CN104796410B - A kind of account protection method of the more passwords of different priorities - Google Patents

A kind of account protection method of the more passwords of different priorities Download PDF

Info

Publication number
CN104796410B
CN104796410B CN201510143750.9A CN201510143750A CN104796410B CN 104796410 B CN104796410 B CN 104796410B CN 201510143750 A CN201510143750 A CN 201510143750A CN 104796410 B CN104796410 B CN 104796410B
Authority
CN
China
Prior art keywords
user
password
account
priority level
enter
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201510143750.9A
Other languages
Chinese (zh)
Other versions
CN104796410A (en
Inventor
邓庚盛
邹伟平
曾勍炜
付爱英
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanchang University
Original Assignee
Nanchang University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanchang University filed Critical Nanchang University
Priority to CN201510143750.9A priority Critical patent/CN104796410B/en
Publication of CN104796410A publication Critical patent/CN104796410A/en
Application granted granted Critical
Publication of CN104796410B publication Critical patent/CN104796410B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Information Transfer Between Computers (AREA)
  • Storage Device Security (AREA)

Abstract

A kind of account protection method of the more passwords of different priorities, by the quantity and the corresponding effective term of each priority level and the quantity of settable password of system initial setting up password priority;Multiple passwords of the different priorities of my account are set during user's registration account, user can be by the low password authorization of priority level to the people trusted;, can not Successful login account even if having grasped corresponding password when the priority level does not meet effective term.Advantages of the present invention:(1) configuration is flexible, and for the scope of application than wide, Accounting system is suitable for various different demands by setting and adjusting relevant parameter;(2) because user can set the password of multiple priority levels, the low password of priority level not only user can be grasped, so that even if after user's generation accident, it still is able in the case of not needing the manual intervention of application system side after the failure period, the people that user authorizes can continue with the account when eligible.

