CN104883351A - Multiple-factor authentication method and device - Google Patents
Multiple-factor authentication method and device Download PDFInfo
- Publication number
- CN104883351A CN104883351A CN201510112582.7A CN201510112582A CN104883351A CN 104883351 A CN104883351 A CN 104883351A CN 201510112582 A CN201510112582 A CN 201510112582A CN 104883351 A CN104883351 A CN 104883351A
- Authority
- CN
- China
- Prior art keywords
- user
- prompt information
- information
- authorization prompt
- message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3218—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Information Transfer Between Computers (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention discloses a multiple-factor authentication method. The multiple-factor authentication method comprises the steps of: conducting preliminary identity verification based on login information of a user; generating authentication prompting information according to user information associated with the login information after the preliminary identity verification is passed; sending the authentication prompting information to a client of the user, and outputting the authentication prompting information to the user in a login interface via the client; and sending an authenticated notification message to the client when receiving authentication information which is input by the user under the prompt of the authentication prompting information and matched with the authentication prompting information. According to the multiple-factor authentication method and a multiple-factor authentication device provided by the invention, the authentication prompting information is generated according to the user information associated with the login information of the user, and the user can complete the identity verification process spontaneously based on facts known by himself without introducing an authentication method of a third party, thereby enhancing user experience and reducing service cost of a server.
Description
Technical field
The disclosure relates to communication field, particularly relates to multiple-factor authentication method and device.
Background technology
In order to ensure the privacy of users personal data, just user oriented provides service after current nearly all Internet service all can require user to log in.Current modal login mode is that requirement user inputs username and password, service end carrys out identifying user identity by the legitimacy of the username and password that authentication of users inputs, but in actual applications, because user may be with identical username and password several different Internet service commercial cities, therefore once wherein one username and password reveal, other several all will can face serious potential safety hazard.In order to address this is that, industry proposes multiple-factor verification method, so-called multiple-factor verification method refers to that user is when logging in, and on the basis of the correct username and password of input, then other verification mode of affix verifies the true identity of current login user.But along with the explosive growth of the Internet, enriching constantly of user's application scenarios, current multiple-factor verification method cannot meet actual demand.
Summary of the invention
For overcoming Problems existing in correlation technique, the disclosure provides a kind of multiple-factor authentication method and device.
According to the first aspect of disclosure embodiment, provide a kind of multiple-factor authentication method, described method comprises:
Log-on message based on user carries out primary identity checking;
After described primary identity is verified, the user profile according to associating with described log-on message generates authorization prompt information;
Described authorization prompt information is sent to the client of described user, by described client, described authorization prompt information is exported to described user in login interface;
When receiving the authentication information with described authorization prompt information matches that described user inputs under the prompting of described authorization prompt information, to the notice message that described client transmission certification is passed through.
Optionally, the log-on message of described user comprises the login account of described user; The user profile that described and described log-on message associates comprises the associated person information associated with the login account of described user.
Optionally, described after described primary identity is verified, generate authorization prompt information according to the user profile associated with described log-on message and comprise:
After described primary identity is verified, obtain the associated person information associated with the login account of described user;
According to pre-arranged code rule, the contact name in described associated person information is encoded;
Described authorization prompt information is generated based on the described contact name after coding and default prompting message.
Optionally, describedly coding carried out to the contact name in described associated person information comprise according to pre-arranged code rule:
According to the coding rule being converted to homophone, the contact name in described associated person information is encoded; Or
According to the coding rule being converted to pinyin character, the contact name in described associated person information is encoded; Or
The mode combined according to the coding rule being converted to homophone and the coding rule that is converted to pinyin character is encoded to described contact name.
Optionally, described method also comprises:
If according to the coding rule being converted to pinyin character, or the mode combined according to the coding rule being converted to homophone and the coding rule that is converted to pinyin character is encoded to described contact name, the appointment syllabogram in the pinyin character generated after shielding coding.
According to the second aspect of disclosure embodiment, provide a kind of multiple-factor authenticate device, described device comprises:
Authentication module, carries out primary identity checking for the log-on message based on user;
Generation module, after described primary identity is verified, the user profile according to associating with described log-on message generates authorization prompt information;
First sending module, for described authorization prompt information being sent to the client of described user, is exported described authorization prompt information to described user by described client in login interface;
Second sending module, for when receiving the authentication information with described authorization prompt information matches that described user inputs under the prompting of described authorization prompt information, to the notice message that described client transmission certification is passed through.
Optionally, the log-on message of described user comprises the login account of described user; The user profile that described and described log-on message associates comprises the associated person information associated with the login account of described user.
Optionally, described generation module comprises:
Obtain submodule, for after described primary identity is verified, obtain the associated person information associated with the login account of described user;
Encoding submodule, for encoding to the contact name in described associated person information according to pre-arranged code rule;
Generate submodule, for generating described authorization prompt information based on the described contact name after coding and default prompting message.
Optionally, described encoding submodule comprises:
First coded sub-units, for encoding to the contact name in described associated person information according to the coding rule being converted to homophone; Or
Second coded sub-units, for encoding to the contact name in described associated person information according to the coding rule being converted to pinyin character; Or
3rd coded sub-units, encodes to described contact name for the mode combined according to the coding rule being converted to homophone and the coding rule that is converted to pinyin character.
Optionally, described encoding submodule also comprises:
Shielding subelement, for according to the coding rule being converted to pinyin character, or the mode combined according to the coding rule being converted to homophone and the coding rule that is converted to pinyin character is encoded to described contact name, the appointment syllabogram in the pinyin character generated after shielding coding.
According to the third aspect of disclosure embodiment, a kind of multiple-factor authenticate device is provided, comprises:
Processor;
For the memory of storage of processor executable instruction;
Wherein, described processor is configured to:
Log-on message based on user carries out primary identity checking;
After described primary identity is verified, the user profile according to associating with described log-on message generates authorization prompt information;
Described authorization prompt information is sent to the client of described user, by described client, described authorization prompt information is exported to described user in login interface;
When receiving the authorization information with described authorization prompt information matches that described user inputs under the prompting of described authorization prompt information, to the notice message that described client transmission certification is passed through.
The technical scheme that embodiment of the present disclosure provides can comprise following beneficial effect:
In above embodiment of the present disclosure, after carrying out primary identity in the log-on message based on user and being verified, user profile according to associating with described log-on message generates authorization prompt information, and described authorization prompt information is sent to the client of described user, by described client, described authorization prompt information is exported to described user in login interface; When receiving the authentication information with described authorization prompt information matches that described user inputs under the prompting of described authorization prompt information, authenticating user identification success, to the notice message that described client transmission certification is passed through, because the disclosure generates authorization prompt information based on the user profile associated with the log-on message of user, what the fact that user can be recognized based on self was spontaneous completes authentication procedures, and do not need to introduce third-party authentication means, thus can Consumer's Experience be improved and reduce the cost of serving of service end.
Should be understood that, it is only exemplary and explanatory that above general description and details hereinafter describe, and can not limit the disclosure.
Accompanying drawing explanation
Accompanying drawing to be herein merged in specification and to form the part of this specification, shows and meets embodiment of the present disclosure, and is used from specification one and explains principle of the present disclosure.
Fig. 1 is the schematic flow sheet of a kind of multiple-factor authentication method according to an exemplary embodiment;
Fig. 2 is the schematic flow sheet of the another kind of multiple-factor authentication method according to an exemplary embodiment;
Fig. 3 is the schematic block diagram of a kind of multiple-factor authenticate device according to an exemplary embodiment;
Fig. 4 is the schematic block diagram of the another kind of multiple-factor authenticate device according to an exemplary embodiment;
Fig. 5 is the schematic block diagram of the another kind of multiple-factor authenticate device according to an exemplary embodiment;
Fig. 6 is the schematic block diagram of the another kind of multiple-factor authenticate device according to an exemplary embodiment;
Fig. 7 is a kind of structural representation for described multiple-factor authenticate device according to an exemplary embodiment.
Embodiment
Here will be described exemplary embodiment in detail, its sample table shows in the accompanying drawings.When description below relates to accompanying drawing, unless otherwise indicated, the same numbers in different accompanying drawing represents same or analogous key element.Execution mode described in following exemplary embodiment does not represent all execution modes consistent with the disclosure.On the contrary, they only with as in appended claims describe in detail, the example of apparatus and method that aspects more of the present disclosure are consistent.
The term used in the disclosure is only for the object describing specific embodiment, and the not intended to be limiting disclosure." one ", " described " and " being somebody's turn to do " of the singulative used in disclosure and the accompanying claims book is also intended to comprise most form, unless context clearly represents other implications.It is also understood that term "and/or" used herein refer to and comprise one or more project of listing be associated any or all may combine.
Term first, second, third, etc. may be adopted although should be appreciated that to describe various information in the disclosure, these information should not be limited to these terms.These terms are only used for the information of same type to be distinguished from each other out.Such as, when not departing from disclosure scope, the first information also can be called as the second information, and similarly, the second information also can be called as the first information.Depend on linguistic context, word as used in this " if " can be construed as into " ... time " or " when ... time " or " in response to determining ".
In existing realization, after user have input correct username and password in login process, when needing to verify the identity of user, normally to be issued to user by service end that checking note or the dynamic token that provided by user installation service end realize.Wherein:
By service end to user issue checking note carry out authentication time, after user have input correct username and password in login process, user's input validation code can be pointed out in login interface, simultaneously service end is by identifying code to verify that the form of note is sent on the phone number that user reserves, and user can complete authentication by inputting the identifying code received in login interface.
But, in above scheme, require that user carries with mobile phone when logging in otherwise cannot receive identifying code, and user is at every turn when carrying out authentication, service end all needs the mobile phone to user to send checking note, and this provides cost what virtually increased service end.
When the dynamic token by being provided by user installation service end carries out authentication, the token software provided by service end can be installed in advance on the mobile phone of user, after user have input correct username and password in login process, service end can use same login account to calculate validation value with the terminal of user, if at a time calculate identical validation value, then can the authentication of completing user.
But in above scheme, the installation of token software is highly professional, has certain technical threshold, also require that user carries with mobile phone in login process simultaneously, be therefore unfavorable for promoting Consumer's Experience.
Because time, the disclosure proposes a kind of multiple-factor authentication method, after carrying out primary identity in the log-on message based on user and being verified, user profile according to associating with described log-on message generates authorization prompt information, and described authorization prompt information is sent to the client of described user, by described client, described authorization prompt information is exported to described user in login interface; When receiving the authentication information with described authorization prompt information matches that described user inputs under the prompting of described authorization prompt information, authenticating user identification success, to the notice message that described client transmission certification is passed through, because the disclosure generates authorization prompt information based on the user profile associated with the log-on message of user, what the fact that user can be recognized based on self was spontaneous completes authentication process itself, and do not need to introduce third-party authentication means, thus can Consumer's Experience be improved and reduce the cost of serving of service end.
As shown in Figure 1, Fig. 1 is a kind of multiple-factor authentication method according to an exemplary embodiment, and this multiple-factor authentication method is used for, in service end, comprising the following steps:
In a step 101, the log-on message based on user carries out primary identity checking;
In a step 102, after described primary identity is verified, the user profile according to associating with described log-on message generates authorization prompt information;
In step 103, described authorization prompt information is sent to the client of described user, by described client, described authorization prompt information is exported to described user in login interface;
At step 104, when receiving the authentication information with described authorization prompt information matches that described user inputs under the prompting of described authorization prompt information, to the notice message that described client transmission certification is passed through.
In the present embodiment, described client can be mounted in the Internet service client provided by service provider on user terminal, and such as, described client can instant communication client, net purchase client or other Internet service client etc.Described user terminal can be smart mobile phone; Described service end can be that service provider's user oriented provides the server of service, server cluster or cloud platform.
Described log-on message can comprise login account and password, and user, can by inputting correct login account and password completes login in the process logging in described client in login interface.But due to the login account of user and password, the risk of leakage can be there is in actual use, user only adopts the authentication mode of checking login account and password to there is certain potential safety hazard in the process logging in described client, therefore in order to improve level of security, can log in the process of described client user and introduce multiple-factor certification, checking login account and password are verified as just primary identity, then on the basis of primary identity checking, introduce other authentication mode again, the identity of this user is further verified.
When realizing, after user have input correct login account and password in login interface, service end can be opened and be carried out further proof procedure to the identity of this user, and obtain and the user profile associated by login account of user, then carry out further certification according to what get with the identity of the user's information associated by the login account of user.
Wherein, the described user profile associated with the login account of user can be the associated person information associated with the login account of user; Such as, when described client is instant communication client, such as rice is chatted, and the described user profile associated with the login account of user can be the friend information chatting account relating with the rice of user; When described client is the Internet service client of other type, such as millet cloud server terminal, the described user profile associated with the login account of user can be then that user uses millet cloud account to upload to associated person information in the cell phone address book of service end.Certainly, when realizing, the described user profile associated with the login account of user also can be the user profile of the other types associated with the login account of user, such as, can be the obligate information that user pre-sets.
What deserves to be explained is, when the identity of the user's information of other types such as the obligate information adopting such as user to pre-set carries out further certification, the obligate information pre-set due to user is usually more fixing, and probably reveal together with password with the login account of user, easily understand by other people, and the associated person information associated with the login account of user has certain quantity usually, to be not easy understand by other people, fail safe when therefore adopting the associated person information that associates with the login account of user to carry out further certification to the identity of user will be higher.
Be described in detail to adopt the associated person information associated with the login account of user to carry out further certification to the identity of user below.
In the present embodiment, service end, after opening and carrying out the process of further certification to the identity of user, can obtain the associated person information associated with the login account of described user; Such as, described client is rice when chatting client, and service end can obtain the buddy list chatting account relating with the rice of user, then obtains the friend information in buddy list; When described client is millet cloud client, service end can obtain user and use millet cloud account to upload to local cell phone address book, then obtains the associated person information in this cell phone address book.
After service end successfully gets the associated person information associated with the login account of described user, authorization prompt information can be generated according to the associated person information got, and after generation authorization prompt information, the authorization prompt information of generation is sent to the client of described user.This authorization prompt information, after receiving this authorization prompt information, can export to user, input the identity of correct authorization information to user further verify to point out user by described client in login interface.
But, because the associated person information associated with the login account of user belongs to the private data of user, therefore service end is when generating authorization prompt information according to the associated person information got, according to the coding rule preset, the contact name in the associated person information got can be encoded, to mask the private data in associated person information, then generate described authorization prompt information based on the contact name after coding and default prompting message.Wherein, described default coding rule, can comprise the coding rule being converted to homophone, the coding rule being converted to pinyin character or the combination of the two.
Such as, suppose that described default prompting message is " you have individual friend to be xxx ", the associated person information associated with the login account of described user that service end gets comprises the contact name that is " Wu Sangui ", the coding rule that service end adopts is the mode that the coding rule being converted to homophone combines with the coding rule being converted to pinyin character, so service end is when generating authorization prompt information, one or more word user homophone in this contact name " Wu Sangui " can be replaced, then remaining word pinyin character is replaced, such as, this contact name " Wu Sangui " can be encoded to " five SanGui " by service end, then the contact name after coding and described default prompting message are carried out the authorization prompt information of simple combination producing one " you have individual friend to be five SanGui ", then this authorization prompt information is sent to described client, by described client, this authorization prompt information is exported to user in login interface.
When user successfully inputs correct authorization information under the prompting of this authorization prompt information, such as, user is under the prompting of authorization prompt information " you have individual friend to be five SanGui ", when have input " Wu Sangui ", now certification is passed through, and service end can send a notice message for being passed through by client certificate to client.On the contrary, if user's input error, and the number of times of mistake input reaches the number of times of setting, now in order to security consideration, can forbid within a certain period of time verifying this user.
In the present embodiment; after service end adopts the coding rule preset to encode to the contact name in the associated person information got; although farthest protect the private data of user; but when service end have employed the coding rule being converted to pinyin character; or after the title of coding rule to the associated person information got that have employed the coding rule that is converted to homophone and be converted to pinyin character is encoded, the risk that the associated person information that still can there is user is revealed.
Such as, be still " you have individual friend to be five SanGui " for described authorization prompt information, if the login account of active user and password are revealed, after disabled user uses the client of this login account and password login user, viewed described authorization prompt information in login interface after, although contact name " Wu Sangui " has been become " five SanGui " by code conversion, but disabled user still may guess the real name of this contact person by transliteration, thus the associated person information of user is caused to reveal.
Therefore, when realizing, service end can some can cause the syllabogram of user's ambiguity to mask by the authorization prompt information of generation, even if thus the login account of user and password are revealed, because disabled user does not understand the associated person information associated with this login account, therefore disabled user is under the prompting of described authorization prompt information, cannot guess and contact name accurately, and validated user is due to client described in Long-Time Service, therefore can under the prompting of described authorization prompt message based on the associated person information recognized, input validation information thus complete the checking of identity accurately.
Such as, be still " you have individual friend to be five SanGui " for described authorization prompt information, because syllabogram an is replaced with ao, and ui is still reasonable when being replaced by un or ua, therefore syllabogram an and ui is the syllabogram that can cause user's ambiguity, in order to farthest protect privacy of user, service end can by the pinyin character san in this authorization prompt information and the syllabogram ao in gui and ui partly shielding effect, authorization prompt message after shielding is " you have individual friend to be five Sa*Gu* ", thus disabled user is under the prompting of this authorization prompt information, cannot guess and real name of contact person, and validated user is due to client described in Long-Time Service, therefore can under the prompting of described authorization prompt message based on the associated person information recognized, input validation information thus complete the checking of identity accurately.
