CN104796410A - Method for protecting account with multiple passwords of different priority levels - Google Patents
Method for protecting account with multiple passwords of different priority levels Download PDFInfo
- Publication number
- CN104796410A CN104796410A CN201510143750.9A CN201510143750A CN104796410A CN 104796410 A CN104796410 A CN 104796410A CN 201510143750 A CN201510143750 A CN 201510143750A CN 104796410 A CN104796410 A CN 104796410A
- Authority
- CN
- China
- Prior art keywords
- user
- password
- account
- enter
- passwords
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Information Transfer Between Computers (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a method for protecting an account with multiple passwords of different priority levels. The number of the priority levels of passwords initially set by a system and corresponding entry-into-force conditions of each priority level, and the number of passwords which can be set at each priority level are involved in the method. A user sets the passwords of different priority levels for the account of the user when the account is registered, and the user can authorize the passwords of the low priority levels to trusted people. When the priority levels do not meet the entry-into-force conditions, even the corresponding passwords are mastered, account login can not succeed. The method has the advantages that configuration is flexible, the application range is wide, and the account system can meet various different requirements through setting and regulating of corresponding parameters; due to the fact that the user can set the passwords of multiple priority levels, the passwords of the low priority levels can be mastered not only by the user, and the people authorized by the user can continue to use the account when meeting the conditions under the condition that no manual interference of the application system side after the user has an accident and the expiry date is up.
Description
Technical field
The invention belongs to computer application field.
Background technology
The mode of what current computer application system was a large amount of have employed account and password login, the personal information produced in system use procedure is associated with account, this information making user that different functions, interface etc. can be had personalized when using application system.
The account name arranged when usual user inputs oneself registration during existing Account Logon and password, after login system, bring into use system and application.Certain applications system is had also to allow when user forgets Password, can by giving the function of password for change, the password protected information that input user has been arranged gives password for change and logon account; Certain applications system is also had to also provide the mode giving password for change of mail or note.It is all private information that these class methods have a feature to be the information such as the account password that arranges of user and cryptoguard, and only user grasps, if user reveals these information, account may be caused to be utilized by other people.Therefore when user forgets the information such as account password and cryptoguard simultaneously, or user meet accident after the account will be caused to become be sunk into sleep account or corpse account.And these accounts take the resource of system on the one hand, on the other hand some in use produced information is for its household being also a valuable wealth, and this embodies particularly evident for the websites such as such as QQ, FaceBook, mailing system and application.Have small part website such as QQ to provide the way of statement, but the process of these statements all need manual examination and verification and confirmation.
Summary of the invention
The object of the invention is to provide a kind of computer application system account protection method; system can arrange the quantity of password priority and the quantity of the corresponding password of each priority level; by multiple passwords of the different priorities of setting network account during user's login account after being provided with; make to forget account password information as user; after even user meets accident; when still can not need the manual intervention of application system side, the people having different priorities password authorization can continue to utilize account when eligible.Meanwhile, when respective priority does not meet effective term, use the password of this priority level can not logon account, ensure the fail safe of user account.
The present invention is realized by following flow process.
In the present invention, Accounting system is by quantity X1, the X2 of password priority quantity Y, the corresponding password of each priority level ... XY, and each priority level password effective term T1, T2 ... the essential element compositions such as TY.Quantity X1, the X2 of the quantity Y password corresponding to each priority level of current system password priority are set by Accounting system ... XY, and condition T1, T2 that each priority level comes into force ... TY, T1, T2 is realized for the ease of Accounting system ... TY etc. can be solidified into a certain class or the good pulldown conditions option of a few class predefine, are reached the object imposed a condition by the numerical parameter setting such.Account name USERID and multiple priority password (M_1_1, M_1_2 is set during user's initialization account ... M_1_X1), (M_2_1, M_2_2 ... M_2_X2) ... (M_Y_X1, M_Y_2 ... M_Y_XY); Wherein password M_1_1, M_1_2 of limit priority ... M_1_X1 uses when being used for daily login application system, password not only user's grasp of other priority, also the people of users to trust can be licensed to, as long as when corresponding first rank does not meet effective term, even if the password grasping this priority level can not log in; The password of system of users input mates from high to low successively by the priority level of Operation system setting and effective term when users log on, first detect and whether meet effective term, if do not met, login failure, if meet effective term, detect whether passwords, if coupling logins successfully, if do not mated, then detect and whether meet next priority conditions and password.