Description

A kind of account protection method of the more passwords of different priorities
Technical field
The invention belongs to computer application field.
Background technology
Computer application system largely employs account and the mode of password login at present, is produced during system use Personal information it is associated with account, this allows user to have different functions, interface etc. when using application system Personalized information.
The account name and password that set when usual user inputs oneself registration during existing Account Logon, after login system, Begin to use system and application.There is certain applications system also to allow when user forgets Password, can be by giving the work(of password for change Can, the password protected information that input user has been set gives password and logon account for change;Also certain applications system also provides postal The mode for giving password for change of part or short message.It is account password and cryptoguard that user is set etc. that such method, which has a feature, Information is all private information, and only user grasps, if user reveals these information, may cause account by other people profits With.Therefore will cause after user forgets that accident occurs for the information such as account password and cryptoguard, or user simultaneously The account turns into be sunk into sleep account or corpse account.And on the one hand these accounts take the resource of system, on the other hand some Caused information is also likely to be a valuable wealth for its household during use, this for such as QQ, The websites such as FaceBook, mailing system and application embody particularly evident.There is the method that small part website such as QQ provides statement, But the processing of these statements is required for manual examination and verification and confirmation.
The content of the invention
It is an object of the present invention to provide a kind of computer application system account protection method, system can set password priority Quantity and the corresponding password of each priority level quantity, by setting network account during user's registration account after being provided with Multiple passwords of different priorities so that after user forgets account password information, or even accident occurs for user, still can In the case of enough not needing the manual intervention of application system side, possessing the people of different priorities password authorization can be with when eligible Continue with account.Meanwhile when respective priority does not meet effective term, it can not be logged in using the password of the priority level Account, ensure the security of user account.
The present invention is realized by below scheme.
In the present invention Accounting system by password priority quantity Y, the corresponding password of each priority level quantity X1, X2 ... XY, and the essential element composition such as each priority level password effective term T1, T2 ... TY.Current system is set by Accounting system The quantity Y of password priority and quantity X1, X2 ... the XY of the corresponding password of each priority level, and each priority level come into force Condition T1, T2 ... TY, the TY etc. that realizes T1, T2 for the ease of Accounting system ... can be solidified into certain a kind of or several class and predefine Pulldown conditions option, the numerical parameter by setting such reaches the purpose to impose a condition.User sets when initializing account Account name USERID and multiple priority passwords (M_1_1, M_1_2 ... M_1_X1), (M_2_1, M_2_2 ... M_2_X2) ... (M_Y_X1、M_Y_2…M_Y_XY);Wherein password M_1_1, M_1_2 ... M_1_X1 of limit priority should for daily login Being used during with system, not only user grasps the password of other priority, can also license to the people of users to trust, as long as When corresponding first rank does not meet effective term, it can not be logged in even if grasping the password of the priority level;It is when users log on The priority level set to the password of user's input by system of uniting and effective term match successively from high to low, first detect whether Meet effective term, the login failure if not meeting, if meeting effective term, detect whether passwords, if matching Login successfully, if it does not match, detecting whether to meet next priority conditions and password.
Login authentication method of the present invention is made up of following steps:
S1, system initialization set the quantity Y of current system password priority P, Y >=2;
S2, system initialization set each priority level PiThe quantity X of corresponding passwordi, and priority level PiIt is corresponding raw Effect condition:Failure period DiWith continuous login failure number Ei, wherein Y >=i >=1, Di+1≥Di, D1=0, E1=0;
S3, user set and preserve network account name USERID and multiple password M of one group of different prioritiesij, wherein Y >=i >=1, Xi>=j >=1, system set the last Successful login time T=present system time of user, continuous login failure automatically Number E is 0, and password preserves after can using unidirectional non-reversible AES encryption in systems;
S4, user's logging in network account, input account name USERID, password mm1;
S5, i=1 is set;
Whether S6, system detectio account name USERID current state meets priority level PiEffective term:Current system M- user's last Successful login time T >=D during systemi, the continuous login failure number E >=E of useri;It is no if all met into S7 Then enter S13;
S7, j=1 is set;
Whether S8, system detectio password mm1 are equal to Mij, it is equal to enter S14, otherwise into S9;
S9, j=j+1 is set;
S10, judge whether j is more than Xi, it is to enter S11, otherwise into S8;
S11, i=i+1 is set;
S12, judge whether i is more than Y, be to enter S13, otherwise into S6;
S13, prompt cipher error message, record the continuous login failure number E=E+1 of user, and user enters S4 after confirming Circulation;
S14, certification are by recording the time T=present system time of the last Successful login of user, recording user and continuously step on Frequency of failure E=0 is recorded, user logins successfully.
Failure period D described in step S2 of the present inventioni, can be set according to the concrete condition of application system unit as day, hour, Second etc..
Originally it is close that the account password information grasped completely from user can be changed into part by method of the present invention Code information is semi-over, concurrently sets the priority level of password, when respective priority does not meet effective term, even if other people slap The password of the priority level has been held, can not Successful login account.This method is set flexibly, and usable condition is than wide, together When after system sets priority ratio, it is not necessary to the manual intervention of application system side, it is workable.
It is an advantage of the invention that:(1) present invention configuration is flexible, the scope of application than wide, Accounting system by setting and Adjust corresponding parameter and be adapted to a variety of demands;(2) because user can set different close of multiple priority levels Code, the low password of priority level not only user can be grasped so that user forgets that login password information even user occurs After accident, remain able in the case of not needing the manual intervention of application system side after the failure period, the people that user authorizes is according with Account can be continued with during conjunction condition.
Brief description of the drawings
Fig. 1 is flow chart of the present invention.
Embodiment
The present invention will be further described by following examples.
Embodiment:Social network sites system with three-level password.
Social network sites system sets the password for allowing user to set three priority levels, according to priority level from high to low point Not Wei a login password, a unlocking pin, two are given for change password, and login password has limit priority, come into force all the time, solution The effective term of lock cipher is user's continuous login failure X times, and the effective term for giving password for change is the continuous login failure (X+ of user 10) secondary and current time is with the last Successful login time difference more than Y days.User is when social network sites are registered, it is necessary to set certainly Oneself login password A, unlocking pin B and give password C1 and C2 for change;If so user have forgotten login password A, retrying X times Unlocking pin B login systems can be inputted afterwards;The password C1 therein that gives for change can be set as the password simpler, easy to remember recalled certainly Oneself grasps, and can also will give password C2 for change and tell the people that can trust, and after the condition for giving password for change meets and come into force, I can be with Using password C1 login systems are given for change, equally grasped after accident occurs for user and give password C2 user for change and can also log in System.As long as user keeps the normal login of website simultaneously, login system can not be used to even if giving password for change and being grasped.

Claims (1)

  1. A kind of 1. account protection method of the more passwords of different priorities, it is characterized in that comprising the steps of:
    S1, system initialization set current system password priority level P quantity Y, Y >=2;
    S2, system initialization set each priority level PiThe quantity X of corresponding passwordi, and priority level PiThe judgement ginseng to come into force Number:Failure period DiWith continuous login failure number Ei, wherein Y >=i >=1, Di+1≥Di, D1=0, E1=0;
    S3, user set and preserve network account name USERID and multiple password M of one group of different prioritiesij, wherein Y >= I >=1, Xi>=j >=1, system set the last Successful login time T=present system time of user, continuous login failure number automatically E is 0, and password preserves after can using unidirectional non-reversible AES encryption in systems;
    S4, user's logging in network account, input account name USERID, password mm1;
    S5, i=1 is set;
    Whether S6, system detectio account name USERID current state meets priority level PiEffective term:During current system M- user's last Successful login time T >=Di, the continuous login failure number E >=E of useri;If all met into S7, otherwise enter Enter S13;
    S7, j=1 is set;
    Whether S8, system detectio password mm1 are equal to Mij, it is equal to enter S14, otherwise into S9;
    S9, j=j+1 is set;
    S10, judge whether j is more than Xi, it is to enter S11, otherwise into S8;
    S11, i=i+1 is set;
    S12, judge whether i is more than Y, be to enter S13, otherwise into S6;
    S13, prompt cipher error message, record the continuous login failure number E=E+1 of user, and user enters S4 after confirming and circulated;
    S14, certification are by recording time T=present system time of the last Successful login of user, recording user and continuously log in mistake Number E=0 is lost, user logins successfully.
CN201510143750.9A 2015-03-30 2015-03-30 A kind of account protection method of the more passwords of different priorities Active CN104796410B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510143750.9A CN104796410B (en) 2015-03-30 2015-03-30 A kind of account protection method of the more passwords of different priorities

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510143750.9A CN104796410B (en) 2015-03-30 2015-03-30 A kind of account protection method of the more passwords of different priorities

Publications (2)

Publication Number Publication Date
CN104796410A CN104796410A (en) 2015-07-22
CN104796410B true CN104796410B (en) 2018-03-02

Family

ID=53560922

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510143750.9A Active CN104796410B (en) 2015-03-30 2015-03-30 A kind of account protection method of the more passwords of different priorities

Country Status (1)

Country Link
CN (1) CN104796410B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102693380A (en) * 2012-05-07 2012-09-26 李良 Password authentication method
CN102883026A (en) * 2012-09-07 2013-01-16 广东欧珀移动通信有限公司 Method for implementing start-up protection on mobile terminal
EP2629488A1 (en) * 2012-02-17 2013-08-21 OSAN Technology Inc. Authentication system, authentication method, and network storage appliance
CN104144076A (en) * 2014-05-28 2014-11-12 腾讯科技(深圳)有限公司 Method, device and system for flow error control

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2629488A1 (en) * 2012-02-17 2013-08-21 OSAN Technology Inc. Authentication system, authentication method, and network storage appliance
CN102693380A (en) * 2012-05-07 2012-09-26 李良 Password authentication method
CN102883026A (en) * 2012-09-07 2013-01-16 广东欧珀移动通信有限公司 Method for implementing start-up protection on mobile terminal
CN104144076A (en) * 2014-05-28 2014-11-12 腾讯科技(深圳)有限公司 Method, device and system for flow error control

Also Published As

Publication number Publication date
CN104796410A (en) 2015-07-22

Similar Documents

Publication Publication Date Title
US9722981B2 (en) Password management system
Sule et al. Cybersecurity through the lens of digital identity and data protection: issues and trends
US9256725B2 (en) Credential recovery with the assistance of trusted entities
US8856892B2 (en) Interactive authentication
US20150288701A1 (en) Invitation links with enhanced protection
US9497188B2 (en) Offline authentication with embedded authorization attributes
US20080010453A1 (en) Method and apparatus for one time password access to portable credential entry and memory storage devices
Firdaus et al. Secure feature driven development (SFDD) model for secure software development
US11398902B2 (en) Systems and methods for non-deterministic multi-party, multi-user sender-receiver authentication and non-repudiatable resilient authorized access to secret data
CN106973054A (en) A kind of operating system login authentication method and system based on credible platform
CN104796410B (en) A kind of account protection method of the more passwords of different priorities
CN104579690B (en) High in the clouds KEY systems and application method
CN106790114A (en) A kind of code entry method with prompt facility
CN103310138A (en) Account managing device and a method thereof
WO2021015711A1 (en) Automatic password expiration based on password integrity
CN104811440B (en) A kind of network account setting and authentication method based on Double-puzzle
EP3358488B1 (en) Method for detecting unauthorised copies of a digital security token
CN108268796B (en) Offline management method and device based on offline password
CN108241803B (en) A kind of access control method of heterogeneous system
US9455974B1 (en) Method and system for determining value of an account
Dinesha et al. Evaluation of secure cloud transmission protocol
Schaffer CMVP Approved Authentication Mechanisms: CMVP Validation Authority Requirements for ISO/IEC 19790: 2012 Annex E and ISO/IEC 24579: 2017
Tambasco Global scale identity management
Ho et al. Multimodal Biometric For Secured Role Based Access Control In E-Commerce System
Gupta ◾ Identification and Privacy in the Secure Cloud

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
EXSB Decision made by sipo to initiate substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant