CN104796410A - Method for protecting account with multiple passwords of different priority levels - Google Patents

Method for protecting account with multiple passwords of different priority levels Download PDF

Info

Publication number
CN104796410A
CN104796410A CN201510143750.9A CN201510143750A CN104796410A CN 104796410 A CN104796410 A CN 104796410A CN 201510143750 A CN201510143750 A CN 201510143750A CN 104796410 A CN104796410 A CN 104796410A
Authority
CN
China
Prior art keywords
user
password
account
enter
passwords
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201510143750.9A
Other languages
Chinese (zh)
Other versions
CN104796410B (en
Inventor
邓庚盛
邹伟平
曾勍炜
付爱英
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanchang University
Original Assignee
Nanchang University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanchang University filed Critical Nanchang University
Priority to CN201510143750.9A priority Critical patent/CN104796410B/en
Publication of CN104796410A publication Critical patent/CN104796410A/en
Application granted granted Critical
Publication of CN104796410B publication Critical patent/CN104796410B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Information Transfer Between Computers (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides a method for protecting an account with multiple passwords of different priority levels. The number of the priority levels of passwords initially set by a system and corresponding entry-into-force conditions of each priority level, and the number of passwords which can be set at each priority level are involved in the method. A user sets the passwords of different priority levels for the account of the user when the account is registered, and the user can authorize the passwords of the low priority levels to trusted people. When the priority levels do not meet the entry-into-force conditions, even the corresponding passwords are mastered, account login can not succeed. The method has the advantages that configuration is flexible, the application range is wide, and the account system can meet various different requirements through setting and regulating of corresponding parameters; due to the fact that the user can set the passwords of multiple priority levels, the passwords of the low priority levels can be mastered not only by the user, and the people authorized by the user can continue to use the account when meeting the conditions under the condition that no manual interference of the application system side after the user has an accident and the expiry date is up.

Description

The account protection method of the many passwords of a kind of different priorities
Technical field
The invention belongs to computer application field.
Background technology
The mode of what current computer application system was a large amount of have employed account and password login, the personal information produced in system use procedure is associated with account, this information making user that different functions, interface etc. can be had personalized when using application system.
The account name arranged when usual user inputs oneself registration during existing Account Logon and password, after login system, bring into use system and application.Certain applications system is had also to allow when user forgets Password, can by giving the function of password for change, the password protected information that input user has been arranged gives password for change and logon account; Certain applications system is also had to also provide the mode giving password for change of mail or note.It is all private information that these class methods have a feature to be the information such as the account password that arranges of user and cryptoguard, and only user grasps, if user reveals these information, account may be caused to be utilized by other people.Therefore when user forgets the information such as account password and cryptoguard simultaneously, or user meet accident after the account will be caused to become be sunk into sleep account or corpse account.And these accounts take the resource of system on the one hand, on the other hand some in use produced information is for its household being also a valuable wealth, and this embodies particularly evident for the websites such as such as QQ, FaceBook, mailing system and application.Have small part website such as QQ to provide the way of statement, but the process of these statements all need manual examination and verification and confirmation.
Summary of the invention
The object of the invention is to provide a kind of computer application system account protection method; system can arrange the quantity of password priority and the quantity of the corresponding password of each priority level; by multiple passwords of the different priorities of setting network account during user's login account after being provided with; make to forget account password information as user; after even user meets accident; when still can not need the manual intervention of application system side, the people having different priorities password authorization can continue to utilize account when eligible.Meanwhile, when respective priority does not meet effective term, use the password of this priority level can not logon account, ensure the fail safe of user account.
The present invention is realized by following flow process.
In the present invention, Accounting system is by quantity X1, the X2 of password priority quantity Y, the corresponding password of each priority level ... XY, and each priority level password effective term T1, T2 ... the essential element compositions such as TY.Quantity X1, the X2 of the quantity Y password corresponding to each priority level of current system password priority are set by Accounting system ... XY, and condition T1, T2 that each priority level comes into force ... TY, T1, T2 is realized for the ease of Accounting system ... TY etc. can be solidified into a certain class or the good pulldown conditions option of a few class predefine, are reached the object imposed a condition by the numerical parameter setting such.Account name USERID and multiple priority password (M_1_1, M_1_2 is set during user's initialization account ... M_1_X1), (M_2_1, M_2_2 ... M_2_X2) ... (M_Y_X1, M_Y_2 ... M_Y_XY); Wherein password M_1_1, M_1_2 of limit priority ... M_1_X1 uses when being used for daily login application system, password not only user's grasp of other priority, also the people of users to trust can be licensed to, as long as when corresponding first rank does not meet effective term, even if the password grasping this priority level can not log in; The password of system of users input mates from high to low successively by the priority level of Operation system setting and effective term when users log on, first detect and whether meet effective term, if do not met, login failure, if meet effective term, detect whether passwords, if coupling logins successfully, if do not mated, then detect and whether meet next priority conditions and password.
Login authentication method of the present invention is made up of following steps:
S1, system initialization arrange the quantity Y of current system password priority P, Y >=2;
S2, system initialization arrange each priority level P ithe quantity X of corresponding password i, and priority level P icorresponding effective term: failure period D iwith continuous login failure number of times E i, wherein Y>=i>=1, D i+1>=D i, D 1=0, E 1=0;
S3, user set and preserve multiple password M of network account name USERID and group different priorities ij, wherein Y>=i>=1, X i>=j>=1, system Lookup protocol user T=present system time of last Successful login time, continuous login failure number of times E is 0, and password is preserved after can adopting unidirectional non-reversible cryptographic algorithm encryption in systems in which;
S4, user's logging in network account, input account name USERID, password mm1;
S5, i=1 is set;
Whether the current state of S6, systems axiol-ogy account name USERID meets priority level P ieffective term: present system time-user T>=D of last Successful login time i, user's continuous login failure number of times E>=E i; If all meet and enter S7, otherwise enter S13;
S7, j=1 is set;
Whether S8, systems axiol-ogy password mm1 equal M ij, equally enter S14, otherwise enter S9;
S9, j=j+1 is set;
S10, judge whether j is greater than X i, be enter S11, otherwise enter S8;
S11, i=i+1 is set;
S12, judge whether i is greater than Y, be enter S13, otherwise enter S6;
S13, prompt cipher error message, recording user continuous login failure number of times E=E+1, user enters S4 circulation after confirming;
S14, certification are passed through, the time T=present system time of the last Successful login of recording user, and recording user continuous login failure number of times E=0, user logins successfully.
Failure period D described in step S2 of the present invention i, can be sky, hour, second etc. according to the concrete condition setting unit of application system.
Method of the present invention can to become partial password information semi-over by the complete account password information grasped from user originally, the priority level of setting code simultaneously, when respective priority does not meet effective term, even if other people have grasped the password of this priority level, can not Successful login account.This method arranges flexibly, and usable condition is relatively more extensive, simultaneously after the good priority ratio of Operation system setting, does not need the manual intervention of application system side, workable.
Advantage of the present invention is: (1) flexible configuration of the present invention, and the scope of application is relatively more extensive, and Accounting system can adapt to various different demand by arranging and adjust corresponding parameter; (2) because user can arrange the different password of multiple priority level, the password that priority level is low can not only user be grasped, user is made to forget login password information after even user meets accident, when still can not need the manual intervention of application system side when after the failure period, the people of subscriber authorisation can continue to utilize account when eligible.
Accompanying drawing explanation
Fig. 1 is flow chart of the present invention.
Embodiment
The present invention will be further described by following examples.
Embodiment: the social network sites system with three grades of passwords.
Social network sites Operation system setting allows user to set the password of three priority levels, a login password is respectively from height to low according to priority level, a unlocking pin, give password for change for two, login password has limit priority, all the time come into force, the effective term of unlocking pin is user's continuous login failure X time, and the effective term giving password for change is for the continuous login failure of user (X+10) secondary and current time and last Successful login time difference are more than Y days.User, when social network sites is registered, needs to set login password A, the unlocking pin B of oneself and gives password C1 and C2 for change; If such user have forgotten login password A, unlocking pin B login system can be inputted after retry X time; Giving password C1 for change and can be set as that the password oneself of comparatively simple, good memory is grasped wherein, also the people that can trust can be told by giving for change password C2, after the condition giving password for change meets and comes into force, I can use and give password C1 login system for change, and after user meets accident, grasping the user giving password C2 for change equally also can login system.As long as user keeps the normal login of website simultaneously, even if give password for change can not be used to login system by grasp.

Claims (1)

1. an account protection method for the many passwords of different priorities, is characterized in that being made up of following steps:
S1, system initialization arrange the quantity Y of current system password priority P, Y >=2;
S2, system initialization arrange each priority level P ithe quantity X of corresponding password i, and priority level P icorresponding effective term: failure period D iwith continuous login failure number of times E i, wherein Y>=i>=1, D i+1>=D i, D 1=0, E 1=0;
S3, user set and preserve multiple password M of network account name USERID and group different priorities ij, wherein Y>=i>=1, X i>=j>=1, system Lookup protocol user T=present system time of last Successful login time, continuous login failure number of times E is 0, and password is preserved after can adopting unidirectional non-reversible cryptographic algorithm encryption in systems in which;
S4, user's logging in network account, input account name USERID, password mm1;
S5, i=1 is set;
Whether the current state of S6, systems axiol-ogy account name USERID meets priority level P ieffective term: present system time-user T>=D of last Successful login time i, user's continuous login failure number of times E>=E i; If all meet and enter S7, otherwise enter S13;
S7, j=1 is set;
Whether S8, systems axiol-ogy password mm1 equal M ij, equally enter S14, otherwise enter S9;
S9, j=j+1 is set;
S10, judge whether j is greater than X i, be enter S11, otherwise enter S8;
S11, i=i+1 is set;
S12, judge whether i is greater than Y, be enter S13, otherwise enter S6;
S13, prompt cipher error message, recording user continuous login failure number of times E=E+1, user enters S4 circulation after confirming;
S14, certification are passed through, the time T=present system time of the last Successful login of recording user, and recording user continuous login failure number of times E=0, user logins successfully.
CN201510143750.9A 2015-03-30 2015-03-30 A kind of account protection method of the more passwords of different priorities Active CN104796410B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510143750.9A CN104796410B (en) 2015-03-30 2015-03-30 A kind of account protection method of the more passwords of different priorities

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510143750.9A CN104796410B (en) 2015-03-30 2015-03-30 A kind of account protection method of the more passwords of different priorities

Publications (2)

Publication Number Publication Date
CN104796410A true CN104796410A (en) 2015-07-22
CN104796410B CN104796410B (en) 2018-03-02

Family

ID=53560922

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510143750.9A Active CN104796410B (en) 2015-03-30 2015-03-30 A kind of account protection method of the more passwords of different priorities

Country Status (1)

Country Link
CN (1) CN104796410B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102693380A (en) * 2012-05-07 2012-09-26 李良 Password authentication method
CN102883026A (en) * 2012-09-07 2013-01-16 广东欧珀移动通信有限公司 Method for implementing start-up protection on mobile terminal
EP2629488A1 (en) * 2012-02-17 2013-08-21 OSAN Technology Inc. Authentication system, authentication method, and network storage appliance
CN104144076A (en) * 2014-05-28 2014-11-12 腾讯科技(深圳)有限公司 Method, device and system for flow error control

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2629488A1 (en) * 2012-02-17 2013-08-21 OSAN Technology Inc. Authentication system, authentication method, and network storage appliance
CN102693380A (en) * 2012-05-07 2012-09-26 李良 Password authentication method
CN102883026A (en) * 2012-09-07 2013-01-16 广东欧珀移动通信有限公司 Method for implementing start-up protection on mobile terminal
CN104144076A (en) * 2014-05-28 2014-11-12 腾讯科技(深圳)有限公司 Method, device and system for flow error control

Also Published As

Publication number Publication date
CN104796410B (en) 2018-03-02

Similar Documents

Publication Publication Date Title
JP6207697B2 (en) Safe mobile framework
US8336091B2 (en) Multi-level authentication
US9710984B2 (en) Method for the authentication of at least one first unit on at least one second unit
US9191394B2 (en) Protecting user credentials from a computing device
US20180295120A1 (en) Session-limited, manually-entered user authentication information
CN103813334A (en) Right control method and right control device
AU2007248903A1 (en) Claim transformations for trust relationships
CN110941856A (en) Data differential privacy protection sharing platform based on block chain
CN102970681B (en) A kind of secure access implementation method of mobile terminal and system
CN104753854A (en) Method for setting uniform Web interface for various authentication/authorization servers
CN103310138B (en) account management device and method
US10592978B1 (en) Methods and apparatus for risk-based authentication between two servers on behalf of a user
CN106713214B (en) Method and system for identity authentication among multiple authorization systems
CN104796410A (en) Method for protecting account with multiple passwords of different priority levels
CN109359450A (en) Safety access method, device, equipment and the storage medium of linux system
WO2017186445A1 (en) Method for the secure interaction of a user with a mobile terminal and a further entity
CN104811440B (en) A kind of network account setting and authentication method based on Double-puzzle
CN107733650A (en) The dynamic setting method of account password
CN103780399A (en) Timed user authentication method
US8752136B2 (en) Access management method
TWI450125B (en) A password generating method for indicating whether a service system has been logged in via the password by a third party, and a method for locking and unlocking service system, and an apparatus using the methods
EP2566097A1 (en) Enabling a critical command of a device
GB2408358A (en) Access and password management for network resources
WO2012078118A1 (en) Device for controlled safe access to applications and data by two-factor authentication

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
EXSB Decision made by sipo to initiate substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant