CN101374149A - Method and system for preventing cipher from being stolen - Google Patents
Method and system for preventing cipher from being stolen Download PDFInfo
- Publication number
- CN101374149A CN101374149A CNA2008102225470A CN200810222547A CN101374149A CN 101374149 A CN101374149 A CN 101374149A CN A2008102225470 A CNA2008102225470 A CN A2008102225470A CN 200810222547 A CN200810222547 A CN 200810222547A CN 101374149 A CN101374149 A CN 101374149A
- Authority
- CN
- China
- Prior art keywords
- character
- correspondence table
- code characters
- password
- indication information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a method for preventing a password from being stolen, which comprises the following steps: when a user is needed to input a password, automatically generating and storing a random character correspondent list; sending the character correspondent list to a user device to display the character correspondent list on the user device, and prompting a user to input a replacement character string corresponding to a password character string according to the character correspondent list; and when the replace character string input by the user is transmitted to a system side, restoring the password character string by adopting the stored character correspondent list, and performing subsequent verification operation. A system for realizing the method comprises a device used for automatically generating and storing the character correspondent list, a device for sending the character correspondent list via the internet, a device used for restoring the replacement character string input by the user to the password character string by adopting the stored character correspondent list, and a device used for performing subsequent verification operation. The method can effectively prevent passwords from being stolen through Trojan house viruses. Meanwhile, the method is simple and feasible to modify the system as small as possible.
Description
Technical field
The present invention relates to a kind of information security technology, particularly a kind of method and system that can prevent stealing passwords belong to field of information security technology.
Background technology
Password is the important tool of authentication, needs the occasion of authentication in bank, securities broker company, communication, the Internet shopping etc., and password is indispensable authentication key element.For example: when the depositor when bank extracts cash, password need be inputed toward contact in the bank aspect except the needs depositor provides bankbook, bank card and identity document, with checking depositor's identity.After checking is errorless, deposit can be paid the depositor.At present, utilize Internet technology to provide the service of Web bank, shopping online more and more for the user.For the safety that guarantees to conclude the business, the user that service providers is bound to require inputs its password, and this password can be via the computer system of internet transmission to the ISP, and after being verified there, the user will obtain the service that he needs.
But, also there are various viruses on the Internet now in a large number, especially a class is known as the virus of " wooden horse ", and the safety of online transaction has been produced huge threat." wooden horse " virus itself is a kind of remote control software that has malice character, is a kind of virus that is used for stealing subscriber data specially.During its outbreak, can in user's machine the back door be set, collect the account number and the password of important information and password, particularly network, the privacy information that periodically sends this user again is in the address or E-mail address of trojan horse program appointment.Some lawless persons often utilize this means to steal user's password and identity information, reach the purpose of stealing user's wealth.
Web bank comprises the professional version Web bank that uses digital certificates to emphasize fail safe at present, generally adopts keyboard input password.Keyboard input password is undoubtedly most convenient mode efficiently.But there is huge potential safety hazard in this kind input mode, especially in public, is easy to be snatched password by malicious hackers software.
Have many hacker software can stealthily be hidden in the operating system of computer, all buttons of recording user operation computer, even can be only specific software start carry out after opening entry.What is more, and this software can send to the hacker who assigns hacker software with record of keys automatically by Email.The hacker utilizes the record of keys receive, user's debarkation net employed username and password that goes to bank has just been come into plain view, and above-mentioned condition has been arranged, but the Web bank of hacker's nature login user and having done at will.Though do not having under the prerequisite of digital certificates, can't use such as such Premium Features of transferring accounts, still can utilize Web bank, carry out some other destructive activity.
The mode that trojan horse is stolen user cipher is in fact very simple, in fact is exactly the keyboard operation of supervisory user.For example: when the user on the net bank conclude the business, when perhaps the free choice of goods is selected in the store on the net, corresponding website can send the browsing pages that requires the user to input account number, password, when the user inputs corresponding account number and password by keyboard in this page after, trojan horse will detect these keyboard operations, and utilizes the internet that the information of these keyboard operations is sent.
In order to prevent that trojan horse from stealing user's account information and password, except the suggestion user in time utilizes the anti-virus software and hardware trojan horse to be carried out the killing, industry has also been developed the technology that password or information are stolen that prevents in a large number.For example: application number is that 03106565.1 Chinese patent application has disclosed a kind of anti-password code verification technique, it is to add the delay of a period of time or add redundant computing in to the proof procedure of password, to prolong the required time of each checking, thereby prolong the required time of decryption, strengthen the fail safe of password.Again for example: application number is the cryptographic check method that 200710065234.4 Chinese patent application has disclosed a kind of electric signing tools.The work password that the mode that this method is imported by safety is inputed electric signing tools instructs by the computer input validation; When the number of times that allows verification to attempt is reduced to set point, only allow mode input validation instruction by the safety input.Can make things convenient for user's use under normal circumstances like this, simultaneously if situations such as hacker or virus attack computer, the user also can come verification work password by the safe input function of last pressure, thereby prevented that the work password from being locked by malice and be the trouble that the user brings, and can in a disguised form remind the user to be subjected to certain malicious attack.Again for example: the patent No. is that the Chinese patent of ZL02808251.6 discloses a kind of method of password authentication that utilizes instantaneous modulus, this method adopts public instantaneous module, utilities index, instantaneous common number and instantaneous special digital, produces signature private key and instantaneous certificate.
Also have some to prevent that trojan horse from stealing the technology of user cipher, its main technical scheme is: utilize the safety certificate or the hardware keys that download to subscriber computer to produce the Crypted password that is used to conclude the business, can make trojan horse can't detect real encrypted message like this; Being exactly to utilize some graphic code information that password is encrypted in addition, also promptly might not encrypting real password, but show a figure on browsing pages, is the figure of some numerical characters that produce at random in this figure.The user has only the numerical character shown in password and the figure is all imported correctly, just can finish checking.Because trojan horse does not have the ability of image recognition, therefore, even obtained the information of keyboard input, also having no idea to distinguish which character is password, and which character is the authorization information of carrying in the image.
For solving the password leakage that direct input may cause, part Web bank or businessman have adopted simulating keyboard input pin mode.Directly utilized keyboard input password difference, this mode screen can eject a dummy keyboard in the past, and the user must just can finish input password step with the corresponding keys position of dummy keyboard on the click screen.Because whole process do not relate to any keyboard operation, so even unfortunate implanted hacker software in the computer that uses, software also can't steal password by the record button.Though hacker software equally also can write down the amplitude that mouse moves and the order of mousebutton,, almost be invalid information because these information can't be directly and the password correspondence.User for convenience, many banks or businessman during as the password input mode of acquiescence, are still allowing dummy keyboard the user to click certain button and are switching to the keyboard input pattern.
Though utilize simulating keyboard can evade the password leakage that record of keys causes, still there is potential safety hazard in it.Use dummy keyboard for the convenience of the user, what many banks released all is the static virtual keyboard, and its key position is arranged, and is in full accord with the keyboard of general use, especially in the occasion that only needs the input digit password, generally all simulates nine palace formula numeric keypads.Because now user's screen is increasing, the shared screen area of corresponding simulating keyboard is also increasing, the screen position at mouse place in the time of only need spying upon the password input rearward, even do not see the concrete button of clicking of Chu, but still can infer by the key position.
For solving the potential safety hazard of static simulation keyboard, there are part Web bank or businessman to take the dynamic analog keyboard to input password again.Compare the static simulation keyboard, key position on the dynamic analog keyboard and commonly used keyboard and inequality, and also the position of each button all is to determine at random, each use all is not quite similar.Common numeric keypad adopts dynamic keyboard, and what seen just is not common " 1234567890 " such key position order, and probably be " 3850972416 " put in order like this no any rule the key position in proper order.Each different fully and have no the dynamic analog keyboard of rule, though when the input password, need seek the place, position of concrete button, for around the prier that has evil intentions, by spy on mouse position deduction button also almost become impossible.
Be all the dynamic analog keyboard, the safe coefficient of different Web banks or businessman is also different, and partial simulation button design very big makes and spy upon difficulty and reduce greatly; Part then is designed into the user and just sees, makes that to spy upon difficulty at one's side high.
But, no matter adopt above-mentioned which kind of encryption technology, or increased the stroke of user's keyboard input, or increased the complexity of password validation system software and hardware, also more complicated on technology realizes.And adopt as the patent No. is the algorithm of ZL02808251.6, in case utilities index, instantaneous common number algorithm are given away secrets, this technology is inefficacy immediately just, and can not re-use.
Therefore, industry needs a kind of simple, and is as far as possible little to the password validation system change, can prevent the technology that password is stolen by trojan horse effectively again.
Summary of the invention
An object of the present invention is to provide and a kind ofly can prevent the method for stealing passwords in order to overcome the prior art many disadvantages, it can prevent effectively that password from being stolen by trojan horse, and simultaneously simple, it is as far as possible little that password validation system is changed.
Method of the present invention comprises following step: when the needs user inputed password, system side generated and preserves character correspondence table at random automatically; This correspondence table is sent to subscriber equipment by the internet, this correspondence table is shown on the inputting interface of subscriber equipment, point out the user simultaneously, import the substitute character string corresponding with password string according to the corresponding relation on this correspondence table; When the substitute character string of user's input is sent to system side, utilizes the character correspondence table of preserving to restore password string, and carry out follow-up verification operation.
System of the present invention comprises: the equipment that is used for generating and preserving automatically the random character correspondence table, with the equipment of this character correspondence table by the internet transmission, utilize the character correspondence table of preserving that the substitute character string that the user imports is restored the equipment of password string, and carry out the subsequent authentication apparatus operating.
The inventive method or system can utilize character correspondence table at random that password string is converted to the substitute character string on the one hand, can not obtain real encrypted message even make trojan horse detect the keyboard input, thereby can guarantee effectively that user's password is not stolen; On the other hand,, need not carry out hardware modification,, be easy to realize even the retrofit work amount of software also can be fallen very lowly to password validation system because the character correspondence table can use software to produce at random; Again on the one hand, even anyone has obtained the random function that generates the character correspondence table, because the fragment in the actual information sequence that impossible acquisition random function produces, also can't really can find the rule of correspondence with associated cryptographic, therefore can not obtain real encrypted message, technical scheme of the present invention can not lose efficacy yet.
Description of drawings
Fig. 1 is the schematic flow sheet of first execution mode of the inventive method;
Fig. 2 is the schematic flow sheet of second execution mode of the inventive method;
Fig. 3 is the system construction drawing of first execution mode of system of the present invention;
Fig. 4 is the system construction drawing of first execution mode of the inventive method;
Fig. 5 is the pattern schematic diagram of the browsing pages of character correspondence table in first execution mode of the inventive method;
Fig. 6 for character correspondence table in first execution mode of the inventive method adopt a plurality of corresponding relations schematic diagram.
Embodiment
The present invention is described in further detail below in conjunction with specific embodiment.
Referring to Fig. 1, first execution mode of the inventive method specifically comprises following operation:
Execution in step 101, when the user carries out the operation of Web bank or carries out shopping online by the Internet, when bank system of web or E-shop system need allow the user input corresponding password, earlier generate a character correspondence table automatically and randomly, simultaneously this character correspondence table is kept among the storage medium in bank system of web or the E-shop system;
The structure of above-mentioned character correspondence table can be as shown in table 1 below:
| |
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 0 |
| Substitute character | A | B | C | D | E | F | G | H | I | J |
In the table 1, code characters is meant the character of the actual use of the password of preserving in bank or E-shop system, and for example: the password of banking system is these ten arabic numeric characters of 0-9 normally.And substitute character can be the character that can use keyboard input arbitrarily, and for example: they can be ten arabic numeric characters such as 0-9,26 capitalization or small letter English character,! , @, #, $, %, ^, ﹠amp; , *, (),, ,=, [,],, sign character such as #, $, %; With above-mentioned table 1 is example, and for code characters " 1 ", its alternatives can be above-mentioned any other characters of enumerating.For code characters " 2 ", its alternatives should be above-mentioned any other characters of enumerating except that character of alternatives " 1 ".The rest may be inferred.A concrete example is as follows: for password string " 123456 ", according to above-mentioned generating mode, the substitute character string can be: " abcdef " also can be " 8p4x# 2 " can also be " %5hq﹠amp; * " or the like; these substitute character strings are to import according to the character correspondence table of structure as shown in table 1 fully, and the corresponding relation in this character correspondence table between code characters and the substitute character then is to be generated at random by the equipment of banking system or the equipment of online shopping mall.For different users, code characters is different with corresponding relation between the substitute character in the character correspondence table.
In case after generating and preserved a character correspondence table at random according to above-mentioned rule, just can execution in step 102, this character correspondence table is sent to subscriber equipment by the internet; After subscriber equipment receives this character correspondence table, execution in step 103, the character correspondence table is shown on the inputting interface of subscriber equipment, for allow the user can be correctly according to the substitute character string of the rule input password string of character correspondence table defined, should be on user's equipment interface the display reminding user according to the information of this character correspondence table input substitute character string corresponding with password string.Such information can adopt direct transmitting apparatus by banking system or online shopping mall to produce the browsing pages with aforementioned character correspondence table, and this browsing pages can be a pattern as shown in Figure 5.See such information, the user can be according to above-mentioned corresponding relation and the correct substitute character string of rule input.The substitute character string input of user input finishes and sends it back the system equipment of bank or online shopping mall, and this is equivalent to carry out step 110.Execution in step 104, the system equipment of bank or online shopping mall then utilize the character correspondence table of preservation that the substitute character string is reduced into password string.After this, execution in step 105, the system equipment of bank or online shopping mall just can continue to carry out follow-up verification operation.After this, intransitable for checking according to the result of checking for the user provides corresponding service, then denial of service.
In addition, as shown in Figure 6, in the character correspondence table, can adopt a plurality of corresponding relations.Promptly for code characters " 1234567890 ", can generate the substitute character of two groups or more groups of correspondences.The user can choose one of them and replace its code characters.The benefit of doing like this is: allow the user that more selection is arranged, and better to the protection of password simultaneously.So just can be after carrying out follow-up verification operation, do not pass through in checking, and when the random character in the character correspondence table is organize more, can be according to other group random character in the character correspondence table, the character correspondence table that re-executes described utilization preservation restores the step of password string.All use up to all group random characters.
Adopt above-mentioned technical scheme, can realize on the one hand the situation that prevents that password from being detected and stealing by trojan horse simply, on the other hand, need not carry out hardware modification to password validation system, the retrofit work amount of software also can be fallen very lowly simultaneously, is easy to realize.In addition, although any function that takes place at random all has specific rule, but, in the process of system's operation, any fragment of Chan Shenging almost can't be caught at random, therefore, known by the people even system is used to generate the random function of character correspondence table, but the substitute character string of consequent password string also can not be decrypted.Thereby the reliability and stability of system have been guaranteed.
Referring to Fig. 2, second execution mode of the inventive method can be following technical scheme:
Main step is substantially the same with aforementioned embodiments, different is: step 101 ' not only comprised the operation that generates and preserve the character correspondence table, carry out generating a code characters subclass indication information, this code characters subclass indication information comprises at least: the quantity and the positional information of the code characters of needs input or shielding.Why do like this, its main purpose is: can utilize on the one hand code characters subclass indication user to import part character in the password string, to guarantee the fail safe of password more.In this case, even trojan horse has been stolen password string, but because the password string that is stolen only is segment in the complete password string or is made up of several fragments, therefore, complete password string is not stolen, and the fail safe of password obtains better guarantee thus.On the other hand, when password string is long, can also reduce the number of times of user's input, reduce the number of times of keystroke operation, improve the password input efficiency.The example of a code characters subclass indication information is as follows: suppose that a complete password string is: " 123456789012345 ", and its pairing substitute character string is: " A5f﹠amp; E*tu+b4oGm=", when generating code characters subclass indication information at random, information that can be following: " 3,6,7,9,11,12,15 ".Wherein each numeral all is used to point out the user when the input password, and that indicated locational substitute character of input respective digital gets final product.For example: wherein 3 be meant from code characters start of string number the 3rd substitute character, i.e. " f "; " 11 " wherein are meant from code characters start of string number, the 11 substitute character, i.e. " 4 ".In this above-mentioned example, the substitute character string of user's actual needs input is: " f*t+4o=" its quantity is 7, is less than the quantity of 15 actual characters far away.In addition, in the above-mentioned code characters subclass indication information between each numeral ", " be used for each numeral is separated.
In addition, many group corresponding relations are the same with having in the character correspondence table, and code characters subclass indication information also can be many groups.The user can choose one of them and replace its code characters.Do to allow the user that more selection is arranged equally like this, simultaneously to the protection better effects if of password.
It should be noted that: above-mentioned code characters subclass indication information can adopt the various rules that are not limited to above-mentioned example in the generating run of reality.For example: use putting in order of English alphabet to represent the position of the substitute character of needs input, use ", ", "? " represent separation between the indication information or the like Deng character.
As shown in Figure 2, after generating and having preserved code characters subclass indication information, just can execution in step 102 ', this code characters subclass indication information and character correspondence table are sent to subscriber equipment by the internet together; Execution in step 103 ' makes the character correspondence table show on the inputting interface of subscriber equipment, points out the user to import the substitute character of the indicated position of code characters subclass indication information simultaneously.For allow the user can be correctly according to the substitute character string of the rule input password string of character correspondence table defined, should be on user's equipment interface the display reminding user according to the information of this character correspondence table input substitute character string corresponding with password string.See such information, the user can be according to above-mentioned corresponding relation and the correct substitute character string of rule input.The substitute character string input of user input finishes and sends it back the system equipment of bank or online shopping mall, and this is equivalent to execution in step 110.Execution in step 104 ', the system equipment of bank or online shopping mall are then utilized the character correspondence table and the code characters subclass indication information of preservation, and the substitute character string is reduced into password string.Because code characters subclass indication information has been arranged, therefore can only reduce, check the indicated locational code characters of this code characters subclass indication information here.After this, execution in step 105, the system equipment of bank or online shopping mall just can continue to carry out follow-up verification operation.Under situation with code characters subclass indication information, as long as the code characters of relevant position is consistent in the password string that the indicated locational code characters of this code characters subclass indication information that restores and system preserve, just can assert that the password that the user inputs is correct.After this, intransitable for checking according to the result of aforementioned authentication for the user provides corresponding service, then denial of service.
Referring to Fig. 3, first execution mode of system of the present invention comprises: first equipment 201 is used for automated randomized generation and preserves the character correspondence table; This first equipment produces and preserves the character correspondence table according to the execution mode of aforementioned first method; And, in this first equipment, can be provided for preserving the storage medium 2011 of character correspondence table, for example: disk, RAM etc.; These storage mediums 2011 both can be provided with among first equipment, also can independently be provided with, as long as first equipment can visit and read and write this storage medium 2011.Second equipment 202 is used for obtaining the character correspondence table from first equipment 201, and sends this character correspondence table to subscriber equipment by the internet; Obtaining in fact here is meant: second equipment 202 obtains the concrete memory location or the character correspondence table itself of character correspondence table from first equipment; In addition, the pairing user profile of character correspondence table also is absolutely necessary.Because this character correspondence table always generates at random, and corresponding one by one with corresponding user.So, should together offer second equipment 202 with the character correspondence table.Second equipment 202 is after having obtained character correspondence table and its pairing user profile, and the network address according to this user profile is pointed to sends to subscriber equipment 210 with this character correspondence table; After the user utilizes this subscriber equipment to finish the input of substitute character string of password string, this subscriber equipment 210 is sent back to the substitute character string the 3rd equipment 203 of system of the present invention, the step 104 that the 3rd equipment 203 is carried out in aforementioned the inventive method utilizes the character correspondence table of preserving that the substitute character string of passing back is restored password string; After this, the 3rd equipment 203 will restore password string and send to execution subsequent authentication apparatus operating 204 to carry out follow-up password verification operation.
Referring to Fig. 4, the storage medium 2012 that aforesaid first equipment 201 is connected not only is used for the store character correspondence table, can also preserve code characters subclass indication information, this code characters subclass indication information also is to be generated by first equipment 201, it is corresponding one by one with the pairing user profile of this character correspondence table, and comprises: the quantity and the positional information of the code characters of needs input or shielding.The particular content of relevant code characters subclass indication information referring to second of the inventive method concrete execution mode, does not repeat them here.Here need clear and definite to be: the code characters of needs shielding is that the processing with the character of needs input just in time is opposite again.Receive the degree rule that only needs after the code characters information of shielding according to password when subscriber equipment, the code characters of needs shielding separated that the only remaining not code characters of conductively-closed promptly constitutes the code characters that needs input from complete password string.
When having code characters subclass indication information, second equipment 202 is not only carried out the operation in first execution mode of aforementioned system of the present invention, can also obtain code characters subclass indication information from first equipment 201, and code characters subclass indication information and character correspondence table together be sent to subscriber equipment 210 by the internet; The user utilizes this subscriber equipment 210, finish the input of substitute character string of password string according to second execution mode of the inventive method after, this subscriber equipment 210 is sent back to the substitute character string the 3rd equipment 203 of system of the present invention, the 3rd equipment 203 utilizes character correspondence table and the code characters subclass indication information of preserving, according to the step 104 of second execution mode of the inventive method ' the substitute character string of passing back is restored password string; After restoring password string, carry out subsequent authentication apparatus operating 204 and obtain this password string to carry out follow-up verification operation from the 3rd equipment 203.
Need to prove in addition: in each step of the inventive method, do not comprise reception character correspondence table that subscriber equipment is carried out and the step that sends the substitute character string, just, the present invention will handle these substitute character strings according to the step of the inventive method after receiving the substitute character string that subscriber equipment sends.Equally, do not comprise subscriber equipment in the system of the present invention yet, but can with these subscriber equipmenies by Internet connection, operate accordingly to carry out the present invention.
Adopt various technical scheme provided by the invention, the password that makes the user input can obtain real protection because of replacing at random of character on the one hand; On the other hand,, the cost of the system reform be can reduce significantly, the efficient and the reliability of this transformation improved because the mode of this replacement is simple; Have again to be exactly, do not change user's input mode and improve user's input burden; At last, utilize code characters subclass indication information can also further reduce the burden that the user inputs long password on this basis.
Claims (8)
1. a method that prevents stealing passwords is characterized in that, comprising:
Automated randomized generation is also preserved the character correspondence table;
This character correspondence table is sent to subscriber equipment by the internet;
This character correspondence table is shown on the inputting interface of subscriber equipment, point out the user simultaneously, import the substitute character string corresponding with password string according to this character correspondence table;
When described substitute character string transmits, utilize the character correspondence table of preserving to restore password string;
Carry out follow-up verification operation.
2. method according to claim 1 is characterized in that: the step of described automated randomized generation and preservation character correspondence table specifically comprises:
According to predefined random function, produce one group of above random character, make the quantity of every group of random character identical with character number in the code characters; And described every group of interior random character has nothing in common with each other, and corresponding one by one with each code characters respectively.
3. method according to claim 1, it is characterized in that: after the follow-up verification operation of described execution, if checking is not passed through, and when the random character in the character correspondence table is organize more, according to other group random character in the character correspondence table, the character correspondence table that re-executes described utilization preservation restores the step of password string.
4. a method that prevents stealing passwords is characterized in that, comprising:
Automated randomized generation is also preserved character correspondence table and code characters subclass indication information, and described code characters subclass indication information comprises: the quantity and the positional information of the code characters of needs input or shielding;
This character correspondence table and code characters subclass indication information are sent to subscriber equipment by the internet;
This character correspondence table is shown on the inputting interface of subscriber equipment, point out the user simultaneously, import the substitute character string corresponding with password string according to this character correspondence table and code characters subclass indication information;
When described substitute character string transmits, utilize character correspondence table and the code characters subclass indication information preserved to restore password string;
Carry out follow-up verification operation.
5. method according to claim 1 is characterized in that: the step of described automated randomized generation and preservation character correspondence table and code characters subclass indication information specifically comprises:
According to predefined random function, produce one group of above random character, make the quantity of every group of random character identical with character number in the code characters; And described every group of interior random character has nothing in common with each other, and corresponding one by one with each code characters respectively;
According to predefined random function, produce one group of above code characters subclass indication information, and in the described code characters subclass indication information code characters number in the code characters subclass less than whole numbers of code characters.
6. method according to claim 1, it is characterized in that: after the follow-up verification operation of described execution, if checking is not passed through, and when random character in the character correspondence table and/or code characters subclass indication information are organize more, according to other group random character and/or code characters subclass indication information in the character correspondence table, the character correspondence table that re-executes described utilization preservation restores the step of password string.
7. a system that prevents stealing passwords is characterized in that, comprising:
First equipment is used for automated randomized generation and preserves the character correspondence table;
Second equipment is used for obtaining the character correspondence table from first equipment, and sends this character correspondence table to subscriber equipment by the internet;
The 3rd equipment is used to utilize the character correspondence table of preservation that the substitute character string of passing back is restored password string;
Obtain from the 3rd equipment and to restore password string, and carry out the subsequent authentication apparatus operating.