In the present embodiment, because the associated person information associated with the login account of user has certain quantity usually, therefore wherein may comprise some users not know or strange contact person, service end is when generating authorization prompt information based on the associated person information associated with the login account of user got, if by chance have employed user do not know or strange contact name time, now this user is under the prompting of described authorization prompt information, possibly cannot input correct authorization information, and cannot checking be completed.In order to address this is that, a refresh button can be exported in login interface, when user cannot input under the prompting of described authorization prompt information with encode in this authorization prompt information after contact name mate contact name time, can be changed the contact name after coding in authorization prompt information by this refresh button, until user can the contact name of Input matching under the prompting of this authorization prompt information.Certainly, except above scheme, in order to address this is that, service end, when generating described authorization prompt information, can pass through data analysis technique, the contact name that the login account relevance of prioritizing selection those and this user is stronger; Such as, suppose that described client is that client chatted by rice, service end, by after data analysis, when generating described authorization prompt information, prioritizing selection those and this user can contact user more frequently.
In the embodiment above, after carrying out primary identity in the log-on message based on user and being verified, user profile according to associating with described log-on message generates authorization prompt information, and described authorization prompt information is sent to the client of described user, by described client, described authorization prompt information is exported to described user in login interface; When receiving the authentication information with described authorization prompt information matches that described user inputs under the prompting of described authorization prompt information, authenticating user identification success, to the notice message that described client transmission certification is passed through, because the disclosure generates authorization prompt information based on the user profile associated with the log-on message of user, what the fact that user can be recognized based on self was spontaneous completes authentication process itself, and do not need to introduce third-party authentication means, thus can Consumer's Experience be improved and reduce the cost of serving of service end.
As shown in Figure 2, Fig. 2 is a kind of multiple-factor authentication method according to an exemplary embodiment, is applied in service end, comprises the following steps:
In step 201, the log-on message based on user carries out primary identity checking;
In step 202., after described primary identity is verified, obtain the associated person information associated with the login account of described user;
In step 203, according to pre-arranged code rule, the contact name in described associated person information is encoded;
In step 204, described authorization prompt information is generated based on the described contact name after coding and default prompting message;
In step 205, described authorization prompt information is sent to the client of described user, by described client, described authorization prompt information is exported to described user in login interface;
In step 206, when receiving the authentication information with described authorization prompt information matches that described user inputs under the prompting of described authorization prompt information, to the notice message that described client transmission certification is passed through.
In the present embodiment, described client can be mounted in the Internet service client provided by service provider on user terminal, and such as, described client can instant communication client, net purchase client or other Internet service client etc.Described user terminal can be smart mobile phone; Described service end can be that service provider's user oriented provides the server of service, server cluster or cloud platform.
Described log-on message can comprise login account and password, and user, can by inputting correct login account and password completes login in the process logging in described client in login interface.But due to the login account of user and password, the risk of leakage can be there is in actual use, user only adopts the authentication mode of checking login account and password to there is certain potential safety hazard in the process logging in described client, therefore in order to improve level of security, can log in the process of described client user and introduce multiple-factor certification, checking login account and password are verified as just primary identity, then on the basis of primary identity checking, introduce other authentication mode again, the identity of this user is further verified.
When realizing, after user have input correct login account and password in login interface, service end can be opened and be carried out further proof procedure to the identity of this user, and obtain and the user profile associated by login account of user, then carry out further certification according to what get with the identity of the user's information associated by the login account of user.
Wherein, the described user profile associated with the login account of user can be the associated person information associated with the login account of user; Such as, when described client is instant communication client, such as rice is chatted, and the described user profile associated with the login account of user can be the friend information chatting account relating with the rice of user; When described client is the Internet service client of other type, such as millet cloud server terminal, the described user profile associated with the login account of user can be then that user uses millet cloud account to upload to associated person information in the cell phone address book of service end.Certainly, when realizing, the described user profile associated with the login account of user also can be the user profile of the other types associated with the login account of user, such as, can be the obligate information that user pre-sets.
What deserves to be explained is, when the identity of the user's information of other types such as the obligate information adopting such as user to pre-set carries out further certification, the obligate information pre-set due to user is usually more fixing, and probably reveal together with password with the login account of user, easily understand by other people, and the associated person information associated with the login account of user has certain quantity usually, to be not easy understand by other people, fail safe when therefore adopting the associated person information that associates with the login account of user to carry out further certification to the identity of user will be higher.
Be described in detail to adopt the associated person information associated with the login account of user to carry out further certification to the identity of user below.
In the present embodiment, service end, after opening and carrying out the process of further certification to the identity of user, can obtain the associated person information associated with the login account of described user; Such as, described client is rice when chatting client, and service end can obtain the buddy list chatting account relating with the rice of user, then obtains the friend information in buddy list; When described client is millet cloud client, service end can obtain user and use millet cloud account to upload to local cell phone address book, then obtains the associated person information in this cell phone address book.
After service end successfully gets the associated person information associated with the login account of described user, authorization prompt information can be generated according to the associated person information got, and after generation authorization prompt information, the authorization prompt information of generation is sent to the client of described user.This authorization prompt information, after receiving this authorization prompt information, can export to user, input the identity of correct authorization information to user further verify to point out user by described client in login interface.
But, because the associated person information associated with the login account of user belongs to the private data of user, therefore service end is when generating authorization prompt information according to the associated person information got, according to the coding rule preset, the contact name in the associated person information got can be encoded, to mask the private data in associated person information, then generate described authorization prompt information based on the contact name after coding and default prompting message.Wherein, described default coding rule, can comprise the coding rule being converted to homophone, the coding rule being converted to pinyin character or the combination of the two.
Such as, suppose that described default prompting message is " you have individual friend to be xxx ", the associated person information associated with the login account of described user that service end gets comprises the contact name that is " Wu Sangui ", the coding rule that service end adopts is the mode that the coding rule being converted to homophone combines with the coding rule being converted to pinyin character, so service end is when generating authorization prompt information, one or more word user homophone in this contact name " Wu Sangui " can be replaced, then remaining word pinyin character is replaced, such as, this contact name " Wu Sangui " can be encoded to " five SanGui " by service end, then the contact name after coding and described default prompting message are carried out the authorization prompt information of simple combination producing one " you have individual friend to be five SanGui ", then this authorization prompt information is sent to described client, by described client, this authorization prompt information is exported to user in login interface.
