the reflection time of the ultrasonic waves, thereby depicting the ultrasonic waves.
  • the shape and contour of each object in the launch area For example, if there is a basketball in the launch area of the ultrasonic wave, the ultrasonic wave will be reflected by the basketball. Because the basketball is round, the time for the basketball to receive the ultrasonic wave varies with the distance, and the ultrasonic receiving device The time of the received reflected waves is also different, and the outline of the basketball is depicted.
  • the photo such as the poster must be flattened, and the outline is a plane, and if it is a real person, the outline is a 3d outline. That is, the subject is scanned like a B-mode ultrasound. If the result of the scan is a 3d outline similar to the human head, the second photo taken is considered to be a live-action photo to prevent others from using the photo fraud system to obtain the above account. All the permissions to improve the security of the account.
  • the method includes:
  • step S31 regardless of whether the current account is in the locked state, the account is automatically set to the unlocked state, and the number of errors before the password input is cleared. At this time, if the password is correct, the login may be successful; if the password is incorrect, Then restart the recording of the number of login errors.
  • the method includes:
  • the method includes:
  • time interval is less than or equal to a preset time interval threshold, and the account is in a locked state, receiving a preset operation action to force the unlock state.
  • the specific forced unlocking state is as follows: the button for receiving the preset forced unlocking state is clicked to generate an email input box; and determining whether the content input in the input box is a preset Content (the content is the content that the user enters when creating the account); if so, the content is sent to the specified mailbox (the mailbox is also the default mailbox when the account is created); if the email is not received, the feedback is not received.
  • a preset Content the content is the content that the user enters when creating the account
  • the content is sent to the specified mailbox (the mailbox is also the default mailbox when the account is created); if the email is not received, the feedback is not received.
  • the unlock state fails; if the feedback of the above mailbox is received, it is judged whether the content of the mailbox feedback meets the preset requirement (the same is the content of the account setting, the content and the input of the input box) Generally different), if it meets the requirements, the lock state is released, otherwise the unlock state fails.
  • the advantage of this step is: if the current operator is someone else, then he will not know the specific email sent to that mailbox, so he will not log in to the corresponding mailbox for feedback, and even if he knows which mailbox, the password of the mailbox is not necessarily Know, further improve the security of your account.
  • the step of “determining whether the content fed back by the mailbox meets the preset requirement” it is determined whether the device that logs in to the mailbox is the same as the device that is currently logged in, and if the same, the unlocking state fails. That is, if at least two different devices are to be unlocked, the unlock state cannot be completed, which is intended to increase the difficulty of unlocking.
  • the geographic location of the device that logs in to the account is also determined; determining whether the geographic location is a preset designated geographic location; if yes, An instruction to "determine whether the content input in the input box is a preset content" is generated.
  • the method for determining the location includes multiple types. If the device that is connected to the account is wirelessly connected to the network, the device can be located through GPS, wifi positioning, base station triangulation, etc.; if the device that logs in to the account is a limited connection gateway, the location of the gateway is obtained. can.
  • the account security management method described above may be used to write an application corresponding to the foregoing method in the login program of the system, and the third-party time task management framework is not required to be developed during development, thereby reducing the workload of opening.
  • the time for judging whether to unlock the account name is based on the login time of the user, and the time distribution of the unlock state is relatively dispersed.
  • the system does not need to perform time task management in the background, which greatly reduces the overhead of system resources.
  • the application further provides an account security management apparatus, including:
  • the determining unit 10 is configured to determine whether the received account name and password match.
  • the record obtaining unit 20 is configured to record the first time of the current login and the second time of the previous login of the account name if the account name and password are successfully matched;
  • the calculating unit 30 is configured to calculate a time interval between the first time and the second time
  • the login unit 40 is configured to successfully log in to the account corresponding to the account name if the time interval is greater than a preset time interval threshold.
  • the account name refers to the name content that needs to be input when the system corresponding account is registered.
  • the above password is used to verify that the account name is correct.
  • each account is generally set with a corresponding password.
  • an account can be configured with multiple passwords correspondingly, and when the account is logged in with a different password, the obtained rights are different.
  • the system determines whether the account name and the password match. If the matching is successful, the system can log in to the system. If the matching fails, an error message and the like are sent.
  • the first time is a time when the system determines that the account name and the password are matched, and the time may be the time when the user inputs the account name and the password and clicks the login time, or the system determines the account name and password. If the time is matched, you can set it according to the specific requirements.
  • the second time is the time when the system logs in the previous time.
  • the previous login refers to the operation of clicking the login after the user inputs the account name and password. If the login is successful after clicking the login, a time will be recorded. This time can be considered as the above. The second time.
  • the time interval is infinity; if the second time is empty, the current login account is the first login account, that is, the account is not logged in before this time. Therefore, the second time does not exist, so the time interval between the first time and the second time can be considered to be infinite.
  • the system corresponding to the account is successfully registered. That is, regardless of whether the account is locked or unlocked before the user logs in, the system will successfully log in to the system as long as the account name and password match and the time interval is greater than the preset time interval threshold.
  • the time interval is less than or equal to the time interval threshold, if the account corresponding to the account name is in the locked state, the account cannot be successfully logged in, and if the account corresponding to the account name is not locked, the normal user will not be affected. Login.
  • the account security management apparatus further includes:
  • the generating unit 21 is configured to generate a forced modification password command if the second time is empty.
  • the association storage unit 23 is configured to store the modified password and the first face photo in the database in association with the account name.
  • the second time is empty, it indicates that the account corresponding to the account name may be an account assigned by the system administrator, and the password is generally simple or not easy to remember, and there is a risk in the later use, if the password It is relatively simple, it is easy to be cracked; if the password is not easy to remember, it is easy to forget, it is necessary to trouble the administrator to remind, etc., so the mandatory change password command is generated, the user is required to modify the password, and the user's own modified password is relative to the user. Easy to remember, you can also set a password that is more difficult. The process of forcibly changing the password is generated.
  • the specific process of modifying the password is as follows: when searching for the second time stored in the storage location, the search result is empty, that is, the first time is not stored, and the second time is determined to be empty. Then, the page will pop up a password change interface.
  • the interface has the option of entering the current password and the modified password, and the interface must be filled in correctly and saved, the interface for changing the password will be closed, otherwise the modification cannot be closed.
  • Password interface In a specific embodiment, the repaired password is not allowed to be the same as the password before the modification, and the specific execution process is: comparing the modified password with the password before the modification, if the two are the same, then issuing remind.
  • the modified password and the first face photo are respectively stored in the database in association with the account name, and the password, first face photo and account name to be modified are to be modified.
  • the first face photo of the person who modified the password ie, the above-mentioned user
  • the first face photo can be used for later secondary verification or authority management.
  • the modified password and the first face photo are respectively stored in the database in association with the account name, so as to compare the calling password with the first face photo according to the account name.
  • the account security management apparatus further includes:
  • the photographing unit 41 is configured to photograph a second face photo of the current registrant
  • the retrieving unit 42 is configured to retrieve the first face photo corresponding to the account name in the database
  • the comparing unit 43 is configured to compare the first face photo with the second face photo
  • the authority management unit 44 is configured to: if it is determined that the first face photo and the second face photo are the same person's face photo, open all account rights of the current registrant; if the first face photo is determined If the second face photo is a face photo of a different person, the partial account right of the current registrant is closed according to a preset rule.
  • the first face photo and the second face photo are the same person's face photo, it means that the owner corresponding to the account name logs in. , it has all the permissions. If the first face photo and the second face photo are not the same person's face photo, it means that the login is performed by the owner corresponding to the account name. At this time, there are two possibilities, and the first one is the user friend to log in; The second is the account is stolen. In either case, the account permissions are set at this time to protect the security of the account. In other embodiments, when restricted by the authority, the current operator may send the authorization management information to the user.
  • the method for comparing the first face photo and the second face photo is: inputting the first face photo into the predicted face recognition model to calculate, and obtaining the first face value; and the second face photo Input into the above-mentioned face recognition model to calculate, and obtain the second face value. If the difference between the first face value and the second face value is within the preset range, the first face photo and The second face photo is a face photo of the same person.
  • the account security management apparatus further includes:
  • the ultrasonic scanning unit 421 is configured to perform ultrasonic scanning on the imaging area and receive a reflected wave of the ultrasonic wave;
  • a contour determining unit 422 configured to determine an outline of an object of the photographing area according to the reflected wave
  • the face determining unit 423 is configured to determine that the currently captured picture is a live picture and generate an instruction to invoke the first face photo if the outline conforms to a preset standard.
  • ultrasonic waves are transmitted to the imaging region by the ultrasonic transmitting device, and then reflected waves of the ultrasonic waves are received, and each reflection point and emission are calculated according to the reflection time of the ultrasonic waves.
  • the distance between the points depicts the shape and contour of each object in the ultrasonic emission area. For example, if there is a basketball in the emission area of the ultrasonic wave, the ultrasound will be reflected by the basketball. Because the basketball is round, the time when the basketball receives the ultrasonic wave Because of the difference in distance, the ultrasonic receiving device receives the reflected waves for different times, and thus depicts the outline of the basketball.
  • the photo such as the poster must be flattened, and the outline is a plane, and if it is a real person, the outline is a 3d outline. That is, the subject is scanned like a B-mode ultrasound. If the result of the scan is a 3d outline similar to the human head, the second photo taken is considered to be a live-action photo to prevent others from using the photo fraud system to obtain the above account. All the permissions to improve the security of the account.
  • the account security management apparatus further includes:
  • the clearing unit 31 is configured to clear historical data of the number of times the password is input incorrectly.
  • the account regardless of whether the current account is in the locked state, the account is automatically set to the unlocked state, and the number of errors of the previous password input is cleared at the same time. If the password is correct, the login can be successful; if the password is incorrect, Then restart the recording of the number of login errors.
  • the account security management device further includes:
  • the adding unit 11 is configured to: if the account name and the password match fail, add one to the historical data of the number of password input errors;
  • the threshold determining unit 12 is configured to determine whether the historical data after the addition is greater than a preset error threshold
  • the locking unit 13 is configured to lock the account name if the historical data is greater than a preset error threshold.
  • the account security management device further includes:
  • the unlocking unit 301 is configured to receive a preset operation action forcibly releasing the locked state if the time interval is less than or equal to a preset time interval threshold and the account is in a locked state.
  • the specific forced unlocking state is as follows: the button for receiving the preset forced unlocking state is clicked to generate an email input box; and determining whether the content input in the input box is pre- The content (the content is the content entered by the user when the account is created); if yes, the content is sent to the specified mailbox (the mailbox is also the default mailbox when the account is established); if the mailbox is not received Feedback (including feedback timeout), the unlock state fails; if the feedback of the above mailbox is received, it is judged whether the content of the mailbox feedback meets the preset requirement (the same is the content of the account setting, the content and the input of the input box The content is generally different. If the requirements are met, the lock status is released, otherwise the unlock status fails.
  • the advantage of this step is: if the current operator is someone else, then he will not know the specific email sent to that mailbox, so he will not log in to the corresponding mailbox for feedback, and even if he knows which mailbox, the password of the mailbox is not necessarily Know, further improve the security of your account. Further, before the step of “determining whether the content fed back by the mailbox meets the preset requirement”, it is determined whether the device that logs in to the mailbox is the same as the device that is currently logged in, and if the same, the unlocking state fails. That is, if at least two different devices are to be unlocked, the unlock state cannot be completed, which is intended to increase the difficulty of unlocking.
  • the account security management device in the embodiment of the present application can write an application corresponding to the foregoing method in the login program of the system, and does not need to introduce a third-party time task management framework during development, thereby reducing the open workload.
  • the time for judging whether to unlock the account name is based on the login time of the user, and the time distribution of the unlock state is relatively dispersed.
  • the system does not need to perform time task management in the background, which greatly reduces the overhead of system resources.
  • the computer device may be a server, and its internal structure may be as shown in FIG. 9.
  • the computer device includes a processor, memory, network interface, and database connected by a system bus. Among them, the computer designed processor is used to provide calculation and control capabilities.
  • the memory of the computer device includes a non-volatile storage medium, an internal memory.
  • the non-volatile storage medium stores an operating system, computer readable instructions, and a database.
  • the memory provides an environment for the operation of operating systems and computer readable instructions in a non-volatile storage medium.
  • the database of the computer device is used for data such as face photos, passwords, etc. for account security management.
  • the network interface of the computer device is used to communicate with an external terminal via a network connection.
  • the computer readable instructions are executed by the processor to implement an account security management method.
  • the step of executing the foregoing account security management method by the processor includes: determining whether the received account name and password match; if the account name and password are successfully matched, recording the first time of the current login, and acquiring the account name and logging in the previous time. a second time; calculating a time interval between the first time and the second time; wherein, if the second time is empty, the time interval is infinity; if the time interval is greater than a preset time interval If the threshold is reached, the account corresponding to the account name is successfully logged.
  • the step of obtaining the second time of the previous login of the account name includes: if the second time is Empty, the processor generates a mandatory change password command.
  • the method includes: receiving the modified password, and capturing a first face photo of the person who modified the password; and the modified password, and the A face photo is stored in the database in association with the account name.
  • the method includes: capturing a second face photo of the current registrant; and extracting, in the database, a location corresponding to the account name a first face photo; comparing the first face photo with the second face photo; if it is determined that the first face photo and the second face photo are the same person's face photo, open the current All account rights of the registrant; if it is determined that the first face photo and the second face photo are face photos of different people, part of the current registrant's account rights are closed according to a preset rule.
  • the method before the step of the processor capturing the first face photo corresponding to the account name in the database, the method includes: performing ultrasonic scanning on the shooting area, and receiving a reflected wave of the ultrasonic wave; The contour of the object in the shooting area is determined according to the reflected wave; if the contour conforms to the preset standard, it is determined that the currently captured picture is a real person picture, and an instruction to invoke the first face photo is generated.
  • the method includes: clearing historical data of the number of times the password is input incorrectly.
  • the method includes: if the account name and the password match fail, adding one to the historical data of the password input error number; Whether the historical data is greater than a preset error threshold; if greater, the account name is locked.
  • FIG. 9 is only a block diagram of a part of the structure related to the solution of the present application, and does not constitute a limitation of the computer device to which the present application is applied.
  • the embodiment of the present application further provides a computer non-volatile readable storage medium having computer readable instructions stored thereon, and when the computer readable instructions are executed by the processor, implement the flow of the embodiments of the foregoing methods.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Storage Device Security (AREA)
  • Collating Specific Patterns (AREA)