Login authentication method of the present invention is made up of following steps:
S1, system initialization arrange the quantity Y of current system password priority P, Y >=2;
S2, system initialization arrange each priority level P
ithe quantity X of corresponding password
i, and priority level P
icorresponding effective term: failure period D
iwith continuous login failure number of times E
i, wherein Y>=i>=1, D
i+1>=D
i, D
1=0, E
1=0;
S3, user set and preserve multiple password M of network account name USERID and group different priorities
ij, wherein Y>=i>=1, X
i>=j>=1, system Lookup protocol user T=present system time of last Successful login time, continuous login failure number of times E is 0, and password is preserved after can adopting unidirectional non-reversible cryptographic algorithm encryption in systems in which;
S4, user's logging in network account, input account name USERID, password mm1;
S5, i=1 is set;
Whether the current state of S6, systems axiol-ogy account name USERID meets priority level P
ieffective term: present system time-user T>=D of last Successful login time
i, user's continuous login failure number of times E>=E
i; If all meet and enter S7, otherwise enter S13;
S7, j=1 is set;
Whether S8, systems axiol-ogy password mm1 equal M
ij, equally enter S14, otherwise enter S9;
S9, j=j+1 is set;
S10, judge whether j is greater than X
i, be enter S11, otherwise enter S8;
S11, i=i+1 is set;
S12, judge whether i is greater than Y, be enter S13, otherwise enter S6;
S13, prompt cipher error message, recording user continuous login failure number of times E=E+1, user enters S4 circulation after confirming;
S14, certification are passed through, the time T=present system time of the last Successful login of recording user, and recording user continuous login failure number of times E=0, user logins successfully.
Failure period D described in step S2 of the present invention
i, can be sky, hour, second etc. according to the concrete condition setting unit of application system.
Method of the present invention can to become partial password information semi-over by the complete account password information grasped from user originally, the priority level of setting code simultaneously, when respective priority does not meet effective term, even if other people have grasped the password of this priority level, can not Successful login account.This method arranges flexibly, and usable condition is relatively more extensive, simultaneously after the good priority ratio of Operation system setting, does not need the manual intervention of application system side, workable.
Advantage of the present invention is: (1) flexible configuration of the present invention, and the scope of application is relatively more extensive, and Accounting system can adapt to various different demand by arranging and adjust corresponding parameter; (2) because user can arrange the different password of multiple priority level, the password that priority level is low can not only user be grasped, user is made to forget login password information after even user meets accident, when still can not need the manual intervention of application system side when after the failure period, the people of subscriber authorisation can continue to utilize account when eligible.
Accompanying drawing explanation
Fig. 1 is flow chart of the present invention.
Embodiment
The present invention will be further described by following examples.
Embodiment: the social network sites system with three grades of passwords.
Social network sites Operation system setting allows user to set the password of three priority levels, a login password is respectively from height to low according to priority level, a unlocking pin, give password for change for two, login password has limit priority, all the time come into force, the effective term of unlocking pin is user's continuous login failure X time, and the effective term giving password for change is for the continuous login failure of user (X+10) secondary and current time and last Successful login time difference are more than Y days.User, when social network sites is registered, needs to set login password A, the unlocking pin B of oneself and gives password C1 and C2 for change; If such user have forgotten login password A, unlocking pin B login system can be inputted after retry X time; Giving password C1 for change and can be set as that the password oneself of comparatively simple, good memory is grasped wherein, also the people that can trust can be told by giving for change password C2, after the condition giving password for change meets and comes into force, I can use and give password C1 login system for change, and after user meets accident, grasping the user giving password C2 for change equally also can login system.As long as user keeps the normal login of website simultaneously, even if give password for change can not be used to login system by grasp.
Claims (1)
1. an account protection method for the many passwords of different priorities, is characterized in that being made up of following steps:
S1, system initialization arrange the quantity Y of current system password priority P, Y >=2;
S2, system initialization arrange each priority level P
ithe quantity X of corresponding password
i, and priority level P
icorresponding effective term: failure period D
iwith continuous login failure number of times E
i, wherein Y>=i>=1, D
i+1>=D
i, D
1=0, E
1=0;
S3, user set and preserve multiple password M of network account name USERID and group different priorities
ij, wherein Y>=i>=1, X
i>=j>=1, system Lookup protocol user T=present system time of last Successful login time, continuous login failure number of times E is 0, and password is preserved after can adopting unidirectional non-reversible cryptographic algorithm encryption in systems in which;
S4, user's logging in network account, input account name USERID, password mm1;
S5, i=1 is set;
Whether the current state of S6, systems axiol-ogy account name USERID meets priority level P
ieffective term: present system time-user T>=D of last Successful login time
i, user's continuous login failure number of times E>=E
i; If all meet and enter S7, otherwise enter S13;
S7, j=1 is set;
Whether S8, systems axiol-ogy password mm1 equal M
ij, equally enter S14, otherwise enter S9;
S9, j=j+1 is set;
S10, judge whether j is greater than X
i, be enter S11, otherwise enter S8;
S11, i=i+1 is set;
S12, judge whether i is greater than Y, be enter S13, otherwise enter S6;
S13, prompt cipher error message, recording user continuous login failure number of times E=E+1, user enters S4 circulation after confirming;
S14, certification are passed through, the time T=present system time of the last Successful login of recording user, and recording user continuous login failure number of times E=0, user logins successfully.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510143750.9A CN104796410B (en) | 2015-03-30 | 2015-03-30 | A kind of account protection method of the more passwords of different priorities |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510143750.9A CN104796410B (en) | 2015-03-30 | 2015-03-30 | A kind of account protection method of the more passwords of different priorities |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104796410A true CN104796410A (en) | 2015-07-22 |
CN104796410B CN104796410B (en) | 2018-03-02 |
Family
ID=53560922
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510143750.9A Active CN104796410B (en) | 2015-03-30 | 2015-03-30 | A kind of account protection method of the more passwords of different priorities |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104796410B (en) |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102693380A (en) * | 2012-05-07 | 2012-09-26 | 李良 | Password authentication method |
CN102883026A (en) * | 2012-09-07 | 2013-01-16 | 广东欧珀移动通信有限公司 | Method for implementing start-up protection on mobile terminal |
EP2629488A1 (en) * | 2012-02-17 | 2013-08-21 | OSAN Technology Inc. | Authentication system, authentication method, and network storage appliance |
CN104144076A (en) * | 2014-05-28 | 2014-11-12 | 腾讯科技(深圳)有限公司 | Method, device and system for flow error control |
-
2015
- 2015-03-30 CN CN201510143750.9A patent/CN104796410B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2629488A1 (en) * | 2012-02-17 | 2013-08-21 | OSAN Technology Inc. | Authentication system, authentication method, and network storage appliance |
CN102693380A (en) * | 2012-05-07 | 2012-09-26 | 李良 | Password authentication method |
CN102883026A (en) * | 2012-09-07 | 2013-01-16 | 广东欧珀移动通信有限公司 | Method for implementing start-up protection on mobile terminal |
CN104144076A (en) * | 2014-05-28 | 2014-11-12 | 腾讯科技(深圳)有限公司 | Method, device and system for flow error control |
Also Published As
Publication number | Publication date |
---|---|
CN104796410B (en) | 2018-03-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP6207697B2 (en) | Safe mobile framework | |
US8336091B2 (en) | Multi-level authentication | |
US9710984B2 (en) | Method for the authentication of at least one first unit on at least one second unit | |
US9191394B2 (en) | Protecting user credentials from a computing device | |
US20180295120A1 (en) | Session-limited, manually-entered user authentication information | |
CN103813334A (en) | Right control method and right control device | |
AU2007248903A1 (en) | Claim transformations for trust relationships | |
CN110941856A (en) | Data differential privacy protection sharing platform based on block chain | |
CN102970681B (en) | A kind of secure access implementation method of mobile terminal and system | |
CN104753854A (en) | Method for setting uniform Web interface for various authentication/authorization servers | |
CN103310138B (en) | account management device and method | |
US10592978B1 (en) | Methods and apparatus for risk-based authentication between two servers on behalf of a user | |
CN106713214B (en) | Method and system for identity authentication among multiple authorization systems | |
CN104796410A (en) | Method for protecting account with multiple passwords of different priority levels | |
CN109359450A (en) | Safety access method, device, equipment and the storage medium of linux system | |
WO2017186445A1 (en) | Method for the secure interaction of a user with a mobile terminal and a further entity | |
CN104811440B (en) | A kind of network account setting and authentication method based on Double-puzzle | |
CN107733650A (en) | The dynamic setting method of account password | |
CN103780399A (en) | Timed user authentication method | |
US8752136B2 (en) | Access management method | |
TWI450125B (en) | A password generating method for indicating whether a service system has been logged in via the password by a third party, and a method for locking and unlocking service system, and an apparatus using the methods | |
EP2566097A1 (en) | Enabling a critical command of a device | |
GB2408358A (en) | Access and password management for network resources | |
WO2012078118A1 (en) | Device for controlled safe access to applications and data by two-factor authentication |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
EXSB | Decision made by sipo to initiate substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |