CN103684799A - Dynamic digital password authentication method - Google Patents
Dynamic digital password authentication method Download PDFInfo
- Publication number
- CN103684799A CN103684799A CN201410002864.7A CN201410002864A CN103684799A CN 103684799 A CN103684799 A CN 103684799A CN 201410002864 A CN201410002864 A CN 201410002864A CN 103684799 A CN103684799 A CN 103684799A
- Authority
- CN
- China
- Prior art keywords
- password
- user
- rule
- content
- authentication method
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention provides a secure password authentication method which is characterized in that (1) a user needs to input different passwords according to the system prompt in every time of logon and the password can only be effective at one time in the current system environment, i.e. after being intercepted and captured by a third party, the password loses effect; (2) even if the correct password of the user is intercepted by the third party for a plurality of times, the third party cannot reversely deduct an accurate password source according to the password rules. Due to the two characteristics, a new password authentication technology has high protection capability, and is suitable to be applied in various fields which require security authentication.
Description
Technical field
The present invention relates to informationization technology and safety certification field, be specifically related to a kind of security password authentication method.
Background technology
Along with popularizing of informationization technology, people's life be unable to do without password everywhere, computer login, webpage login, software login and bank account all need password, so, the password quantity that individual grasps is more and more, is inconvenient to remember and manage, and along with the upgrading of development and the unlawful means of hacking technique, traditional cipher verification technique is relatively backward, easily by lawless person, is stolen utilization.
Although now have, use the method for mobile phone Receipt Validation code to guarantee login security, but this needs user to have mobile phone, region to have mobile phone signal, and at mobile phone signal, bad or people also there will be identifying code forward delay interval when using login platform more, delays user login operation.According to up-to-date science and technology news report, had illegal molecule and set up " pseudo-base station " and realize cellphone subscriber's password is tackled, that is to say, even if use mobile phone Receipt Validation code, can not accomplish safety very, and the password of tackling can remain valid.
Therefore, we need a kind of new cryptographic technique to protect our information security, reach the object of safe and secret, handled easily, convenient memory.
Summary of the invention
[summary of the invention]
In order to address the above problem, the invention provides a kind of dynamic digital cipher authentication method, make people only need to remember a kind of rule of oneself setting, system that just can all use this method of safer login.
In order to realize goal of the invention, the invention provides following method of operation:
A dynamic digital cipher authentication method, is characterized in that: system is exported a pictures to user, on this picture, divides and has a plurality of regions; User chooses one or more described regions as password rule; System is the random content of filling in described region, and filling content can be from visually distinguishing; User draws a numeral according to described password rule in conjunction with described filling content, and this numeral is password; The content of described password and length can change along with the variation of described filling content.
User submits to after password, and system draws numeric results according to user's password rule in conjunction with the filling content in relevant range, and the password of this result and user's submission is contrasted, and judgement is to be consistent, thereby realizes user log-in authentication.
Region by system divides on picture can be the figure that grid, circle etc. can be distinguished with border, and can be character, symbol, figure etc. toward the content of filling in region, as long as can distinguish mutually from visually carrying out.User sees after picture, just can identify different numerals according to the difference of the filling content in region, and this numeral can change along with the content change of filling in region.Therefore even if this password is stolen, also cannot be for login next time, thus realize antitheft.
If various websites, software, bank etc. all adopt this method to carry out login authentication, user just needn't arrange different passwords for each platform by traditional mode so.Only need in various platforms, the same a kind of rule of setup and use as password authentification rule, when then logining, just only need just can login whole systems by this rule.Although people also need to arrange a plurality of passwords rule in reality, in general, cipher memory amount greatly reduces, and this password rule can image represent in password figure, very convenient memory.
In addition, adopt this method to carry out after login authentication, also no longer need to add in addition identifying code and verified manual operation, because this method has also been used image, having limited must be manual operation, so this method also has a benefit to save identifying code operation for various systems exactly.
In sum, this method has realized the password authentification of high safety performance, has operated and measured few memory requirement easily, is applicable to very much all trades and professions informatization security checking in modern society.
[accompanying drawing explanation]
The picture that this accompanying drawing explanation provides, for auxiliary a further understanding of the present invention, forms the application's a part, does not form inappropriate limitation of the present invention, in the accompanying drawings:
Fig. 1 is the picture region structure chart in the present invention
Fig. 2 and Fig. 3 are the password figure that system represents to user
[embodiment]
The regional structure shown in Fig. 1 of take is implemented the present invention, the Position Number that the numeral in cell is character as example.
1, password rule arranges
User, according to the regional structure of Fig. 1, selects the position in several cells region as password rule, take " 0 " as separator.Two password rules are set, for example: " 1112131415160242526272829 ", this Rule Expression, first password is that counting in 11,12,13,14,15,16 several grid added up, and second password is that counting in 24,25,26,27,28,29 several grid added up.
2, system represents character array to user
As shown in Figure 2, system is chosen 6 cell regions at random, in each grid, fills a point, more other 6 the cell regions of random selection, in each grid, fills two points, and content is not filled in remaining cell region.
In this example, to filling content aware agreement, be:
If in grid be a point, counting cumulative 1 so.
If in grid be two points, counting cumulative 2 so.
If be empty in grid, accumulated counts not so.
3, user reads password
By the password rule " 1112131415160242526272829 " in this example, read the password in Fig. 2, read step is as follows so:
The 1st: 11, the sum of counting in 12,13,14,15,16 cells is: 4;
The 2nd: 24, the sum of counting in 25,26,27,28,29 cells is: 7;
These two passwords that read are coupled together, and result is exactly " 47 ".
4, system verification
User submits to after password string, and system is again according to user's password rule, and the read step of duplicate customer, draws password, if password is consistent with the password that user submits to, so with regard to authentication success.
While logining, system repaints password figure, as shown in Figure 3 next time.By the password rule in this example, read again, so
The 1st password is: 5
The 2nd password is: 5
Result is: 55
In order to make Cipher Strength higher, password rule can be set be: " 11,121,314,151,611,121,314,151,611,121,314,151,611,121,314,151,611,121,314 1516190242526272829 "
The 1st password is the sum of counting in these grid, transfers calculating to and is exactly in fact count in 11,12,13,14,15,16 cells 5 times of sum and add counting in 19 cells again.The sum of counting in second password or 24,25,26,27,28,29 cells.
So, with this password rule, read Fig. 2, password result is: 207
Read Fig. 3, password result is: 275
This shows, without using the auxiliary equipment such as calculator, mobile phone, security card, just can be from figure people for reading dynamic digital password, and password result also allows people's unpredictable, realizes secure log.
In addition, by password rule, also can be found out, its length is very long, if other people think that the mode cracking by force cracks, difficulty is high.
More than describe preferred embodiment of the present invention in detail, should be appreciated that the ordinary skill of this area just can design according to the present invention be made many modifications and variations without creative work.Therefore, all technical staff in the art according to the present invention design on prior art basis by logic analysis, reasoning or according to the available technical scheme of limited experiment, all should have among the determined protection range of these claims.
Claims (1)
1. a dynamic digital cipher authentication method, is characterized in that: system is exported a pictures to user, on this picture, divides and has a plurality of regions; User chooses one or more described regions as password rule; System is the random content of filling in described region, and filling content can be from visually distinguishing; User draws a numeral according to described password rule in conjunction with described filling content, and this numeral is password; The content of described password and length can change along with the variation of described filling content.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410002864.7A CN103684799A (en) | 2014-01-05 | 2014-01-05 | Dynamic digital password authentication method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410002864.7A CN103684799A (en) | 2014-01-05 | 2014-01-05 | Dynamic digital password authentication method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103684799A true CN103684799A (en) | 2014-03-26 |
Family
ID=50321193
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410002864.7A Pending CN103684799A (en) | 2014-01-05 | 2014-01-05 | Dynamic digital password authentication method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103684799A (en) |
-
2014
- 2014-01-05 CN CN201410002864.7A patent/CN103684799A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105095737B (en) | The method and apparatus for detecting weak password | |
| US8955074B2 (en) | Authentication method of enumerated pattern of field positions based challenge and enumerated pattern of field positions based response through interaction between two credentials in random partial digitized path recognition system | |
| CN106209886B (en) | Web interface data encryption is endorsed method, apparatus and server | |
| US9942217B2 (en) | System and method for generating a service provider based secure token | |
| CN104143068B (en) | Method of password authentication and system | |
| US20180254904A1 (en) | Integrated authentication system for authentication using single-use random numbers | |
| CN104113552A (en) | Platform authorization method, platform server side, application client side and system | |
| US20160127134A1 (en) | User authentication system and method | |
| CN104158802A (en) | Platform authorization method, platform service side, application client side and system | |
| CN104348612A (en) | Third-party website login method based on mobile terminal and mobile terminal | |
| CN104967597A (en) | Third-party application message authentication method and system based on secure channel | |
| CN109861968A (en) | Resource access control method, device, computer equipment and storage medium | |
| CN105100029A (en) | Method and device for user identity verification | |
| KR101897085B1 (en) | Apparatus and method for generating a realtime password and storage medium | |
| CN102685122B (en) | The method of the software protection based on cloud server | |
| TWI668586B (en) | Data communication method and system, client and server | |
| CN103401686B (en) | A kind of user's OTP WEB Authentication System and application process thereof | |
| CN106685945B (en) | Service request processing method, service handling number verification method and terminal thereof | |
| US9715583B2 (en) | Verification of a pattern based passcode | |
| CN107645474B (en) | Method and device for logging in open platform | |
| CN106851613A (en) | Service request method, the verification method of business handling number and its terminal | |
| CN109495458A (en) | A kind of method, system and the associated component of data transmission | |
| CN102571810B (en) | Dynamic password authentication method based on hardware digital certificate carrier and dynamic password authentication system thereof | |
| CN102546168A (en) | Communication device for identity authentication | |
| CN107679865B (en) | Identity verification method and device based on touch area |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20140326 |
|
| WD01 | Invention patent application deemed withdrawn after publication |