Abstract

Disclosed are an account security management method and apparatus, a computer device and a storage medium. The method comprises: determining whether an account name matches a password; if the account name is successfully matched with the password, recording a first time of the current login, and acquiring a second time of the previous login with the account name; calculating a time interval between the first time and the second time, wherein if the second time is null, the time interval is infinite; and if the time interval is greater than a pre-set time interval threshold, successfully logging in to an account corresponding to the account name.

Description

账户安全管理方法、装置、计算机设备和存储介质Account security management method, device, computer device and storage medium
本申请要求于2018年3月22日提交中国专利局、申请号为2018102418848,申请名称为“账户安全管理方法、装置、计算机设备和存储介质”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application claims the priority of the Chinese Patent Application entitled "Account Security Management Method, Apparatus, Computer Equipment, and Storage Media" filed on March 22, 2018, the Chinese Patent Office, Application No. 2018102418848, the entire contents of which are incorporated by reference. Combined in this application.
技术领域Technical field
本申请涉及到账户安全管理领域,特别是涉及到一种账户安全管理方法、装置、计算机设备和存储介质。The present application relates to the field of account security management, and in particular to an account security management method, apparatus, computer device and storage medium.
背景技术Background technique
登录某些系统、网站时,需要登录账户名和密码,只有密码和账户名对应成功后,才会登录成功。为了系统安全,会限制指定时间内连续输入错误密码的次数,如果连续输入密码错误达到预设次数,则会将该账户名锁定,然后根据设定的方式将账户名解锁,比如常见的,经过指定时间长后,自动恢复正常的设置等。具体的,在账户安全管理上,现有技术存在两种方式,具体如下:When logging in to some systems or websites, you need to log in to the account name and password. Only after the password and account name are successfully matched will the login be successful. For system security, it will limit the number of consecutive incorrect passwords entered within a specified time. If the password is entered incorrectly for a preset number of times, the account name will be locked, and then the account name will be unlocked according to the set method, such as common. After a specified period of time, the normal settings are automatically restored. Specifically, in the account security management, there are two methods in the prior art, as follows:
1、当登录次数到达设定值时,即锁定账户名,一段时间内不得登录;1. When the number of logins reaches the set value, the account name is locked and you cannot log in for a period of time;
2、业务系统一般采用管理员创建,而非注册方式生成账户名,管理员创建密码的强度较弱或不方便记忆,需要在初始登录时强制修改密码。上述第一种方式,账户锁定后需自动解锁,一般是在系统中设定定时任务,在设定的时间点内触发解锁任务。而配置定时任务需要在系统中引入第三方框架,同时任务执行过程中需要消耗大量的系统资源,这无疑增加了开发工作量和系统硬件开销,延长了项目开发周期;上述第二种方式,初始化账户,需要额外的标记位标识,同样也会增加开发工作。所以提供一种新的账户安全管理方法,以节约开发工作量是一种亟需解决的问题.2. The business system is generally created by the administrator, instead of the registration method to generate the account name. The administrator creates a password with weak or inconvenient memory. It is necessary to force the password to be changed at the initial login. In the above first mode, the account needs to be automatically unlocked after being locked, generally the timed task is set in the system, and the unlocking task is triggered within the set time point. The configuration of the timing task requires the introduction of a third-party framework in the system, and the task execution process needs to consume a large amount of system resources, which undoubtedly increases the development workload and system hardware overhead, and extends the project development cycle; the second method, the initialization Accounts, which require additional tagging, will also increase development work. Therefore, providing a new account security management method to save development workload is an urgent problem to be solved.
技术问题technical problem
本申请的主要目的为提供一种无须引入第三方时间任务管理框架的账户安全管理方法、装置、计算机设备和存储介质.The main purpose of the application is to provide an account security management method, device, computer device and storage medium without introducing a third-party time task management framework.
技术解决方案Technical solution
为了实现上述本申请的目的,本申请提出一种账户安全管理方法,包括:In order to achieve the above purpose of the present application, the present application provides an account security management method, including:
判断接收到的账户名和密码是否匹配;Determine whether the received account name and password match;
若所述账户名和密码匹配成功,则记录当前登录的第一时间,以及获取所述账户名前一次登录的第二时间;If the account name and the password match successfully, record the first time of the current login, and obtain the second time of the previous login of the account name;
计算所述第一时间与第二时间之间的时间间隔;其中,若所述第二时间为空,则所述时间间隔为无穷大;Calculating a time interval between the first time and the second time; wherein, if the second time is empty, the time interval is infinity;
若所述时间间隔大于预设的时间间隔阈值,则成功登录所述账户名对应的账户。If the time interval is greater than the preset time interval threshold, the account corresponding to the account name is successfully logged.
进一步地,所述若所述账户名和密码匹配成功,则记录当前登录的第一时间,以及获取所述账户名前一次登录的第二时间的步骤之后,包括:Further, if the account name and the password match successfully, the first time of the current login is recorded, and after the step of obtaining the second time of the previous login of the account name, the method includes:
若所述第二时间为空,则生成强制修改密码指令。If the second time is empty, a forced modification password command is generated.
进一步地,所述生成强制修改密码指令的步骤之后,包括:Further, after the step of generating a mandatory password modification command, the method includes:
接收修改后的密码,以及拍摄修改密码者的第一人脸照片;Receiving the modified password and taking the first face photo of the person who changed the password;
将所述修改后的密码、以及所述第一人脸照片分别与所述账户名关联存储在数据库中。And storing the modified password and the first face photo in the database in association with the account name.
进一步地,所述成功登录所述账户名对应的账户的步骤之后,包括:Further, after the step of successfully logging in to the account corresponding to the account name, the method includes:
拍摄当前登录者的第二人脸照片;Shooting the second face photo of the current registrant;
在所述数据库中调取与所述账户名对应的所述第一人脸照片;Retrieving the first face photo corresponding to the account name in the database;
将所述第一人脸照片和第二人脸照片进行比较;Comparing the first face photo with the second face photo;
若判定所述第一人脸照片和第二人脸照片为同一人的人脸照片,则开放当前登陆者的全部账户权限;若判定所述第一人脸照片和第二人脸照片为不同人的人脸照片,则根据预设规则关闭当前登陆者的部分账户权限。If it is determined that the first face photo and the second face photo are face photos of the same person, all account rights of the current registrant are opened; if the first face photo and the second face photo are determined to be different The person's face photo, according to the preset rules, closes some of the current registrant's account rights.
进一步地,所述在所述数据库中调取与所述账户名对应的所述第一人脸照片的步骤之前,包括:Further, before the step of retrieving the first face photo corresponding to the account name in the database, the method includes:
向拍摄区域进行超声波扫描,并接收超声波的反射波;Ultrasonic scanning to the shooting area and receiving reflected waves of ultrasonic waves;
根据反射波判断拍摄区域的物体的轮廓;Determining the contour of the object in the shooting area based on the reflected wave;
若轮廓符合预设的标准,则判定当前拍摄的图片是真人图片,生成调用所述第一人脸照片的指令。If the contour meets the preset criteria, it is determined that the currently photographed picture is a real person image, and an instruction to invoke the first human face photo is generated.
进一步地,所述计算所述第一时间与第二时间之间的时间间隔的步骤之后,包括:Further, after the step of calculating the time interval between the first time and the second time, the method includes:
清空密码输入错误次数的历史数据。Clear the historical data of the number of incorrect password entries.
进一步地,所述判断接收到的账户名和密码是否匹配的步骤之后,包括:Further, after the step of determining whether the received account name and password match, the method includes:
若所述账户名和密码匹配失败,则在密码输入错误次数的历史数据上加一;If the account name and password match fail, add one to the historical data of the number of password input errors;
判断加一后的所述历史数据是否大于预设错误阈值;Determining whether the historical data after the addition is greater than a preset error threshold;
若大于,则锁定所述账户名。If it is greater, the account name is locked.
本申请还提供一种账户安全管理装置,包括:The application also provides an account security management device, including:
判断单元,用于判断接收到的账户名和密码是否匹配;a determining unit, configured to determine whether the received account name and password match;
记录获取单元,用于若所述账户名和密码匹配成功,则记录当前登录的第一时间,以及获取所述账户名前一次登录的第二时间;a record obtaining unit, configured to record a first time of the current login, and a second time of obtaining the previous login of the account name, if the account name and password are successfully matched;
计算单元,用于计算所述第一时间与第二时间之间的时间间隔;其中,若所述第二时间为空,则所述时间间隔为无穷大;a calculating unit, configured to calculate a time interval between the first time and the second time; wherein, if the second time is empty, the time interval is infinity;
登录单元,用于若所述时间间隔大于预设的时间间隔阈值,则成功登录所述账户名对应的账户。The login unit is configured to successfully log in to the account corresponding to the account name if the time interval is greater than a preset time interval threshold.
本申请还提供一种计算机设备,包括存储器和处理器,所述存储器存储有计算机可读指令,所述处理器执行所述计算机可读指令时实现上述任一项所述方法的步骤。The application further provides a computer device comprising a memory and a processor, the memory storing computer readable instructions, the processor executing the computer readable instructions to implement the steps of any of the methods described above.
本申请还提供一种计算机非易失性可读存储介质,其上存储有计算机可读指令,所述计算机可读指令被处理器执行时实现上述任一项所述的方法的步骤。The present application also provides a computer non-transitory readable storage medium having stored thereon computer readable instructions that, when executed by a processor, implement the steps of any of the methods described above.
有益效果Beneficial effect
本申请的账户安全管理方法、装置、计算机设备和存储介质,不用为账号解锁问题而引用第三方时间任务管理框架,也无需为初始用户设定额外的标记位,减少开发工作量,缩短开发时间。判断是否解除账户的锁定状态的时间是根据用户的登录时间进行的,解除锁定状态的时间分布较为分散,也不需要在后台进行时间任务管理动作,大大的减少系统资源的开销。The account security management method, device, computer device and storage medium of the present application do not need to refer to a third-party time task management framework for the account unlocking problem, and do not need to set additional marking bits for the initial user, thereby reducing development workload and shortening development time. . The time for judging whether to release the locked state of the account is based on the login time of the user, and the time distribution of the unlocked state is relatively dispersed, and the time task management operation is not required in the background, thereby greatly reducing the overhead of system resources.
附图说明DRAWINGS
图1 为本申请一实施例的账户安全管理方法的流程示意图;FIG. 1 is a schematic flowchart diagram of an account security management method according to an embodiment of the present application;
图2 为本申请一实施例的账户安全管理方法的流程示意图;2 is a schematic flowchart of an account security management method according to an embodiment of the present application;
图3为本申请一实施例的账户安全管理方法的流程示意图;3 is a schematic flowchart of an account security management method according to an embodiment of the present application;
图4 为本申请一实施例的账户安全管理方法的流程示意图;FIG. 4 is a schematic flowchart diagram of an account security management method according to an embodiment of the present application;
图5 为本申请一实施例的账户安全管理装置的结构示意框图;FIG. 5 is a schematic block diagram showing the structure of an account security management apparatus according to an embodiment of the present application; FIG.
图6 为本申请一实施例的账户安全管理装置的结构示意框图;6 is a schematic block diagram showing the structure of an account security management apparatus according to an embodiment of the present application;
图7 为本申请一实施例的账户安全管理装置的结构示意框图;FIG. 7 is a schematic block diagram showing the structure of an account security management apparatus according to an embodiment of the present application; FIG.
图8 为本申请一实施例的账户安全管理装置的结构示意框图;FIG. 8 is a schematic block diagram showing the structure of an account security management apparatus according to an embodiment of the present application; FIG.
图9 为本申请一实施例的计算机设备的结构示意框图。FIG. 9 is a schematic block diagram showing the structure of a computer device according to an embodiment of the present application.
本发明的最佳实施方式BEST MODE FOR CARRYING OUT THE INVENTION
参照图1,本申请实施例提供一种账户安全管理方法,包括步骤:Referring to FIG. 1, an embodiment of the present application provides an account security management method, including the following steps:
S1、判断接收到的账户名和密码是否匹配;S1, determining whether the received account name and password match;
S2、若所述账户名和密码匹配成功,则记录当前登录的第一时间,以及获取所述账户名前一次登录的第二时间;S2. If the account name and password are successfully matched, record the first time of the current login, and obtain the second time of the previous login of the account name;
S3、计算所述第一时间与第二时间之间的时间间隔;S3. Calculate a time interval between the first time and the second time.
S4、若所述时间间隔大于预设的时间间隔阈值,则成功登录所述账户名对应的账户。S4. If the time interval is greater than a preset time interval threshold, the account corresponding to the account name is successfully logged.
如上述步骤S1所述,上述账户名是指登录系统对应账户时需要输入的名称内容。上述密码用于验证账户名是否正确。在一个系统中,每一个账户一般设置有一个对应的密码。在一具体实施例中,一个账户可以对应设置多个密码,使用不同的密码登录该账户时,所得到的权限不同。本步骤S1是指,系统接收到当前用户输入的账户名和密码后,判断账户名与密码是否匹配,如果匹配成功,则可以登录系统,如果匹配失败,则会发出错误提示等信息。As described in the above step S1, the account name refers to the name content that needs to be input when logging in to the corresponding account of the system. The above password is used to verify that the account name is correct. In a system, each account is generally set with a corresponding password. In a specific embodiment, an account can be configured with multiple passwords correspondingly, and when the account is logged in with a different password, the obtained rights are different. This step S1 means that after receiving the account name and password input by the current user, the system determines whether the account name and the password match. If the matching is successful, the system can log in to the system. If the matching fails, an error message and the like are sent.
如上述步骤S2所述,上述第一时间是系统判定上述账户名和密码匹配后记录的时间,该时间可以为用户输入完账户名和密码后点击登录时的时间,也可以是系统判断完账户名和密码是否匹配后的时间,可以根据具体要求进行相应的设置即可。上述第二时间是系统前一次登录的时间,该前一次登录是指用户输入账户名和密码后点击登录的操作,点击登录后无论是否登录成功,均会记录一个时间,这个时间既可以认为是上述的第二时间。As described in the foregoing step S2, the first time is a time recorded by the system after the matching of the account name and the password, and the time may be the time when the user inputs the account name and the password and clicks the login time, or the system determines the account name and password. If the time is matched, you can set it according to the specific requirements. The second time is the time when the system logs in the previous time. The previous login refers to the operation of clicking the login after the user inputs the account name and password. If the login is successful after clicking the login, a time will be recorded. This time can be considered as the above. The second time.
如上述步骤S3所述,若所上述第二时间为空,则时间间隔为无穷大;上述第二时间为空,是指当前登录账户为第一次登录账户,即在本次之前并没有登录过上述账户,所以,第二时间是不存在的,因此可以认为第一时间和第二时间的时间间隔为无穷大。As described in the above step S3, if the second time is empty, the time interval is infinity; if the second time is empty, the current login account is the first time to log in, that is, the user has not logged in before this time. The above account, therefore, the second time does not exist, so the time interval between the first time and the second time can be considered to be infinite.
如上述步骤S4所述,只要上述时间间隔大于预设的时间间隔阈值,则会成功登录上述账户对应的系统。即,无论用户在登录账户之前,账户处于锁定状态还是非锁定状态,只要账户名和密码匹配,且上述时间间隔大于预设的时间间隔阈值,均会成功登录系统。在另一实施例中,如果时间间隔小于等于上述时间间隔阈值,若是账户名对应的账户处于锁定状态,则无法成功登录账户,如果账户名对应的账户未处于锁定状态,则不会影响用户正常的登录。As described in the above step S4, if the time interval is greater than the preset time interval threshold, the system corresponding to the account is successfully logged. That is, regardless of whether the account is locked or unlocked before the user logs in, the system will successfully log in to the system as long as the account name and password match and the time interval is greater than the preset time interval threshold. In another embodiment, if the time interval is less than or equal to the time interval threshold, if the account corresponding to the account name is in the locked state, the account cannot be successfully logged in, and if the account corresponding to the account name is not locked, the normal user will not be affected. Login.
参照图2,本实施例中,上述若所述账户名和密码匹配成功,则记录当前登录的第一时间,以及获取所述账户名前一次登录的第二时间的步骤S2之后,包括:Referring to FIG. 2, in the embodiment, if the account name and the password are successfully matched, the first time of the current login is recorded, and after the step S2 of obtaining the second time of the previous login of the account name, the method includes:
S21、若所述第二时间为空,则生成强制修改密码指令。S21. If the second time is empty, generate a mandatory password modification command.
S22、接收修改后的密码,以及拍摄修改密码者的第一人脸照片;S22. Receive the modified password, and take a first face photo of the person who changed the password;
S23、将所述修改后的密码、以及所述第一人脸照片分别与所述账户名关联存储在数据库中。S23. Store the modified password and the first face photo in the database in association with the account name.
如上述步骤S21所述,如果第二时间为空,则说明账户名对应的账户可能是系统管理员分配的账户,其密码一般较为简单,或者不容易记忆,在后期使用时存在风险,如果密码较为简单,则容易被破解;如果密码不容易记忆,则容易忘记,需要麻烦管理员进行提醒等,所以生成强制修改密码指令,要求用户必须修改密码,而用户自己修改的密码,相对用户而言容易记忆,还可以设置难度较高的密码。生成强制修改密码指令,进行修改密码的具体过程为:在指定为存储位置查找前一次存储的第二时间时,查找结果为空,即没存储第一时间,此时会判定第二时间为空,然后页面会弹出修改密码的界面,该界面上有输入当前密码和修改后的密码等选项,而且必须将该页面填写正确后并保存之后,修改密码的界面才会关闭,否则无法关闭该修改密码的界面。在一具体实施例中,上述修后的密码不予许与修改前的密码一直,其具体的执行过程是,将修改后的密码与修改前的密码进行比对,如果两者相同,则发出提醒。本实施例中,修改完成密码后,会将修改后的密码、以及所述第一人脸照片分别与所述账户名关联存储在数据库中,即将修改的密码、第一人脸照片和账户名建立相互查找和调用的路径,通过其中的一个,可以找到两另外的两个,如输入账户名后,既可以根据账户名在数据库中产找到与其对应的密码和第一人脸照片,以便于对用户输入的密码以及用户的人脸照片进行相应的比对等。As described in the above step S21, if the second time is empty, the account corresponding to the account name may be an account assigned by the system administrator, and the password is generally simple or not easy to remember, and there is a risk in the later use, if the password It is relatively simple, it is easy to be cracked; if the password is not easy to remember, it is easy to forget, it is necessary to trouble the administrator to remind, etc., so the mandatory change password command is generated, the user is required to modify the password, and the user's own modified password is relative to the user. Easy to remember, you can also set a password that is more difficult. The process of forcibly changing the password is generated. The specific process of modifying the password is as follows: when searching for the second time stored in the storage location, the search result is empty, that is, the first time is not stored, and the second time is determined to be empty. Then, the page will pop up a password change interface. The interface has the option of entering the current password and the modified password, and the interface must be filled in correctly and saved, the interface for changing the password will be closed, otherwise the modification cannot be closed. Password interface. In a specific embodiment, the repaired password is not allowed to be the same as the password before the modification, and the specific execution process is: comparing the modified password with the password before the modification, if the two are the same, then issuing remind. In this embodiment, after the password is modified, the modified password and the first face photo are respectively stored in the database in association with the account name, and the password, first face photo and account name to be modified are to be modified. Establish a path for mutual search and call. Through one of them, you can find two other two. For example, after entering the account name, you can find the corresponding password and first face photo in the database according to the account name, so that you can The password entered by the user and the user's face photo are compared accordingly.
如上述步骤S22所述,修改完成密码之后,还会拍摄修改密码者(即上述的用户)的第一人脸照片,第一人脸照片可以用于后期的二级验证或者权限管理等使用。As described in the above step S22, after the completion password is modified, the first face photo of the person who modified the password (ie, the above-mentioned user) is also photographed, and the first face photo can be used for later secondary verification or authority management.
如上述步骤S23所述,将修改后的密码和第一人脸照片分别与账户名关联存储在数据库中,是为了后期根据账户名进行调用密码和第一人脸照片进行比对。As described in the above step S23, the modified password and the first face photo are respectively stored in the database in association with the account name, so as to compare the calling password and the first face photo according to the account name.
参照图2,本实施例中,上述成功登录所述账户名对应的账户的步骤S4之后,包括:Referring to FIG. 2, in the embodiment, after step S4 of successfully logging in to the account corresponding to the account name, the method includes:
S41、拍摄当前登录者的第二人脸照片;S41. Take a photo of the second face of the current registrant;
S42、在所述数据库中调取与所述账户名对应的所述第一人脸照片;S42: Retrieving the first face photo corresponding to the account name in the database;
S43、将所述第一人脸照片和第二人脸照片进行比较;S43. Compare the first face photo with the second face photo;
S44、若判定所述第一人脸照片和第二人脸照片为同一人的人脸照片,则开放当前登陆者的全部账户权限;若判定所述第一人脸照片和第二人脸照片为不同人的人脸照片,则根据预设规则关闭当前登陆者的部分账户权限。S44. If it is determined that the first face photo and the second face photo are face photos of the same person, open all account rights of the current registrant; if the first face photo and the second face photo are determined For the face photos of different people, part of the current registrant's account rights are closed according to the preset rules.
如上述步骤S41至S44所述,如果第一人脸照片与第二人脸照片为同一人的人脸照片,说明是账户名对应的主人进行登录,其具有全部的权限。如果第一人脸照片与第二人脸照片不为同一人的人脸照片,则说明是非账户名对应的主人进行的登录,此时,存在两种可能,第一种是用户好友进行登录;第二种是账户被盗。无论是哪一种情况,此时设置了账户的权限,则可以保护账户的安全。在其它实施例中,受到权限限制时,当前操作者可以发送授权管理信息给用户,如果用户接收并回复授权的命令,则可以获取到更大的权限,该权限可以是全部权限,也可以根据用户回复不同的授权命令而给予对应的权限。在一具体实施例中,比如系统为银行的自动取款系统,虽然账户名和密码匹配成功,但是因为上述的人脸比对失败,此时,当前用户的权限是可以查看账户余额,但是不能取款等。上述将第一人脸照片和第二人脸照片进行比较的方法为:将第一人脸照片输入到预测人脸识模型中进行计算,得出第一人脸值;将第二人脸照片输入到上述的人脸识模型中进行计算,得出第二人脸值,如果第一人脸值与第二人脸值的差值在预设范围之内,则认为第一人脸照片和第二人脸照片是同一个人的人脸照片。As described in the above steps S41 to S44, if the first face photo and the second face photo are the same person's face photo, it means that the owner corresponding to the account name logs in, and has all the rights. If the first face photo and the second face photo are not the same person's face photo, it means that the login is performed by the owner corresponding to the account name. At this time, there are two possibilities, and the first one is the user friend to log in; The second is the account is stolen. In either case, the account permissions are set at this time to protect the security of the account. In other embodiments, when restricted by the authority, the current operator may send the authorization management information to the user. If the user receives and responds to the authorized command, the user may obtain a larger authority, which may be all rights or may be The user replies to a different authorization command and gives the corresponding permission. In a specific embodiment, for example, the system is a bank automatic withdrawal system. Although the account name and password are successfully matched, because the above face matching fails, at this time, the current user's authority is to view the account balance, but cannot withdraw money, etc. . The method for comparing the first face photo and the second face photo is: inputting the first face photo into the predicted face recognition model to calculate, and obtaining the first face value; and the second face photo Input into the above-mentioned face recognition model to calculate, and obtain the second face value. If the difference between the first face value and the second face value is within the preset range, the first face photo and The second face photo is a face photo of the same person.
参照图3,本实施例中,上述在所述数据库中调取与所述账户名对应的所述第一人脸照片的步骤S42之前,包括:Referring to FIG. 3, in the embodiment, before the step S42 of retrieving the first face photo corresponding to the account name in the database, the method includes:
  S421、向拍摄区域进行超声波扫描,并接收超声波的反射波; S421, performing ultrasonic scanning on the shooting area, and receiving a reflected wave of the ultrasonic wave;
S422、根据反射波判断拍摄区域的物体的轮廓;S422. Determine an outline of an object in the shooting area according to the reflected wave;
S423、若轮廓符合预设的标准,则判定当前拍摄的图片是真人图片,生成调用所述第一人脸照片的指令。S423. If the contour conforms to a preset standard, it is determined that the currently captured picture is a real person picture, and an instruction to invoke the first face photo is generated.
如上述步骤S421至S423所述,具体为,通过超声波发射装置向拍摄区域发射超声波,然后接收超声波的反射波,根据超声波的反射时间计算各反射点与发射点之间的距离,进而描绘出超声波发射区域中各物体的形状轮廓,比如,超声波的发射区域有一个篮球,那么超声波会被篮球反射,因为篮球是圆形的,所以篮球接收到超声波的时间因为距离的不同而不同,超声波接收装置接收到的反射波的时间也各不相同,进而描绘出篮球的轮廓。本实施例中,如果当前拍摄的图片是一个海报等照片时,那么海报等照片必须较为平整的展开,此时其轮廓是一个平面,而如果是真人,其轮廓是一个3d轮廓。即,对拍摄物进行如B超一样的扫描,如果扫描的结果是一个与人头近似的3d轮廓,则认为拍摄的第二照片是一个真人照片,以防止他人利用照片欺骗系统而获取到上述账户的全部权限,提高账户的安全。Specifically, as described in the above steps S421 to S423, specifically, the ultrasonic wave transmitting device transmits ultrasonic waves to the imaging region, and then receives the reflected waves of the ultrasonic waves, and calculates the distance between the respective reflection points and the emission points according to the reflection time of the ultrasonic waves, thereby depicting the ultrasonic waves. The shape and contour of each object in the launch area. For example, if there is a basketball in the launch area of the ultrasonic wave, the ultrasonic wave will be reflected by the basketball. Because the basketball is round, the time for the basketball to receive the ultrasonic wave varies with the distance, and the ultrasonic receiving device The time of the received reflected waves is also different, and the outline of the basketball is depicted. In this embodiment, if the currently photographed picture is a photo such as a poster, then the photo such as the poster must be flattened, and the outline is a plane, and if it is a real person, the outline is a 3d outline. That is, the subject is scanned like a B-mode ultrasound. If the result of the scan is a 3d outline similar to the human head, the second photo taken is considered to be a live-action photo to prevent others from using the photo fraud system to obtain the above account. All the permissions to improve the security of the account.
参照图4,本实施例中,上述计算所述第一时间与第二时间之间的时间间隔的步骤S3之后,包括:Referring to FIG. 4, in the embodiment, after the step S3 of calculating the time interval between the first time and the second time, the method includes:
S31、若所述时间间隔大于预设的时间间隔阈值,则清空密码输入错误次数的历史数据。S31. If the time interval is greater than a preset time interval threshold, clear historical data of the number of error input errors.
如上述步骤S31所述,无论当前账号是否处于锁定状态,自动将账号设置到未锁定状态,同时清空之前密码输入的错误次数,此时如果密码正确,则可以登录成功;此时如果密码错误,则重新开始记录登录错误次数。As described in the above step S31, regardless of whether the current account is in the locked state, the account is automatically set to the unlocked state, and the number of errors before the password input is cleared. At this time, if the password is correct, the login may be successful; if the password is incorrect, Then restart the recording of the number of login errors.
本实施例中,上述判断接收到的账户名和密码是否匹配的步骤S1之后,包括:In this embodiment, after the step S1 of determining whether the received account name and password match, the method includes:
S11、若所述账户名和密码匹配失败,则在密码输入错误次数的历史数据上加一;S11. If the account name and password match fail, add one to the historical data of the number of password input errors;
S12、判断加一后的所述历史数据是否大于预设错误阈值;S12. Determine whether the historical data after the addition is greater than a preset error threshold.
S13、若大于,则锁定所述账户名。S13. If it is greater, the account name is locked.
如上述总部后S11至S13所述,即为若当前次输入的账户名和密码不匹配,则增加一次密码输入错误的次数累计。As described in the above-mentioned headquarters, S11 to S13, if the account name and password input at the current time do not match, the number of times the password input error is added is accumulated.
在本实施例中,在上述计算所述第一时间与第二时间之间的时间间隔的步骤S3之后,包括:In this embodiment, after the step S3 of calculating the time interval between the first time and the second time, the method includes:
S301、若上述时间间隔小于等于预设的时间间隔阈值,且上述账户处于锁定状态的情况下,接收预设操作动作强制解除锁定状态。S301. If the time interval is less than or equal to a preset time interval threshold, and the account is in a locked state, receiving a preset operation action to force the unlock state.
如上述步骤S301所述,其具体的强制解除锁定状态的过程如下:接收预设的强制解除锁定状态的按钮被点击产生的指令,生成邮件输入框;判断输入框内输入的内容是否是预设的内容(该内容是用户在建立账户时输入的内容);若是,则将该内容发送给指定的邮箱(该邮箱同样是在建立账户时预设的邮箱);若未收到上述邮箱的反馈(包括反馈超时),则解除锁定状态失败;若接收到上述邮箱的反馈,则判断邮箱反馈的内容是否符合预设要求(同样是在建立账户设置的内容,该内容与输入上述输入框的内容一般不同),如果符合要求,则解除锁定状态,否则解除锁定状态失败。本步骤的好处是:如果当前操作者是其它人,那么他不会知道具体发送到那个邮箱,所以其不会登录对应的邮箱进行反馈,同时,即使知道是哪个邮箱,邮箱的密码也不一定知道,进一步提高账户的安全等。As described in the above step S301, the specific forced unlocking state is as follows: the button for receiving the preset forced unlocking state is clicked to generate an email input box; and determining whether the content input in the input box is a preset Content (the content is the content that the user enters when creating the account); if so, the content is sent to the specified mailbox (the mailbox is also the default mailbox when the account is created); if the email is not received, the feedback is not received. (including feedback timeout), the unlock state fails; if the feedback of the above mailbox is received, it is judged whether the content of the mailbox feedback meets the preset requirement (the same is the content of the account setting, the content and the input of the input box) Generally different), if it meets the requirements, the lock state is released, otherwise the unlock state fails. The advantage of this step is: if the current operator is someone else, then he will not know the specific email sent to that mailbox, so he will not log in to the corresponding mailbox for feedback, and even if he knows which mailbox, the password of the mailbox is not necessarily Know, further improve the security of your account.
进一步地,在上述“判断邮箱反馈的内容是否符合预设要求”的步骤之前,判断登录邮箱的设备是否与当前登录账户的设备相同,若相同,则解除锁定状态失败。也就是,如果要解除锁定状态至少要准备两台不同的设备,否则无法完成解除锁定状态,旨在增加解除锁定状态的难度。本实施例中,还可以判断登录邮件的设备与当前登录账户的设备是否属于同一局域网内,若在同一局域网内,也无法完成解除锁定状态。同样增加解除锁定状态的难度。Further, before the step of “determining whether the content fed back by the mailbox meets the preset requirement”, it is determined whether the device that logs in to the mailbox is the same as the device that is currently logged in, and if the same, the unlocking state fails. That is, if at least two different devices are to be unlocked, the unlock state cannot be completed, which is intended to increase the difficulty of unlocking. In this embodiment, it can be determined whether the device that logs in the mail and the device that is currently logged in to the account belong to the same local area network, and if the device is in the same local area network, the unlocked state cannot be completed. It also increases the difficulty of unlocking.
本实施例中,在判断输入框内输入的内容是否是预设的内容之前,还会判断登录账户的设备所处的地理位置;判断该地理位置是否为预设的指定地理位置;若是,则生成“判断输入框内输入的内容是否是预设的内容”的指令。上述判断位置的方法包括多种,若登录账户的设备时无线连接网络的设备,则可以通过GPS、wifi定位、基站三角定位等;若登录账户的设备是有限连接网关,则获取网关的位置即可。In this embodiment, before determining whether the content input in the input box is the preset content, the geographic location of the device that logs in to the account is also determined; determining whether the geographic location is a preset designated geographic location; if yes, An instruction to "determine whether the content input in the input box is a preset content" is generated. The method for determining the location includes multiple types. If the device that is connected to the account is wirelessly connected to the network, the device can be located through GPS, wifi positioning, base station triangulation, etc.; if the device that logs in to the account is a limited connection gateway, the location of the gateway is obtained. can.
本实施例中,上述账户安全管理方法,可以在系统的登录程序中编写对应上述方法的应用程序即可,无需在开发的时候引入第三方时间任务管理框架,降低了开放的工作量。判断是否解除账户名的锁定状态的时间是根据用户的登录时间进行的,解除锁定状态的时间分布较为分散,系统无需在后台一直进行时间任务管理工作,大大地减少系统资源的开销。In this embodiment, the account security management method described above may be used to write an application corresponding to the foregoing method in the login program of the system, and the third-party time task management framework is not required to be developed during development, thereby reducing the workload of opening. The time for judging whether to unlock the account name is based on the login time of the user, and the time distribution of the unlock state is relatively dispersed. The system does not need to perform time task management in the background, which greatly reduces the overhead of system resources.
参照图5,本申请还提供一种账户安全管理装置,包括:Referring to FIG. 5, the application further provides an account security management apparatus, including:
判断单元10,用于判断接收到的账户名和密码是否匹配。The determining unit 10 is configured to determine whether the received account name and password match.
记录获取单元20,用于若所述账户名和密码匹配成功,则记录当前登录的第一时间,以及获取所述账户名前一次登录的第二时间;The record obtaining unit 20 is configured to record the first time of the current login and the second time of the previous login of the account name if the account name and password are successfully matched;
计算单元30,用于计算所述第一时间与第二时间之间的时间间隔;The calculating unit 30 is configured to calculate a time interval between the first time and the second time;
登录单元40,用于若所述时间间隔大于预设的时间间隔阈值,则成功登录所述账户名对应的账户。The login unit 40 is configured to successfully log in to the account corresponding to the account name if the time interval is greater than a preset time interval threshold.
上述判断单元10中,账户名是指登录系统对应账户时需要输入的名称内容。上述密码用于验证账户名是否正确。在一个系统中,每一个账户一般设置有一个对应的密码。在一具体实施例中,一个账户可以对应设置多个密码,使用不同的密码登录该账户时,所得到的权限不同。本实施例中,上述系统接收到当前用户输入的账户名和密码后,判断账户名与密码是否匹配,如果匹配成功,则可以登录系统,如果匹配失败,则会发出错误提示等信息。In the above-mentioned judging unit 10, the account name refers to the name content that needs to be input when the system corresponding account is registered. The above password is used to verify that the account name is correct. In a system, each account is generally set with a corresponding password. In a specific embodiment, an account can be configured with multiple passwords correspondingly, and when the account is logged in with a different password, the obtained rights are different. In this embodiment, after receiving the account name and password input by the current user, the system determines whether the account name and the password match. If the matching is successful, the system can log in to the system. If the matching fails, an error message and the like are sent.
上述记录获取单元20中,上述第一时间是系统判定上述账户名和密码匹配后记录的时间,该时间可以为用户输入完账户名和密码后点击登录时的时间,也可以是系统判断完账户名和密码是否匹配后的时间,可以根据具体要求进行相应的设置即可。上述第二时间是系统前一次登录的时间,该前一次登录是指用户输入账户名和密码后点击登录的操作,点击登录后无论是否登录成功,均会记录一个时间,这个时间既可以认为是上述的第二时间。In the above record obtaining unit 20, the first time is a time when the system determines that the account name and the password are matched, and the time may be the time when the user inputs the account name and the password and clicks the login time, or the system determines the account name and password. If the time is matched, you can set it according to the specific requirements. The second time is the time when the system logs in the previous time. The previous login refers to the operation of clicking the login after the user inputs the account name and password. If the login is successful after clicking the login, a time will be recorded. This time can be considered as the above. The second time.
上述计算单元30中,若上述第二时间为空,则时间间隔为无穷大;上述第二时间为空,是指当前登录账户为第一次登录账户,即在本次之前并没有登录过上述账户,所以,第二时间是不存在的,因此可以认为第一时间和第二时间的时间间隔为无穷大。In the calculation unit 30, if the second time is empty, the time interval is infinity; if the second time is empty, the current login account is the first login account, that is, the account is not logged in before this time. Therefore, the second time does not exist, so the time interval between the first time and the second time can be considered to be infinite.
上述登录单元40中,只要上述时间间隔大于预设的时间间隔阈值,则会成功登录上述账户对应的系统。即,无论用户在登录账户之前,账户处于锁定状态还是非锁定状态,只要账户名和密码匹配,且上述时间间隔大于预设的时间间隔阈值,均会成功登录系统。在另一实施例中,如果时间间隔小于等于上述时间间隔阈值,若是账户名对应的账户处于锁定状态,则无法成功登录账户,如果账户名对应的账户未处于锁定状态,则不会影响用户正常的登录。In the above-mentioned login unit 40, if the time interval is greater than the preset time interval threshold, the system corresponding to the account is successfully registered. That is, regardless of whether the account is locked or unlocked before the user logs in, the system will successfully log in to the system as long as the account name and password match and the time interval is greater than the preset time interval threshold. In another embodiment, if the time interval is less than or equal to the time interval threshold, if the account corresponding to the account name is in the locked state, the account cannot be successfully logged in, and if the account corresponding to the account name is not locked, the normal user will not be affected. Login.
参照图6,本实施例中,上述账户安全管理装置还包括:Referring to FIG. 6, in the embodiment, the account security management apparatus further includes:
生成单元21,用于若所述第二时间为空,则生成强制修改密码指令。The generating unit 21 is configured to generate a forced modification password command if the second time is empty.
修改拍照单元22,用于接收修改后的密码,以及拍摄修改密码者的第一人脸照片;Modifying the photographing unit 22, for receiving the modified password, and photographing the first face photo of the person who modified the password;
关联存储单元23,用于将所述修改后的密码、以及所述第一人脸照片分别与所述账户名关联存储在数据库中。The association storage unit 23 is configured to store the modified password and the first face photo in the database in association with the account name.
在上述生成单元21中,如果第二时间为空,则说明账户名对应的账户可能是系统管理员分配的账户,其密码一般较为简单,或者不容易记忆,在后期使用时存在风险,如果密码较为简单,则容易被破解;如果密码不容易记忆,则容易忘记,需要麻烦管理员进行提醒等,所以生成强制修改密码指令,要求用户必须修改密码,而用户自己修改的密码,相对用户而言容易记忆,还可以设置难度较高的密码。生成强制修改密码指令,进行修改密码的具体过程为:在指定为存储位置查找前一次存储的第二时间时,查找结果为空,即没存储第一时间,此时会判定第二时间为空,然后页面会弹出修改密码的界面,该界面上有输入当前密码和修改后的密码等选项,而且必须将该页面填写正确后并保存之后,修改密码的界面才会关闭,否则无法关闭该修改密码的界面。在一具体实施例中,上述修后的密码不予许与修改前的密码一直,其具体的执行过程是,将修改后的密码与修改前的密码进行比对,如果两者相同,则发出提醒。本实施例中,修改完成密码后,会将修改后的密码、以及所述第一人脸照片分别与所述账户名关联存储在数据库中,即将修改的密码、第一人脸照片和账户名建立相互查找和调用的路径,通过其中的一个,可以找到两另外的两个,如输入账户名后,既可以根据账户名在数据库中产找到与其对应的密码和第一人脸照片,以便于对用户输入的密码以及用户的人脸照片进行相应的比对等。In the generating unit 21, if the second time is empty, it indicates that the account corresponding to the account name may be an account assigned by the system administrator, and the password is generally simple or not easy to remember, and there is a risk in the later use, if the password It is relatively simple, it is easy to be cracked; if the password is not easy to remember, it is easy to forget, it is necessary to trouble the administrator to remind, etc., so the mandatory change password command is generated, the user is required to modify the password, and the user's own modified password is relative to the user. Easy to remember, you can also set a password that is more difficult. The process of forcibly changing the password is generated. The specific process of modifying the password is as follows: when searching for the second time stored in the storage location, the search result is empty, that is, the first time is not stored, and the second time is determined to be empty. Then, the page will pop up a password change interface. The interface has the option of entering the current password and the modified password, and the interface must be filled in correctly and saved, the interface for changing the password will be closed, otherwise the modification cannot be closed. Password interface. In a specific embodiment, the repaired password is not allowed to be the same as the password before the modification, and the specific execution process is: comparing the modified password with the password before the modification, if the two are the same, then issuing remind. In this embodiment, after the password is modified, the modified password and the first face photo are respectively stored in the database in association with the account name, and the password, first face photo and account name to be modified are to be modified. Establish a path for mutual search and call. Through one of them, you can find two other two. For example, after entering the account name, you can find the corresponding password and first face photo in the database according to the account name, so that you can The password entered by the user and the user's face photo are compared accordingly.
在上述修改拍照单元22中,修改完成密码之后,还会拍摄修改密码者(即上述的用户)的第一人脸照片,第一人脸照片可以用于后期的二级验证或者权限管理等使用。In the above-mentioned modified photographing unit 22, after the completion password is modified, the first face photo of the person who modified the password (ie, the above-mentioned user) is also photographed, and the first face photo can be used for later secondary verification or authority management. .
在上述关联存储单元23中,将修改后的密码和第一人脸照片分别与账户名关联存储在数据库中,是为了后期根据账户名进行调用密码和第一人脸照片进行比对。In the association storage unit 23, the modified password and the first face photo are respectively stored in the database in association with the account name, so as to compare the calling password with the first face photo according to the account name.
参照图6,本实施例中,上述账户安全管理装置还包括:Referring to FIG. 6, in the embodiment, the account security management apparatus further includes:
拍摄单元41,用于拍摄当前登录者的第二人脸照片;The photographing unit 41 is configured to photograph a second face photo of the current registrant;
调取单元42,用于在所述数据库中调取与所述账户名对应的所述第一人脸照片;The retrieving unit 42 is configured to retrieve the first face photo corresponding to the account name in the database;
比较单元43,用于将所述第一人脸照片和第二人脸照片进行比较;The comparing unit 43 is configured to compare the first face photo with the second face photo;
权限管理单元44,用于若判定所述第一人脸照片和第二人脸照片为同一人的人脸照片,则开放当前登陆者的全部账户权限;若判定所述第一人脸照片和第二人脸照片为不同人的人脸照片,则根据预设规则关闭当前登陆者的部分账户权限。The authority management unit 44 is configured to: if it is determined that the first face photo and the second face photo are the same person's face photo, open all account rights of the current registrant; if the first face photo is determined If the second face photo is a face photo of a different person, the partial account right of the current registrant is closed according to a preset rule.
在上述拍摄单元41、调取单元42、比较单元43以及权限管理单元44中,如果第一人脸照片与第二人脸照片为同一人的人脸照片,说明是账户名对应的主人进行登录,其具有全部的权限。如果第一人脸照片与第二人脸照片不为同一人的人脸照片,则说明是非账户名对应的主人进行的登录,此时,存在两种可能,第一种是用户好友进行登录;第二种是账户被盗。无论是哪一种情况,此时设置了账户的权限,则可以保护账户的安全。在其它实施例中,受到权限限制时,当前操作者可以发送授权管理信息给用户,如果用户接收并回复授权的命令,则可以获取到更大的权限,该权限可以是全部权限,也可以根据用户回复不同的授权命令而给予对应的权限。上述将第一人脸照片和第二人脸照片进行比较的方法为:将第一人脸照片输入到预测人脸识模型中进行计算,得出第一人脸值;将第二人脸照片输入到上述的人脸识模型中进行计算,得出第二人脸值,如果第一人脸值与第二人脸值的差值在预设范围之内,则认为第一人脸照片和第二人脸照片是同一个人的人脸照片。In the above-mentioned imaging unit 41, the retrieval unit 42, the comparison unit 43, and the authority management unit 44, if the first face photo and the second face photo are the same person's face photo, it means that the owner corresponding to the account name logs in. , it has all the permissions. If the first face photo and the second face photo are not the same person's face photo, it means that the login is performed by the owner corresponding to the account name. At this time, there are two possibilities, and the first one is the user friend to log in; The second is the account is stolen. In either case, the account permissions are set at this time to protect the security of the account. In other embodiments, when restricted by the authority, the current operator may send the authorization management information to the user. If the user receives and responds to the authorized command, the user may obtain a larger authority, which may be all rights or may be The user replies to a different authorization command and gives the corresponding permission. The method for comparing the first face photo and the second face photo is: inputting the first face photo into the predicted face recognition model to calculate, and obtaining the first face value; and the second face photo Input into the above-mentioned face recognition model to calculate, and obtain the second face value. If the difference between the first face value and the second face value is within the preset range, the first face photo and The second face photo is a face photo of the same person.
参照图7,本实施例中,上述账户安全管理装置,还包括:Referring to FIG. 7, in the embodiment, the account security management apparatus further includes:
超声扫描单元421,用于向拍摄区域进行超声波扫描,并接收超声波的反射波;The ultrasonic scanning unit 421 is configured to perform ultrasonic scanning on the imaging area and receive a reflected wave of the ultrasonic wave;
轮廓判断单元422,用于根据反射波判断拍摄区域的物体的轮廓;a contour determining unit 422, configured to determine an outline of an object of the photographing area according to the reflected wave;
人脸判定单元423,用于若轮廓符合预设的标准,则判定当前拍摄的图片是真人图片,生成调用所述第一人脸照片的指令。The face determining unit 423 is configured to determine that the currently captured picture is a live picture and generate an instruction to invoke the first face photo if the outline conforms to a preset standard.
在上述超声扫描单元421、轮廓判断单元422和人脸判定单元423中,具体为,通过超声波发射装置向拍摄区域发射超声波,然后接收超声波的反射波,根据超声波的反射时间计算各反射点与发射点之间的距离,进而描绘出超声波发射区域中各物体的形状轮廓,比如,超声波的发射区域有一个篮球,那么超声波会被篮球反射,因为篮球是圆形的,所以篮球接收到超声波的时间因为距离的不同而不同,超声波接收装置接接收到的反射波的时间也各不相同,进而描绘出篮球的轮廓。本实施例中,如果当前拍摄的图片是一个海报等照片时,那么海报等照片必须较为平整的展开,此时其轮廓是一个平面,而如果是真人,其轮廓是一个3d轮廓。即,对拍摄物进行如B超一样的扫描,如果扫描的结果是一个与人头近似的3d轮廓,则认为拍摄的第二照片是一个真人照片,以防止他人利用照片欺骗系统而获取到上述账户的全部权限,提高账户的安全。In the above-described ultrasonic scanning unit 421, contour determining unit 422, and face determining unit 423, specifically, ultrasonic waves are transmitted to the imaging region by the ultrasonic transmitting device, and then reflected waves of the ultrasonic waves are received, and each reflection point and emission are calculated according to the reflection time of the ultrasonic waves. The distance between the points, in turn, depicts the shape and contour of each object in the ultrasonic emission area. For example, if there is a basketball in the emission area of the ultrasonic wave, the ultrasound will be reflected by the basketball. Because the basketball is round, the time when the basketball receives the ultrasonic wave Because of the difference in distance, the ultrasonic receiving device receives the reflected waves for different times, and thus depicts the outline of the basketball. In this embodiment, if the currently photographed picture is a photo such as a poster, then the photo such as the poster must be flattened, and the outline is a plane, and if it is a real person, the outline is a 3d outline. That is, the subject is scanned like a B-mode ultrasound. If the result of the scan is a 3d outline similar to the human head, the second photo taken is considered to be a live-action photo to prevent others from using the photo fraud system to obtain the above account. All the permissions to improve the security of the account.
参照图8,在一实施例中,上述账户安全管理装置,还包括:Referring to FIG. 8, in an embodiment, the account security management apparatus further includes:
清空单元31,用于清空密码输入错误次数的历史数据。The clearing unit 31 is configured to clear historical data of the number of times the password is input incorrectly.
在上述清空单元31中,无论当前账号是否处于锁定状态,自动将账号设置到未锁定状态,同时清空之前密码输入的错误次数,此时如果密码正确,则可以登录成功;此时如果密码错误,则重新开始记录登录错误次数。In the above clearing unit 31, regardless of whether the current account is in the locked state, the account is automatically set to the unlocked state, and the number of errors of the previous password input is cleared at the same time. If the password is correct, the login can be successful; if the password is incorrect, Then restart the recording of the number of login errors.
在一实施例中,上述账户安全管理装置,还包括:In an embodiment, the account security management device further includes:
增加单元11,用于若所述账户名和密码匹配失败,则在密码输入错误次数的历史数据上加一;The adding unit 11 is configured to: if the account name and the password match fail, add one to the historical data of the number of password input errors;
阈值判断单元12,用于判断加一后的所述历史数据是否大于预设错误阈值;The threshold determining unit 12 is configured to determine whether the historical data after the addition is greater than a preset error threshold;
锁定单元13,用于若所述历史数据大于预设错误阈值,则锁定所述账户名。The locking unit 13 is configured to lock the account name if the historical data is greater than a preset error threshold.
在一实施例中,上述账户安全管理装置,还包括:In an embodiment, the account security management device further includes:
解除锁定单元301,用于若上述时间间隔小于等于预设的时间间隔阈值,且上述账户处于锁定状态的情况下,接收预设操作动作强制解除锁定状态。The unlocking unit 301 is configured to receive a preset operation action forcibly releasing the locked state if the time interval is less than or equal to a preset time interval threshold and the account is in a locked state.
在上述解除锁定单元301中,其具体的强制解除锁定状态的过程如下:接收预设的强制解除锁定状态的按钮被点击产生的指令,生成邮件输入框;判断输入框内输入的内容是否是预设的内容(该内容是用户在建立账户时输入的内容);若是,则将该内容发送给指定的邮箱(该邮箱同样是在建立账户时预设的邮箱);若未收到上述邮箱的反馈(包括反馈超时),则解除锁定状态失败;若接收到上述邮箱的反馈,则判断邮箱反馈的内容是否符合预设要求(同样是在建立账户设置的内容,该内容与输入上述输入框的内容一般不同),如果符合要求,则解除锁定状态,否则解除锁定状态失败。本步骤的好处是:如果当前操作者是其它人,那么他不会知道具体发送到那个邮箱,所以其不会登录对应的邮箱进行反馈,同时,即使知道是哪个邮箱,邮箱的密码也不一定知道,进一步提高账户的安全等。进一步地,在上述“判断邮箱反馈的内容是否符合预设要求”的步骤之前,判断登录邮箱的设备是否与当前登录账户的设备相同,若相同,则解除锁定状态失败。也就是,如果要解除锁定状态至少要准备两台不同的设备,否则无法完成解除锁定状态,旨在增加解除锁定状态的难度。本实施例中,还可以判断登录邮件的设备与当前登录账户的设备是否属于同一局域网内,若在同一局域网内,也无法完成解除锁定状态。同样增加解除锁定状态的难度。In the above-mentioned unlocking unit 301, the specific forced unlocking state is as follows: the button for receiving the preset forced unlocking state is clicked to generate an email input box; and determining whether the content input in the input box is pre- The content (the content is the content entered by the user when the account is created); if yes, the content is sent to the specified mailbox (the mailbox is also the default mailbox when the account is established); if the mailbox is not received Feedback (including feedback timeout), the unlock state fails; if the feedback of the above mailbox is received, it is judged whether the content of the mailbox feedback meets the preset requirement (the same is the content of the account setting, the content and the input of the input box The content is generally different. If the requirements are met, the lock status is released, otherwise the unlock status fails. The advantage of this step is: if the current operator is someone else, then he will not know the specific email sent to that mailbox, so he will not log in to the corresponding mailbox for feedback, and even if he knows which mailbox, the password of the mailbox is not necessarily Know, further improve the security of your account. Further, before the step of “determining whether the content fed back by the mailbox meets the preset requirement”, it is determined whether the device that logs in to the mailbox is the same as the device that is currently logged in, and if the same, the unlocking state fails. That is, if at least two different devices are to be unlocked, the unlock state cannot be completed, which is intended to increase the difficulty of unlocking. In this embodiment, it can be determined whether the device that logs in the mail and the device that is currently logged in to the account belong to the same local area network, and if the device is in the same local area network, the unlocked state cannot be completed. It also increases the difficulty of unlocking.
本申请实施例中的账户安全管理装置,可以在系统的登录程序中编写对应上述方法的应用程序即可,无需在开发的时候引入第三方时间任务管理框架,降低了开放的工作量。判断是否解除账户名的锁定状态的时间是根据用户的登录时间进行的,解除锁定状态的时间分布较为分散,系统无需在后台一直进行时间任务管理工作,大大地减少系统资源的开销。The account security management device in the embodiment of the present application can write an application corresponding to the foregoing method in the login program of the system, and does not need to introduce a third-party time task management framework during development, thereby reducing the open workload. The time for judging whether to unlock the account name is based on the login time of the user, and the time distribution of the unlock state is relatively dispersed. The system does not need to perform time task management in the background, which greatly reduces the overhead of system resources.
参照图9,本申请实施例中还提供一种计算机设备,该计算机设备可以是服务器,其内部结构可以如图9所示。该计算机设备包括通过系统总线连接的处理器、存储器、网络接口和数据库。其中,该计算机设计的处理器用于提供计算和控制能力。该计算机设备的存储器包括非易失性存储介质、内存储器。该非易失性存储介质存储有操作系统、计算机可读指令和数据库。该内存器为非易失性存储介质中的操作系统和计算机可读指令的运行提供环境。该计算机设备的数据库用于账户安全管理的人脸照片、密码等数据。该计算机设备的网络接口用于与外部的终端通过网络连接通信。该计算机可读指令被处理器执行时以实现一种账户安全管理方法。Referring to FIG. 9, a computer device is also provided in the embodiment of the present application. The computer device may be a server, and its internal structure may be as shown in FIG. 9. The computer device includes a processor, memory, network interface, and database connected by a system bus. Among them, the computer designed processor is used to provide calculation and control capabilities. The memory of the computer device includes a non-volatile storage medium, an internal memory. The non-volatile storage medium stores an operating system, computer readable instructions, and a database. The memory provides an environment for the operation of operating systems and computer readable instructions in a non-volatile storage medium. The database of the computer device is used for data such as face photos, passwords, etc. for account security management. The network interface of the computer device is used to communicate with an external terminal via a network connection. The computer readable instructions are executed by the processor to implement an account security management method.
上述处理器执行上述账户安全管理方法的步骤包括:判断接收到的账户名和密码是否匹配;若所述账户名和密码匹配成功,则记录当前登录的第一时间,以及获取所述账户名前一次登录的第二时间;计算所述第一时间与第二时间之间的时间间隔;其中,若所述第二时间为空,则所述时间间隔为无穷大;若所述时间间隔大于预设的时间间隔阈值,则成功登录所述账户名对应的账户。The step of executing the foregoing account security management method by the processor includes: determining whether the received account name and password match; if the account name and password are successfully matched, recording the first time of the current login, and acquiring the account name and logging in the previous time. a second time; calculating a time interval between the first time and the second time; wherein, if the second time is empty, the time interval is infinity; if the time interval is greater than a preset time interval If the threshold is reached, the account corresponding to the account name is successfully logged.
在一实施例中,上述若所述账户名和密码匹配成功,则记录当前登录的第一时间,以及获取所述账户名前一次登录的第二时间的步骤之后,包括:若所述第二时间为空,则处理器生成强制修改密码指令。In an embodiment, if the account name and password are successfully matched, the first time of the current login is recorded, and the step of obtaining the second time of the previous login of the account name includes: if the second time is Empty, the processor generates a mandatory change password command.
在一实施例中,上述处理器生成强制修改密码指令的步骤之后,包括:接收修改后的密码,以及拍摄修改密码者的第一人脸照片;将所述修改后的密码、以及所述第一人脸照片分别与所述账户名关联存储在数据库中。In an embodiment, after the step of generating, by the processor, the forced password modification command, the method includes: receiving the modified password, and capturing a first face photo of the person who modified the password; and the modified password, and the A face photo is stored in the database in association with the account name.
在一实施例中,上述处理器成功登录所述账户名对应的账户的步骤之后,包括:拍摄当前登录者的第二人脸照片;在所述数据库中调取与所述账户名对应的所述第一人脸照片;将所述第一人脸照片和第二人脸照片进行比较;若判定所述第一人脸照片和第二人脸照片为同一人的人脸照片,则开放当前登陆者的全部账户权限;若判定所述第一人脸照片和第二人脸照片为不同人的人脸照片,则根据预设规则关闭当前登陆者的部分账户权限。In an embodiment, after the step of successfully logging in the account corresponding to the account name, the method includes: capturing a second face photo of the current registrant; and extracting, in the database, a location corresponding to the account name a first face photo; comparing the first face photo with the second face photo; if it is determined that the first face photo and the second face photo are the same person's face photo, open the current All account rights of the registrant; if it is determined that the first face photo and the second face photo are face photos of different people, part of the current registrant's account rights are closed according to a preset rule.
在一实施例中,上述处理器在所述数据库中调取与所述账户名对应的所述第一人脸照片的步骤之前,包括:向拍摄区域进行超声波扫描,并接收超声波的反射波;根据反射波判断拍摄区域的物体的轮廓;若轮廓符合预设的标准,则判定当前拍摄的图片是真人图片,生成调用所述第一人脸照片的指令。In an embodiment, before the step of the processor capturing the first face photo corresponding to the account name in the database, the method includes: performing ultrasonic scanning on the shooting area, and receiving a reflected wave of the ultrasonic wave; The contour of the object in the shooting area is determined according to the reflected wave; if the contour conforms to the preset standard, it is determined that the currently captured picture is a real person picture, and an instruction to invoke the first face photo is generated.
在一实施例中,上述处理器计算所述第一时间与第二时间之间的时间间隔的步骤之后,包括:清空密码输入错误次数的历史数据。In an embodiment, after the step of calculating, by the processor, the time interval between the first time and the second time, the method includes: clearing historical data of the number of times the password is input incorrectly.
在一实施例中,上述处理器判断接收到的账户名和密码是否匹配的步骤之后,包括:若所述账户名和密码匹配失败,则在密码输入错误次数的历史数据上加一;判断加一后的所述历史数据是否大于预设错误阈值;若大于,则锁定所述账户名。In an embodiment, after the step of determining, by the processor, whether the received account name and password match, the method includes: if the account name and the password match fail, adding one to the historical data of the password input error number; Whether the historical data is greater than a preset error threshold; if greater, the account name is locked.
本领域技术人员可以理解,图9中示出的结构,仅仅是与本申请方案相关的部分结构的框图,并不构成对本申请方案所应用于其上的计算机设备的限定。It will be understood by those skilled in the art that the structure shown in FIG. 9 is only a block diagram of a part of the structure related to the solution of the present application, and does not constitute a limitation of the computer device to which the present application is applied.
本申请实施例还提供一种计算机非易失性可读存储介质,其上存储有计算机可读指令,计算机可读指令被处理器执行时实现如上述各方法的实施例的流程。The embodiment of the present application further provides a computer non-volatile readable storage medium having computer readable instructions stored thereon, and when the computer readable instructions are executed by the processor, implement the flow of the embodiments of the foregoing methods.
以上所述仅为本申请的优选实施例,并非因此限制本申请的专利范围,凡是利用本申请说明书及附图内容所作的等效结构或等效流程变换,或直接或间接运用在其他相关的技术领域,均同理包括在本申请的专利保护范围内。The above description is only the preferred embodiment of the present application, and is not intended to limit the scope of the patent application, and the equivalent structure or equivalent process transformations made by the specification and the drawings of the present application, or directly or indirectly applied to other related The technical field is equally included in the scope of patent protection of the present application.

Claims (20)

  1. 一种账户安全管理方法,其特征在于,包括:An account security management method, characterized in that it comprises:
    判断接收到的账户名和密码是否匹配;Determine whether the received account name and password match;
    若所述账户名和密码匹配成功,则记录当前登录的第一时间,以及获取所述账户名前一次登录的第二时间;If the account name and the password match successfully, record the first time of the current login, and obtain the second time of the previous login of the account name;
    计算所述第一时间与第二时间之间的时间间隔;Calculating a time interval between the first time and the second time;
    若所述时间间隔大于预设的时间间隔阈值,则成功登录所述账户名对应的账户。If the time interval is greater than the preset time interval threshold, the account corresponding to the account name is successfully logged.
  2. 根据权利要求1所述的账户安全管理方法,其特征在于,所述若所述账户名和密码匹配成功,则记录当前登录的第一时间,以及获取所述账户名前一次登录的第二时间的步骤之后,包括:The account security management method according to claim 1, wherein if the account name and password are successfully matched, the first time of the current login is recorded, and the step of obtaining the second time of the previous login of the account name is performed. After that, include:
    若所述第二时间为空,则生成强制修改密码指令。If the second time is empty, a forced modification password command is generated.
  3. 根据权利要求2所述的账户安全管理方法,其特征在于,所述生成强制修改密码指令的步骤之后,包括:The account security management method according to claim 2, wherein the step of generating a mandatory password modification command comprises:
    接收修改后的密码,以及拍摄修改密码者的第一人脸照片;Receiving the modified password and taking the first face photo of the person who changed the password;
    将所述修改后的密码、以及所述第一人脸照片分别与所述账户名关联存储在数据库中。And storing the modified password and the first face photo in the database in association with the account name.
  4. 根据权利要求3所述的账户安全管理方法,其特征在于,所述成功登录所述账户名对应的账户的步骤之后,包括:The account security management method according to claim 3, wherein the step of successfully logging in to the account corresponding to the account name comprises:
    拍摄当前登录者的第二人脸照片;Shooting the second face photo of the current registrant;
    在所述数据库中调取与所述账户名对应的所述第一人脸照片;Retrieving the first face photo corresponding to the account name in the database;
    将所述第一人脸照片和第二人脸照片进行比较;Comparing the first face photo with the second face photo;
    若判定所述第一人脸照片和第二人脸照片为同一人的人脸照片,则开放当前登陆者的全部账户权限;若判定所述第一人脸照片和第二人脸照片为不同人的人脸照片,则根据预设规则关闭当前登陆者的部分账户权限。If it is determined that the first face photo and the second face photo are face photos of the same person, all account rights of the current registrant are opened; if the first face photo and the second face photo are determined to be different The person's face photo, according to the preset rules, closes some of the current registrant's account rights.
  5. 根据权利要求4所述的账户安全管理方法,其特征在于,所述在所述数据库中调取与所述账户名对应的所述第一人脸照片的步骤之前,包括:The account security management method according to claim 4, wherein the step of retrieving the first face photo corresponding to the account name in the database comprises:
    向拍摄区域进行超声波扫描,并接收超声波的反射波;Ultrasonic scanning to the shooting area and receiving reflected waves of ultrasonic waves;
    根据反射波判断拍摄区域的物体的轮廓;Determining the contour of the object in the shooting area based on the reflected wave;
    若轮廓符合预设的标准,则判定当前拍摄的图片是真人图片,生成调用所述第一人脸照片的指令。If the contour meets the preset criteria, it is determined that the currently photographed picture is a real person image, and an instruction to invoke the first human face photo is generated.
  6. 根据权利要求1所述的账户安全管理方法,其特征在于,所述计算所述第一时间与第二时间之间的时间间隔的步骤之后,包括:The account security management method according to claim 1, wherein the step of calculating the time interval between the first time and the second time comprises:
    若所述时间间隔大于预设的时间间隔阈值,则清空密码输入错误次数的历史数据。If the time interval is greater than a preset time interval threshold, the historical data of the number of error input passwords is cleared.
  7. 根据权利要求1所述的账户安全管理方法,其特征在于,所述判断接收到的账户名和密码是否匹配的步骤之后,包括:The account security management method according to claim 1, wherein the step of determining whether the received account name and password match comprises:
    若所述账户名和密码匹配失败,则在密码输入错误次数的历史数据上加一;If the account name and password match fail, add one to the historical data of the number of password input errors;
    判断加一后的所述历史数据是否大于预设错误阈值;Determining whether the historical data after the addition is greater than a preset error threshold;
    若大于,则锁定所述账户名。If it is greater, the account name is locked.
  8. 一种账户安全管理装置,其特征在于,包括:An account security management device, comprising:
    判断单元,用于判断接收到的账户名和密码是否匹配;a determining unit, configured to determine whether the received account name and password match;
    记录获取单元,用于若所述账户名和密码匹配成功,则记录当前登录的第一时间,以及获取所述账户名前一次登录的第二时间;a record obtaining unit, configured to record a first time of the current login, and a second time of obtaining the previous login of the account name, if the account name and password are successfully matched;
    计算单元,用于计算所述第一时间与第二时间之间的时间间隔;a calculating unit, configured to calculate a time interval between the first time and the second time;
    登录单元,用于若所述时间间隔大于预设的时间间隔阈值,则成功登录所述账户名对应的账户。The login unit is configured to successfully log in to the account corresponding to the account name if the time interval is greater than a preset time interval threshold.
  9. 根据权利要求8所述的账户安全管理装置,其特征在于,所述账户安全管理装置还包括:The account security management device according to claim 8, wherein the account security management device further comprises:
    生成单元,用于若所述第二时间为空,则生成强制修改密码指令。And a generating unit, configured to generate a mandatory modification password command if the second time is empty.
  10. 根据权利要求9所述的账户安全管理装置,其特征在于,所述账户安全管理装置还包括:The account security management device according to claim 9, wherein the account security management device further comprises:
    修改拍照单元,用于接收修改后的密码,以及拍摄修改密码者的第一人脸照片;Modifying the photographing unit for receiving the modified password, and photographing the first face photo of the person who changed the password;
    关联存储单元,用于将所述修改后的密码、以及所述第一人脸照片分别与所述账户名关联存储在数据库中。And an associated storage unit, configured to store the modified password and the first face photo in the database in association with the account name.
  11. 根据权利要求10所述的账户安全管理装置,其特征在于,所述账户安全管理装置还包括:The account security management device according to claim 10, wherein the account security management device further comprises:
    拍摄单元,用于拍摄当前登录者的第二人脸照片;a photographing unit, configured to photograph a second face of the current registrant;
    调取单元,用于在所述数据库中调取与所述账户名对应的所述第一人脸照片;a retrieving unit, configured to retrieve, in the database, the first face photo corresponding to the account name;
    比较单元,用于将所述第一人脸照片和第二人脸照片进行比较;a comparing unit, configured to compare the first face photo with the second face photo;
    权限管理单元,用于若判定所述第一人脸照片和第二人脸照片为同一人的人脸照片,则开放当前登陆者的全部账户权限;若判定所述第一人脸照片和第二人脸照片为不同人的人脸照片,则根据预设规则关闭当前登陆者的部分账户权限。a rights management unit, configured to: if it is determined that the first face photo and the second face photo are face photos of the same person, open all account rights of the current registrant; if the first face photo and the first face are determined If the two-face photo is a face photo of a different person, the partial account authority of the current registrant is closed according to a preset rule.
  12. 根据权利要求11所述的账户安全管理装置,其特征在于,所述账户安全管理装置还包括:The account security management device according to claim 11, wherein the account security management device further comprises:
    超声扫描单元,用于向拍摄区域进行超声波扫描,并接收超声波的反射波;An ultrasonic scanning unit for performing ultrasonic scanning on the shooting area and receiving reflected waves of the ultrasonic waves;
    轮廓判断单元,用于根据反射波判断拍摄区域的物体的轮廓;a contour determining unit configured to determine an outline of an object of the photographing area according to the reflected wave;
    人脸判定单元,用于若轮廓符合预设的标准,则判定当前拍摄的图片是真人图片,生成调用所述第一人脸照片的指令。The face determination unit is configured to determine that the currently captured picture is a live picture and generate an instruction to invoke the first face photo if the outline conforms to a preset standard.
  13. 根据权利要求8所述的账户安全管理装置,其特征在于,所述账户安全管理装置还包括:The account security management device according to claim 8, wherein the account security management device further comprises:
    清空单元,用于若所述时间间隔大于预设的时间间隔阈值,则清空密码输入错误次数的历史数据。The clearing unit is configured to clear historical data of the number of incorrect password input times if the time interval is greater than a preset time interval threshold.
  14. 根据权利要求8所述的账户安全管理装置,其特征在于,所述账户安全管理装置还包括:The account security management device according to claim 8, wherein the account security management device further comprises:
    增加单元,用于若所述账户名和密码匹配失败,则在密码输入错误次数的历史数据上加一;Adding a unit, if the account name and password fail to match, adding one to the historical data of the number of password input errors;
    阈值判断单元,用于判断加一后的所述历史数据是否大于预设错误阈值;a threshold value determining unit, configured to determine whether the historical data after the addition is greater than a preset error threshold;
    锁定单元,用于若所述历史数据大于预设错误阈值,则锁定所述账户名。And a locking unit, configured to: if the historical data is greater than a preset error threshold, lock the account name.
  15. 一种计算机设备,包括存储器和处理器,所述存储器存储有计算机可读指令,其特征在于,所述处理器执行所述计算机可读指令时实现账户安全管理方法,该账户安全管理方法包括:A computer device comprising a memory and a processor, the memory storing computer readable instructions, wherein the processor implements an account security management method when the computer readable instructions are executed, the account security management method comprising:
    判断接收到的账户名和密码是否匹配;Determine whether the received account name and password match;
    若所述账户名和密码匹配成功,则记录当前登录的第一时间,以及获取所述账户名前一次登录的第二时间;If the account name and the password match successfully, record the first time of the current login, and obtain the second time of the previous login of the account name;
    计算所述第一时间与第二时间之间的时间间隔;Calculating a time interval between the first time and the second time;
    若所述时间间隔大于预设的时间间隔阈值,则成功登录所述账户名对应的账户。If the time interval is greater than the preset time interval threshold, the account corresponding to the account name is successfully logged.
  16. 根据权利要求15所述的计算机设备,其特征在于,所述若所述账户名和密码匹配成功,则记录当前登录的第一时间,以及获取所述账户名前一次登录的第二时间的步骤之后,包括:The computer device according to claim 15, wherein if the account name and the password match successfully, the first time of the current login is recorded, and after the step of obtaining the second time of the previous login of the account name, include:
    若所述第二时间为空,则生成强制修改密码指令。If the second time is empty, a forced modification password command is generated.
  17. 根据权利要求16所述的计算机设备,其特征在于,所述生成强制修改密码指令的步骤之后,包括:The computer device according to claim 16, wherein the step of generating a mandatory password modification command comprises:
    接收修改后的密码,以及拍摄修改密码者的第一人脸照片;Receiving the modified password and taking the first face photo of the person who changed the password;
    将所述修改后的密码、以及所述第一人脸照片分别与所述账户名关联存储在数据库中。And storing the modified password and the first face photo in the database in association with the account name.
  18. 根据权利要求17所述的计算机设备,其特征在于,所述成功登录所述账户名对应的账户的步骤之后,包括:The computer device according to claim 17, wherein the step of successfully logging in to the account corresponding to the account name comprises:
    拍摄当前登录者的第二人脸照片;Shooting the second face photo of the current registrant;
    在所述数据库中调取与所述账户名对应的所述第一人脸照片;Retrieving the first face photo corresponding to the account name in the database;
    将所述第一人脸照片和第二人脸照片进行比较;Comparing the first face photo with the second face photo;
    若判定所述第一人脸照片和第二人脸照片为同一人的人脸照片,则开放当前登陆者的全部账户权限;若判定所述第一人脸照片和第二人脸照片为不同人的人脸照片,则根据预设规则关闭当前登陆者的部分账户权限。If it is determined that the first face photo and the second face photo are face photos of the same person, all account rights of the current registrant are opened; if the first face photo and the second face photo are determined to be different The person's face photo, according to the preset rules, closes some of the current registrant's account rights.
  19. 一种计算机非易失性可读存储介质,其上存储有计算机可读指令,其特征在于,所述计算机可读指令被处理器执行时实现账户安全管理方法,该账户安全管理方法包括:A computer non-readable readable storage medium having stored thereon computer readable instructions, wherein the computer readable instructions are executed by a processor to implement an account security management method, the account security management method comprising:
    判断接收到的账户名和密码是否匹配;Determine whether the received account name and password match;
    若所述账户名和密码匹配成功,则记录当前登录的第一时间,以及获取所述账户名前一次登录的第二时间;If the account name and the password match successfully, record the first time of the current login, and obtain the second time of the previous login of the account name;
    计算所述第一时间与第二时间之间的时间间隔;Calculating a time interval between the first time and the second time;
    若所述时间间隔大于预设的时间间隔阈值,则成功登录所述账户名对应的账户。If the time interval is greater than the preset time interval threshold, the account corresponding to the account name is successfully logged.
  20. 根据权利要求19所述的计算机非易失性可读存储介质,其特征在于,所述若所述账户名和密码匹配成功,则记录当前登录的第一时间,以及获取所述账户名前一次登录的第二时间的步骤之后,包括:The computer non-volatile readable storage medium according to claim 19, wherein if the account name and password match successfully, the first time of the current login is recorded, and the previous login is obtained by acquiring the account name. After the second time step, include:
    若所述第二时间为空,则生成强制修改密码指令。If the second time is empty, a forced modification password command is generated.
PCT/CN2018/095320 2018-03-22 2018-07-11 Account security management method and apparatus, computer device, and storage medium WO2019178984A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201810241884.8 2018-03-22
CN201810241884.8A CN108427879A (en) 2018-03-22 2018-03-22 Account safety management method, device, computer equipment and storage medium

Publications (1)

Publication Number Publication Date
WO2019178984A1 true WO2019178984A1 (en) 2019-09-26

Family

ID=63159454

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2018/095320 WO2019178984A1 (en) 2018-03-22 2018-07-11 Account security management method and apparatus, computer device, and storage medium

Country Status (2)

Country Link
CN (1) CN108427879A (en)
WO (1) WO2019178984A1 (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110661973B (en) * 2019-09-29 2022-04-22 联想(北京)有限公司 Control method and electronic equipment
CN110955884B (en) * 2019-12-04 2022-02-08 中国银行股份有限公司 Method and device for determining upper limit times of password trial and error
CN111327588A (en) * 2020-01-16 2020-06-23 深圳开源互联网安全技术有限公司 Network access security detection method, system, terminal and readable storage medium

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102281309A (en) * 2010-06-11 2011-12-14 腾讯科技(深圳)有限公司 Network information issuing method, network information issuing system and client
CN104158790A (en) * 2013-05-14 2014-11-19 腾讯科技(深圳)有限公司 User login method, device and equipment
CN104753944A (en) * 2015-03-31 2015-07-01 北京畅游天下网络技术有限公司 Account security verifying method and system
CN105512531A (en) * 2015-11-26 2016-04-20 北京像素软件科技股份有限公司 Method and device for controlling game validation
CN105991281A (en) * 2015-02-04 2016-10-05 中国移动通信集团公司 Identity authentication method, equipment and system
US20160315942A1 (en) * 2015-04-21 2016-10-27 Fu Tai Hua Industry (Shenzhen) Co., Ltd. Electronic device with addiction-prevention function and method thereof
CN107784225A (en) * 2016-12-28 2018-03-09 平安科技(深圳)有限公司 Finance account method for managing security and device

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101396277A (en) * 2007-09-26 2009-04-01 中国科学院声学研究所 Ultrasonics face recognition method and device
CN102110200A (en) * 2009-12-25 2011-06-29 凹凸电子(武汉)有限公司 Authentication method capable of being executed by computer
CN106254299A (en) * 2015-06-03 2016-12-21 阿里巴巴集团控股有限公司 Multiple expression coupling account authentication method, password amendment authentication method and device thereof
CN105959277A (en) * 2016-04-27 2016-09-21 四川效率源信息安全技术股份有限公司 Method of locking/unlocking computer screen based on NFC terminal
CN106557678B (en) * 2016-11-09 2019-07-26 珠海格力电器股份有限公司 A kind of intelligent terminal mode switching method and its device
CN107229868A (en) * 2017-05-27 2017-10-03 郑州云海信息技术有限公司 A kind of information security management and control method and system based on storage management system

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102281309A (en) * 2010-06-11 2011-12-14 腾讯科技(深圳)有限公司 Network information issuing method, network information issuing system and client
CN104158790A (en) * 2013-05-14 2014-11-19 腾讯科技(深圳)有限公司 User login method, device and equipment
CN105991281A (en) * 2015-02-04 2016-10-05 中国移动通信集团公司 Identity authentication method, equipment and system
CN104753944A (en) * 2015-03-31 2015-07-01 北京畅游天下网络技术有限公司 Account security verifying method and system
US20160315942A1 (en) * 2015-04-21 2016-10-27 Fu Tai Hua Industry (Shenzhen) Co., Ltd. Electronic device with addiction-prevention function and method thereof
CN105512531A (en) * 2015-11-26 2016-04-20 北京像素软件科技股份有限公司 Method and device for controlling game validation
CN107784225A (en) * 2016-12-28 2018-03-09 平安科技(深圳)有限公司 Finance account method for managing security and device

Also Published As

Publication number Publication date
CN108427879A (en) 2018-08-21

Similar Documents

Publication Publication Date Title
US11227457B2 (en) Blockchain managed storage
US11572713B1 (en) Smart lock box
US9426151B2 (en) Determining identity of individuals using authenticators
US10275725B2 (en) Mobile check-in with push notification services
US9740846B2 (en) Controlling user access to electronic resources without password
JP6123653B2 (en) Information processing apparatus, information processing method, and program
WO2019178984A1 (en) Account security management method and apparatus, computer device, and storage medium
CN105187372A (en) Method for data processing based on mobile application entrance, device and system
US11531776B2 (en) Image and message management and archiving for events
CN105872104A (en) Method and system for managing intelligent entrance guard by combining mobile terminal
US11924204B1 (en) Two-way authentication system and method
WO2018006318A1 (en) Method and system for using intelligent entrance guard on basis of mobile terminal
WO2016206090A1 (en) Two-factor authentication method, device and apparatus
WO2018006349A1 (en) Method and system for verifying user entry based on picture password
WO2018006326A1 (en) Method and system for verification based on intelligent entrance guard by means of mobile terminal and picture password
JP2007332650A (en) Security object control server
CN109933974A (en) Cryptographic initialization method, apparatus, computer equipment and storage medium
WO2018006344A1 (en) Ultrasound-based operation method and system for intelligent access control
JP2017152013A (en) Information processing device, information processing method, and program
JP2021119498A (en) Authentication device, authentication method, and program
US12008128B2 (en) Image and message management and archiving for events
WO2018006338A1 (en) Optical communications-based operation method and system for intelligent access control
EP4254232A1 (en) Information access handover
JP2024010673A (en) Information processing device, authentication system, and operation cooperation system
TWI406190B (en) Access control system and computer system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18910721

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 23.12.2020)

122 Ep: pct application non-entry in european phase

Ref document number: 18910721

Country of ref document: EP

Kind code of ref document: A1