8. a system that prevents stealing passwords is characterized in that, comprising:
First equipment is used for automated randomized generation and preserves character correspondence table and code characters subclass indication information, and described code characters subclass indication information comprises: the quantity and the positional information of the code characters of needs input or shielding;
Second equipment is used for obtaining character correspondence table and code characters subclass indication information from first equipment, and sends this character correspondence table and code characters subclass indication information to subscriber equipment by the internet;
The 3rd equipment is used to utilize the character correspondence table of preservation that substitute character string and the code characters subclass indication information of passing back restored password string;
Obtain from the 3rd equipment and to restore password string, and carry out the subsequent authentication apparatus operating.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2008102225470A CN101374149A (en) | 2008-09-19 | 2008-09-19 | Method and system for preventing cipher from being stolen |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2008102225470A CN101374149A (en) | 2008-09-19 | 2008-09-19 | Method and system for preventing cipher from being stolen |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101374149A true CN101374149A (en) | 2009-02-25 |
Family
ID=40448072
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA2008102225470A Pending CN101374149A (en) | 2008-09-19 | 2008-09-19 | Method and system for preventing cipher from being stolen |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101374149A (en) |
Cited By (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102890633A (en) * | 2012-10-19 | 2013-01-23 | 赵宝璋 | Method for inputting password by alternative key |
| CN103164650A (en) * | 2013-03-26 | 2013-06-19 | 北京奇虎科技有限公司 | Implementation method of browser side security control and browser |
| WO2013127292A1 (en) * | 2012-03-02 | 2013-09-06 | 腾讯科技(深圳)有限公司 | Login method and device, terminal and network server |
| CN103581105A (en) * | 2012-07-18 | 2014-02-12 | 深圳市财付通科技有限公司 | Login verification method and login verification system |
| CN103839327A (en) * | 2012-11-21 | 2014-06-04 | 由田新技股份有限公司 | Password indirect confirming device and method |
| CN101635015B (en) * | 2009-08-31 | 2015-05-27 | 飞天诚信科技股份有限公司 | Method for improving interface safety |
| WO2015078184A1 (en) * | 2013-11-29 | 2015-06-04 | 天地融科技股份有限公司 | Password input method and system |
| CN104836660A (en) * | 2014-02-12 | 2015-08-12 | 中国银联股份有限公司 | Password management method and system |
| CN105306209A (en) * | 2014-07-30 | 2016-02-03 | 阿里巴巴集团控股有限公司 | Password setting method, login method and devices |
| CN105653994A (en) * | 2016-02-22 | 2016-06-08 | 浪潮通用软件有限公司 | Method for preventing memory password from leakage |
| CN105743860A (en) * | 2014-12-10 | 2016-07-06 | 北京数码视讯科技股份有限公司 | Method and device for converting characters |
| CN104468522B (en) * | 2014-11-07 | 2017-10-03 | 百度在线网络技术(北京)有限公司 | A kind of voice print verification method and apparatus |
| CN104281272B (en) * | 2013-07-11 | 2018-07-03 | 北京数码视讯科技股份有限公司 | Password Input processing method and processing device |
| CN108510376A (en) * | 2017-07-26 | 2018-09-07 | 平安科技(深圳)有限公司 | Household finance manages system, method, terminal and storage medium |
| CN111865573A (en) * | 2020-06-22 | 2020-10-30 | 上海上实龙创智能科技股份有限公司 | Dynamic password generation system, generation method, equipment and storage medium |
| CN112035901A (en) * | 2020-09-03 | 2020-12-04 | 北京元心科技有限公司 | Information input method, information input device, electronic equipment and medium |
| CN113806730A (en) * | 2021-09-18 | 2021-12-17 | 北京安天网络安全技术有限公司 | Safe password input method, system, equipment and medium |
| CN114008974A (en) * | 2019-06-10 | 2022-02-01 | 微软技术许可有限责任公司 | Partial pattern recognition in symbol streams |
-
2008
- 2008-09-19 CN CNA2008102225470A patent/CN101374149A/en active Pending
Cited By (26)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101635015B (en) * | 2009-08-31 | 2015-05-27 | 飞天诚信科技股份有限公司 | Method for improving interface safety |
| WO2013127292A1 (en) * | 2012-03-02 | 2013-09-06 | 腾讯科技(深圳)有限公司 | Login method and device, terminal and network server |
| CN103581105A (en) * | 2012-07-18 | 2014-02-12 | 深圳市财付通科技有限公司 | Login verification method and login verification system |
| CN103581105B (en) * | 2012-07-18 | 2017-09-22 | 财付通支付科技有限公司 | Login validation method and login authentication system |
| CN102890633A (en) * | 2012-10-19 | 2013-01-23 | 赵宝璋 | Method for inputting password by alternative key |
| CN103839327A (en) * | 2012-11-21 | 2014-06-04 | 由田新技股份有限公司 | Password indirect confirming device and method |
| CN103839327B (en) * | 2012-11-21 | 2016-10-05 | 由田新技股份有限公司 | Password indirect acknowledgment devices and methods therefor |
| CN103164650B (en) * | 2013-03-26 | 2016-08-03 | 北京奇虎科技有限公司 | The implementation method of browser side safe control and browser |
| CN103164650A (en) * | 2013-03-26 | 2013-06-19 | 北京奇虎科技有限公司 | Implementation method of browser side security control and browser |
| CN104281272B (en) * | 2013-07-11 | 2018-07-03 | 北京数码视讯科技股份有限公司 | Password Input processing method and processing device |
| WO2015078184A1 (en) * | 2013-11-29 | 2015-06-04 | 天地融科技股份有限公司 | Password input method and system |
| CN104836660A (en) * | 2014-02-12 | 2015-08-12 | 中国银联股份有限公司 | Password management method and system |
| CN105306209B (en) * | 2014-07-30 | 2019-08-09 | 阿里巴巴集团控股有限公司 | Cipher set-up method, login method and equipment |
| CN105306209A (en) * | 2014-07-30 | 2016-02-03 | 阿里巴巴集团控股有限公司 | Password setting method, login method and devices |
| US10277589B2 (en) | 2014-11-07 | 2019-04-30 | Baidu Online Network Technology (Beijing) Co., Ltd. | Voiceprint verification method, apparatus, storage medium and device |
| CN104468522B (en) * | 2014-11-07 | 2017-10-03 | 百度在线网络技术(北京)有限公司 | A kind of voice print verification method and apparatus |
| CN105743860A (en) * | 2014-12-10 | 2016-07-06 | 北京数码视讯科技股份有限公司 | Method and device for converting characters |
| CN105653994A (en) * | 2016-02-22 | 2016-06-08 | 浪潮通用软件有限公司 | Method for preventing memory password from leakage |
| CN108510376A (en) * | 2017-07-26 | 2018-09-07 | 平安科技(深圳)有限公司 | Household finance manages system, method, terminal and storage medium |
| CN114008974A (en) * | 2019-06-10 | 2022-02-01 | 微软技术许可有限责任公司 | Partial pattern recognition in symbol streams |
| CN114008974B (en) * | 2019-06-10 | 2023-10-31 | 微软技术许可有限责任公司 | Partial pattern recognition in symbol streams |
| CN111865573A (en) * | 2020-06-22 | 2020-10-30 | 上海上实龙创智能科技股份有限公司 | Dynamic password generation system, generation method, equipment and storage medium |
| CN112035901A (en) * | 2020-09-03 | 2020-12-04 | 北京元心科技有限公司 | Information input method, information input device, electronic equipment and medium |
| CN112035901B (en) * | 2020-09-03 | 2023-09-12 | 北京元心科技有限公司 | Information input method, device, electronic equipment and medium |
| CN113806730A (en) * | 2021-09-18 | 2021-12-17 | 北京安天网络安全技术有限公司 | Safe password input method, system, equipment and medium |
| CN113806730B (en) * | 2021-09-18 | 2024-03-08 | 北京安天网络安全技术有限公司 | Method, system, equipment and medium for inputting security password |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101374149A (en) | Method and system for preventing cipher from being stolen | |
| Bojinov et al. | Kamouflage: Loss-resistant password management | |
| KR100812411B1 (en) | Methods and systems for graphical image authentication | |
| US20160127134A1 (en) | User authentication system and method | |
| US20070209014A1 (en) | Method and apparatus for secure data input | |
| US9768959B2 (en) | Computer security system and method to protect against keystroke logging | |
| WO2009023422A1 (en) | System and method for generating and displaying a keyboard comprising a random layout of keys | |
| Pakojwar et al. | Security in online banking services-A comparative study | |
| Szydlowski et al. | Secure input for web applications | |
| Gulsezim et al. | Two factor authentication using twofish encryption and visual cryptography algorithms for secure data communication | |
| Nowroozi et al. | Cryptocurrency wallets: assessment and security | |
| Wong et al. | An enhanced user authentication solution for mobile payment systems using wearables | |
| CN101383833A (en) | Apparatus and method for enhancing PIN code input security of intelligent cipher key apparatus | |
| JP5965090B2 (en) | Method and system for generating a sign code used to securely transfer money | |
| AU2011100338A4 (en) | Method and /or device for managing authentication data | |
| Divya et al. | Visual authentication using QR code to prevent keylogging | |
| Gunaseeli et al. | Graphical passwords implies on tolerance password, image choice, and puzzle login security | |
| Bobba et al. | Single Sign-On Using Contactless Smart Cards and Fingerprint Authentication | |
| Neenu | On screen randomized blank keyboard | |
| Rani et al. | A Novel Session Password Security Technique using Textual Color and Images | |
| Ali et al. | Two Factor Authentication by Using SMS for Web Based Application | |
| Kumar | Cyber attacks & Its Security Predictions in 2020 | |
| Ouk et al. | Mobile App security for E-Commerce | |
| Hamam | Identification of the user by using a hardware device | |
| Mane et al. | A Novel Approaches for Visual Authentication Protocols |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Open date: 20090225 |