When user successfully inputs correct authorization information under the prompting of this authorization prompt information, such as, user is under the prompting of authorization prompt information " you have individual friend to be five SanGui ", when have input " Wu Sangui ", now certification is passed through, and service end can send a notice message for being passed through by client certificate to client.On the contrary, if user's input error, and the number of times of mistake input reaches the number of times of setting, now in order to security consideration, can forbid within a certain period of time verifying this user.
In the present embodiment; after service end adopts the coding rule preset to encode to the contact name in the associated person information got; although farthest protect the private data of user; but when service end have employed the coding rule being converted to pinyin character; or after the title of coding rule to the associated person information got that have employed the coding rule that is converted to homophone and be converted to pinyin character is encoded, the risk that the associated person information that still can there is user is revealed.
Such as, be still " you have individual friend to be five SanGui " for described authorization prompt information, if the login account of active user and password are revealed, after disabled user uses the client of this login account and password login user, viewed described authorization prompt information in login interface after, although contact name " Wu Sangui " has been become " five SanGui " by code conversion, but disabled user still may guess the real name of this contact person by transliteration, thus the associated person information of user is caused to reveal.
Therefore, when realizing, service end can some can cause the syllabogram of user's ambiguity to mask by the authorization prompt information of generation, even if thus the login account of user and password are revealed, because disabled user does not understand the associated person information associated with this login account, therefore disabled user is under the prompting of described authorization prompt information, cannot guess and contact name accurately, and validated user is due to client described in Long-Time Service, therefore can under the prompting of described authorization prompt message based on the associated person information recognized, input validation information thus complete the checking of identity accurately.
Such as, be still " you have individual friend to be five SanGui " for described authorization prompt information, because syllabogram an is replaced with ao, and ui is still reasonable when being replaced by un or ua, therefore syllabogram an and ui is the syllabogram that can cause user's ambiguity, in order to farthest protect privacy of user, service end can by the pinyin character san in this authorization prompt information and the syllabogram ao in gui and ui partly shielding effect, authorization prompt message after shielding is " you have individual friend to be five Sa*Gu* ", thus disabled user is under the prompting of this authorization prompt information, cannot guess and real name of contact person, and validated user is due to client described in Long-Time Service, therefore can under the prompting of described authorization prompt message based on the associated person information recognized, input validation information thus complete the checking of identity accurately.
In the present embodiment, because the associated person information associated with the login account of user has certain quantity usually, therefore wherein may comprise some users not know or strange contact person, service end is when generating authorization prompt information based on the associated person information associated with the login account of user got, if by chance have employed user do not know or strange contact name time, now this user is under the prompting of described authorization prompt information, possibly cannot input correct authorization information, and cannot checking be completed.In order to address this is that, a refresh button can be exported in login interface, when user cannot input under the prompting of described authorization prompt information with encode in this authorization prompt information after contact name mate contact name time, can be changed the contact name after coding in authorization prompt information by this refresh button, until user can the contact name of Input matching under the prompting of this authorization prompt information.Certainly, except above scheme, in order to address this is that, service end, when generating described authorization prompt information, can pass through data analysis technique, the contact name that the login account relevance of prioritizing selection those and this user is stronger; Such as, suppose that described client is that client chatted by rice, service end, by after data analysis, when generating described authorization prompt information, prioritizing selection those and this user can contact user more frequently.
In the embodiment above, after carrying out primary identity in the log-on message based on user and being verified, user profile according to associating with described log-on message generates authorization prompt information, and described authorization prompt information is sent to the client of described user, by described client, described authorization prompt information is exported to described user in login interface; When receiving the authentication information with described authorization prompt information matches that described user inputs under the prompting of described authorization prompt information, authenticating user identification success, to the notice message that described client transmission certification is passed through, because the disclosure generates authorization prompt information based on the user profile associated with the log-on message of user, what the fact that user can be recognized based on self was spontaneous completes authentication process itself, and do not need to introduce third-party authentication means, thus can Consumer's Experience be improved and reduce the cost of serving of service end.
Corresponding with aforementioned multiple-factor authentication method embodiment, the disclosure additionally provides a kind of embodiment of device.
Fig. 3 is the schematic block diagram of a kind of multiple-factor authenticate device according to an exemplary embodiment.
As shown in Figure 3, a kind of multiple-factor authenticate device 300 according to an exemplary embodiment, comprising: authentication module 301, generation module 302, first sending module 303 and the second sending module 303; Wherein:
Described authentication module 301 is configured to, and the log-on message based on user carries out primary identity checking;
Described generation module 302 is configured to, and after described primary identity is verified, the user profile according to associating with described log-on message generates authorization prompt information;
Described first sending module 303 is configured to, and described authorization prompt information is sent to the client of described user, described authorization prompt information is exported to described user in login interface by described client;
Described second sending module 304 is configured to, when receiving the authentication information with described authorization prompt information matches that described user inputs under the prompting of described authorization prompt information, to the notice message that described client transmission certification is passed through.
In the embodiment above, after carrying out primary identity in the log-on message based on user and being verified, user profile according to associating with described log-on message generates authorization prompt information, and described authorization prompt information is sent to the client of described user, by described client, described authorization prompt information is exported to described user in login interface; When receiving the authentication information with described authorization prompt information matches that described user inputs under the prompting of described authorization prompt information, authenticating user identification success, to the notice message that described client transmission certification is passed through, because the disclosure generates authorization prompt information based on the user profile associated with the log-on message of user, what the fact that user can be recognized based on self was spontaneous completes authentication process itself, and do not need to introduce third-party authentication means, thus can Consumer's Experience be improved and reduce the cost of serving of service end.
Refer to Fig. 4, Fig. 4 is the block diagram of the another kind of device of the disclosure according to an exemplary embodiment, and this embodiment is on aforementioned basis embodiment illustrated in fig. 3, and the log-on message of described user comprises the login account of described user; The user profile that described and described log-on message associates comprises the associated person information associated with the login account of described user; Described generation module 302 can comprise acquisition submodule 302A, encoding submodule 302B and generate submodule 302C; Wherein:
Described acquisition submodule 302A is configured to, and after described primary identity is verified, obtains the associated person information associated with the login account of described user;
Described encoding submodule 302B is configured to, and encodes to the contact name in described associated person information according to pre-arranged code rule;
Described generation submodule 302C is configured to, and generates described authorization prompt information based on the described contact name after coding and default prompting message.
Refer to Fig. 5, Fig. 5 is the block diagram of the another kind of device of the disclosure according to an exemplary embodiment, this embodiment is on aforementioned basis embodiment illustrated in fig. 4, and described encoding submodule 302B can comprise the first coded sub-units 302B1, the second coded sub-units 302B2 or the 3rd coded sub-units 302B3; Wherein:
Described first coded sub-units 302B1 is configured to, and encodes to the contact name in described associated person information according to the coding rule being converted to homophone;
Described second coded sub-units 302B2 is configured to, and encodes to the contact name in described associated person information according to the coding rule being converted to pinyin character;
Described 3rd coded sub-units 302B3 is configured to, and the mode combined according to the coding rule being converted to homophone and the coding rule that is converted to pinyin character is encoded to described contact name.
It should be noted that, the structure of the first coded sub-units 302B1 shown in device embodiment shown in above-mentioned Fig. 5 or the second coded sub-units 302B2 or the 3rd coded sub-units 302B3 also can be included in the device embodiment of earlier figures 3, does not limit this disclosure.
Refer to Fig. 6, Fig. 6 is the block diagram of the another kind of device of the disclosure according to an exemplary embodiment, and this embodiment is on aforementioned basis embodiment illustrated in fig. 5, and described encoding submodule 302B can also comprise shielding subelement 302B4; Wherein:
Described shielding subelement 302B4 is configured to, according to the coding rule being converted to pinyin character, or the mode combined according to the coding rule being converted to homophone and the coding rule that is converted to pinyin character is encoded to described contact name, the appointment syllabogram in the pinyin character generated after shielding coding.
It should be noted that, the structure of the shielding subelement 302B4 shown in device embodiment shown in above-mentioned Fig. 6 also can be included in the device embodiment of earlier figures 3-4, does not limit this disclosure.
In said apparatus, the implementation procedure of the function and efficacy of modules or unit specifically refers to the implementation procedure of corresponding step in said method, does not repeat them here.
For device embodiment, because it corresponds essentially to embodiment of the method, so relevant part illustrates see the part of embodiment of the method.Device embodiment described above is only schematic, the wherein said module that illustrates as separating component or unit or can may not be and physically separate, parts as module or unit display can be or may not be physical module or unit, namely can be positioned at a place, or also can be distributed on multiple mixed-media network modules mixed-media or unit.Some or all of module wherein or unit can be selected according to the actual needs to realize the object of disclosure scheme.Those of ordinary skill in the art, when not paying creative work, are namely appreciated that and implement.
Accordingly, the disclosure also provides a kind of multiple-factor authenticate device, and described device comprises:
Processor;
For the memory of storage of processor executable instruction;
Wherein, described processor is configured to:
Log-on message based on user carries out primary identity checking;
After described primary identity is verified, the user profile according to associating with described log-on message generates authorization prompt information;
Described authorization prompt information is sent to the client of described user, by described client, described authorization prompt information is exported to described user in login interface;
When receiving the authorization information with described authorization prompt information matches that described user inputs under the prompting of described authorization prompt information, to the notice message that described client transmission certification is passed through.
Accordingly, the disclosure also provides a kind of server, described terminal includes memory, and one or more than one program, one of them or more than one program are stored in memory, and are configured to perform described more than one or one program package containing the instruction for carrying out following operation by more than one or one processor:
Log-on message based on user carries out primary identity checking;
After described primary identity is verified, the user profile according to associating with described log-on message generates authorization prompt information;
Described authorization prompt information is sent to the client of described user, by described client, described authorization prompt information is exported to described user in login interface;
When receiving the authorization information with described authorization prompt information matches that described user inputs under the prompting of described authorization prompt information, to the notice message that described client transmission certification is passed through.
Accordingly, the disclosure also provides a kind of multiple-factor authenticate device, and described device comprises:
Processor;
For the memory of storage of processor executable instruction;
Wherein, described processor is configured to:
Log-on message based on user carries out primary identity checking;
After described primary identity is verified, the user profile according to associating with described log-on message generates authorization prompt information;
Described authorization prompt information is sent to the client of described user, by described client, described authorization prompt information is exported to described user in login interface;
When receiving the authorization information with described authorization prompt information matches that described user inputs under the prompting of described authorization prompt information, to the notice message that described client transmission certification is passed through.
Fig. 7 is a kind of block diagram for multiple-factor authenticate device 700 according to an exemplary embodiment.Such as, device 700 may be provided in a server.With reference to Fig. 7, device 700 comprises processing components 722, and it comprises one or more processor further, and the memory resource representated by memory 732, can such as, by the instruction of the execution of processing unit 722, application program for storing.The application program stored in memory 732 can comprise each module corresponding to one group of instruction one or more.In addition, processing components 722 is configured to perform instruction, to perform the said equipment binding method.
Device 700 can also comprise the power management that a power supply module 726 is configured to final controlling element 700, and a wired or wireless network interface 750 is configured to device 700 to be connected to network, and input and output (I/O) interface 758.Device 700 can operate the operating system based on being stored in memory 732, such as Win ° of ws ServerTM, Mac OS XTM, UnixTM, LinuxTM, FreeBSDTM or similar.
Those skilled in the art, at consideration specification and after putting into practice invention disclosed herein, will easily expect other embodiment of the present disclosure.The application is intended to contain any modification of the present disclosure, purposes or adaptations, and these modification, purposes or adaptations are followed general principle of the present disclosure and comprised the undocumented common practise in the art of the disclosure or conventional techniques means.Specification and embodiment are only regarded as exemplary, and true scope of the present disclosure and spirit are pointed out by claim below.
Should be understood that, the disclosure is not limited to precision architecture described above and illustrated in the accompanying drawings, and can carry out various amendment and change not departing from its scope.The scope of the present disclosure is only limited by appended claim.
Claims (11)
1. a multiple-factor authentication method, is characterized in that, described method comprises:
Log-on message based on user carries out primary identity checking;
After described primary identity is verified, the user profile according to associating with described log-on message generates authorization prompt information;
Described authorization prompt information is sent to the client of described user, by described client, described authorization prompt information is exported to described user in login interface;
When receiving the authentication information with described authorization prompt information matches that described user inputs under the prompting of described authorization prompt information, to the notice message that described client transmission certification is passed through.
2. the method for claim 1, is characterized in that, the log-on message of described user comprises the login account of described user; The user profile that described and described log-on message associates comprises the associated person information associated with the login account of described user.
3. method as claimed in claim 2, is characterized in that, described after described primary identity is verified, and generates authorization prompt information comprise according to the user profile associated with described log-on message:
After described primary identity is verified, obtain the associated person information associated with the login account of described user;
According to pre-arranged code rule, the contact name in described associated person information is encoded;
Described authorization prompt information is generated based on the described contact name after coding and default prompting message.
4. method as claimed in claim 3, is characterized in that, describedly carries out coding according to pre-arranged code rule to the contact name in described associated person information and comprises:
According to the coding rule being converted to homophone, the contact name in described associated person information is encoded; Or
According to the coding rule being converted to pinyin character, the contact name in described associated person information is encoded; Or
The mode combined according to the coding rule being converted to homophone and the coding rule that is converted to pinyin character is encoded to described contact name.
5. method as claimed in claim 4, it is characterized in that, described method also comprises:
If according to the coding rule being converted to pinyin character, or the mode combined according to the coding rule being converted to homophone and the coding rule that is converted to pinyin character is encoded to described contact name, the appointment syllabogram in the pinyin character generated after shielding coding.
6. a multiple-factor authenticate device, is characterized in that, described device comprises:
Authentication module, carries out primary identity checking for the log-on message based on user;
Generation module, after described primary identity is verified, the user profile according to associating with described log-on message generates authorization prompt information;
First sending module, for described authorization prompt information being sent to the client of described user, is exported described authorization prompt information to described user by described client in login interface;
Second sending module, for when receiving the authentication information with described authorization prompt information matches that described user inputs under the prompting of described authorization prompt information, to the notice message that described client transmission certification is passed through.
7. device as claimed in claim 6, it is characterized in that, the log-on message of described user comprises the login account of described user; The user profile that described and described log-on message associates comprises the associated person information associated with the login account of described user.
8. device as claimed in claim 7, it is characterized in that, described generation module comprises:
Obtain submodule, for after described primary identity is verified, obtain the associated person information associated with the login account of described user;
Encoding submodule, for encoding to the contact name in described associated person information according to pre-arranged code rule;
Generate submodule, for generating described authorization prompt information based on the described contact name after coding and default prompting message.
9. device as claimed in claim 8, it is characterized in that, described encoding submodule comprises:
First coded sub-units, for encoding to the contact name in described associated person information according to the coding rule being converted to homophone; Or
Second coded sub-units, for encoding to the contact name in described associated person information according to the coding rule being converted to pinyin character; Or
3rd coded sub-units, encodes to described contact name for the mode combined according to the coding rule being converted to homophone and the coding rule that is converted to pinyin character.
10. device as claimed in claim 9, it is characterized in that, described encoding submodule also comprises:
Shielding subelement, for according to the coding rule being converted to pinyin character, or the mode combined according to the coding rule being converted to homophone and the coding rule that is converted to pinyin character is encoded to described contact name, the appointment syllabogram in the pinyin character generated after shielding coding.
11. 1 kinds of multiple-factor authenticate devices, is characterized in that, comprising:
Processor;
For the memory of storage of processor executable instruction;
Wherein, described processor is configured to:
Log-on message based on user carries out primary identity checking;
After described primary identity is verified, the user profile according to associating with described log-on message generates authorization prompt information;
Described authorization prompt information is sent to the client of described user, by described client, described authorization prompt information is exported to described user in login interface;
When receiving the authorization information with described authorization prompt information matches that described user inputs under the prompting of described authorization prompt information, to the notice message that described client transmission certification is passed through.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510112582.7A CN104883351B (en) | 2015-03-13 | 2015-03-13 | Multiple-factor authentication method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510112582.7A CN104883351B (en) | 2015-03-13 | 2015-03-13 | Multiple-factor authentication method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104883351A true CN104883351A (en) | 2015-09-02 |
| CN104883351B CN104883351B (en) | 2019-02-12 |
Family
ID=53950685
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510112582.7A Active CN104883351B (en) | 2015-03-13 | 2015-03-13 | Multiple-factor authentication method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104883351B (en) |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106790129A (en) * | 2016-12-27 | 2017-05-31 | 中国银联股份有限公司 | A kind of identity authentication method and device |
| CN107347055A (en) * | 2016-05-06 | 2017-11-14 | 腾讯科技(深圳)有限公司 | A kind of processing method and processing device of user profile |
| CN108011863A (en) * | 2017-08-23 | 2018-05-08 | 北京车和家信息技术有限责任公司 | Identify the method and device of Brute Force |
| CN108537028A (en) * | 2018-04-17 | 2018-09-14 | 西安电子科技大学 | A kind of computer identity identifying system and method |
| CN108959905A (en) * | 2018-06-22 | 2018-12-07 | 维沃移动通信有限公司 | A kind of log-on message reminding method and terminal device |
| CN109241710A (en) * | 2018-08-14 | 2019-01-18 | 海南新软软件有限公司 | A kind of method, apparatus and system promoting assets security |
| CN109547412A (en) * | 2018-10-23 | 2019-03-29 | 平安科技(深圳)有限公司 | Two-factor authentication method, apparatus, system, electronic equipment and storage medium |
| CN110738503A (en) * | 2019-10-21 | 2020-01-31 | 支付宝(杭州)信息技术有限公司 | Identity verification method and device |
| US10719599B2 (en) | 2016-12-08 | 2020-07-21 | Alibaba Group Holding Limited | Verification code generation to improve recognition accuracy by a person and recognition difficulty by a computer program |
| CN111669369A (en) * | 2020-05-08 | 2020-09-15 | 武汉文华众创空间管理有限公司 | User identity authentication system and method for cloud storage data |
| CN113378135A (en) * | 2021-06-08 | 2021-09-10 | 华中科技大学 | Method for inquiring and verifying private data of computer |
| CN113709082A (en) * | 2020-05-20 | 2021-11-26 | 腾讯科技(深圳)有限公司 | Application login method and device and account login mode setting method |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101149826A (en) * | 2006-09-21 | 2008-03-26 | 邓斌涛 | Electronic payment signal transmission treatment method |
| US20110107396A1 (en) * | 2009-11-02 | 2011-05-05 | Canon Kabushiki Kaisha | Authentication method, information processing apparatus, and storage medium |
| CN103530541A (en) * | 2013-10-09 | 2014-01-22 | 绍兴数能网络技术开发有限公司 | Identifying code generating method and device |
| CN104079527A (en) * | 2013-03-26 | 2014-10-01 | 联想(北京)有限公司 | Information processing method and electronic equipment |
| CN104348822A (en) * | 2013-08-09 | 2015-02-11 | 深圳市腾讯计算机系统有限公司 | Method and device for authentication of Internet account number and server |
-
2015
- 2015-03-13 CN CN201510112582.7A patent/CN104883351B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101149826A (en) * | 2006-09-21 | 2008-03-26 | 邓斌涛 | Electronic payment signal transmission treatment method |
| US20110107396A1 (en) * | 2009-11-02 | 2011-05-05 | Canon Kabushiki Kaisha | Authentication method, information processing apparatus, and storage medium |
| CN104079527A (en) * | 2013-03-26 | 2014-10-01 | 联想(北京)有限公司 | Information processing method and electronic equipment |
| CN104348822A (en) * | 2013-08-09 | 2015-02-11 | 深圳市腾讯计算机系统有限公司 | Method and device for authentication of Internet account number and server |
| CN103530541A (en) * | 2013-10-09 | 2014-01-22 | 绍兴数能网络技术开发有限公司 | Identifying code generating method and device |
Cited By (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107347055A (en) * | 2016-05-06 | 2017-11-14 | 腾讯科技(深圳)有限公司 | A kind of processing method and processing device of user profile |
| US10719599B2 (en) | 2016-12-08 | 2020-07-21 | Alibaba Group Holding Limited | Verification code generation to improve recognition accuracy by a person and recognition difficulty by a computer program |
| CN106790129A (en) * | 2016-12-27 | 2017-05-31 | 中国银联股份有限公司 | A kind of identity authentication method and device |
| CN108011863A (en) * | 2017-08-23 | 2018-05-08 | 北京车和家信息技术有限责任公司 | Identify the method and device of Brute Force |
| CN108011863B (en) * | 2017-08-23 | 2020-12-15 | 北京车和家信息技术有限责任公司 | Method and device for identifying brute force cracking |
| CN108537028A (en) * | 2018-04-17 | 2018-09-14 | 西安电子科技大学 | A kind of computer identity identifying system and method |
| CN108959905A (en) * | 2018-06-22 | 2018-12-07 | 维沃移动通信有限公司 | A kind of log-on message reminding method and terminal device |
| CN109241710A (en) * | 2018-08-14 | 2019-01-18 | 海南新软软件有限公司 | A kind of method, apparatus and system promoting assets security |
| CN109547412A (en) * | 2018-10-23 | 2019-03-29 | 平安科技(深圳)有限公司 | Two-factor authentication method, apparatus, system, electronic equipment and storage medium |
| CN110738503A (en) * | 2019-10-21 | 2020-01-31 | 支付宝(杭州)信息技术有限公司 | Identity verification method and device |
| CN111669369A (en) * | 2020-05-08 | 2020-09-15 | 武汉文华众创空间管理有限公司 | User identity authentication system and method for cloud storage data |
| CN113709082A (en) * | 2020-05-20 | 2021-11-26 | 腾讯科技(深圳)有限公司 | Application login method and device and account login mode setting method |
| CN113378135A (en) * | 2021-06-08 | 2021-09-10 | 华中科技大学 | Method for inquiring and verifying private data of computer |
| CN113378135B (en) * | 2021-06-08 | 2023-08-25 | 华中科技大学 | Method for inquiring and verifying privacy data of computer |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104883351B (en) | 2019-02-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104883351A (en) | Multiple-factor authentication method and device | |
| US10223520B2 (en) | System and method for integrating two-factor authentication in a device | |
| US10313881B2 (en) | System and method of authentication by leveraging mobile devices for expediting user login and registration processes online | |
| CN105024819B (en) | A kind of multiple-factor authentication method and system based on mobile terminal | |
| US10367797B2 (en) | Methods, systems, and media for authenticating users using multiple services | |
| US9246897B2 (en) | Method and system of login authentication | |
| EP3499795A1 (en) | Authentication system and method, and user equipment, authentication server, and service server for performing same method | |
| KR20200005551A (en) | Techniques for securely authenticating bot users | |
| CN106453205B (en) | identity verification method and device | |
| US20200196143A1 (en) | Public key-based service authentication method and system | |
| KR102137122B1 (en) | Security check method, device, terminal and server | |
| CN104967597A (en) | Third-party application message authentication method and system based on secure channel | |
| CN106612265A (en) | Instant messaging method and server | |
| CN106533677B (en) | A kind of user login method, user terminal and server | |
| JP2022530136A (en) | Hardware authentication token by remote collation | |
| CN103368831B (en) | A kind of anonymous instant communicating system identified based on frequent visitor | |
| CN105095729B (en) | A kind of Quick Response Code login method, server and system | |
| CN102904893A (en) | Verifying device and verifying method | |
| Jarecki et al. | Two-factor password-authenticated key exchange with end-to-end security | |
| CN104601532A (en) | Method and device for logging in account | |
| CN104702650A (en) | Method and device for acquiring application pages | |
| CN104301285B (en) | Login method for web system | |
| CN103825911B (en) | A kind of safety and the client-side program identity method to set up conveniently taken into account | |
| KR101480892B1 (en) | Method for Determining Certifying Pattern and Method Using the Same | |
| Boopathy et al. | Framework model and algorithm of request based one time passkey (ROTP) mechanism to authenticate cloud users in secured way |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| EXSB | Decision made by sipo to initiate substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |