CN105007267A - Privacy protection method and device - Google Patents
Privacy protection method and device Download PDFInfo
- Publication number
- CN105007267A CN105007267A CN201510369194.7A CN201510369194A CN105007267A CN 105007267 A CN105007267 A CN 105007267A CN 201510369194 A CN201510369194 A CN 201510369194A CN 105007267 A CN105007267 A CN 105007267A
- Authority
- CN
- China
- Prior art keywords
- user interface
- authorization information
- user
- password
- pseudo
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
Abstract
The invention relates to the field of computers and specifically to a privacy protection method. The method comprises the steps as follows: receiving verification information which is input by a user and used for accessing a user interface; comparing the verification information with a verification secret key which is stored in a device in advance, and comparing the comparison result with a preset verification condition; allowing access to the user interface if the verification of the verification information is passed because the comparison result meets the preset verification condition; and executing a protecting operation to the user interface if the verification of the verification information is not passed because the comparison result does not meet the preset verification condition. Correspondingly, the invention further provides a privacy protection device. The method and the device of the invention improve the safety of privacy information by setting the verification condition while verifying the verification information input by the user, and introduce the user to a false user interface after the verification information is wrong for many times to avoid the privacy content to be maliciously accessed.
Description
Technical field
The present invention relates to computer realm, be specifically related to a kind of method for secret protection and device.
Background technology
Privacy is a kind of and public interest, group interest have nothing to do, party is reluctant the personal information that other people know or other people inconvenience is known, party be reluctant other people interfere or other people inconvenience interfere individual private business, and party be reluctant other people invade or other people inconvenience invade individual field.
At prevailing present of network, in the personal space that people often get used to individual privacy being retained in network or network storage medium.Such as, diary, photo, private life, personal habits, the privacy of correspondence are recorded in the cyberspace of blog one class by a lot of people, or some important property datas, account number cipher, income expenditure record are stored in the network storage media such as net dish.
Steal now other people privacy, the network behavior of data occurs often, at the network login interface of private space, the information that the person of stealing secret information attempts to be grasped by some guesses the password of user, user name also repeatedly inputs trial and cracks, Brute Force in hacking technique, namely the similar this method of exhaustion cracks.
And existing cyberspace normally points out input error for the input of mistake, and ensure safety by the restriction arranging mistake input number of times.But the inreal safety of this way, because the restriction of mistake input number of times can only come into force within a period of time, if the term of validity one mistake of restriction, still can continue to attempt, and this means of prompting input error are also exactly at the correctness that the prompting person of stealing secret information attempts, and are unfavorable for personal secrets.
Generally speaking, in prior art, also there is no a kind of user privacy information that can effectively prevent by the method maliciously stolen.
Summary of the invention
For overcoming the deficiencies in the prior art; the invention provides a kind of method for secret protection and device; when testing the authorization information of user's input, by arranging verification condition, improve the fail safe of privacy information; and after authorization information repeatedly mistake; user is introduced pseudo-user interface, and pseudo-user interface is similar to user interface, but does not comprise privacy content; and the entrance entering user interface is not provided, thus avoids privacy content and maliciously accessed.
A kind of method for secret protection provided by the invention, described method comprises:
Receive the authorization information entering user interface of user's input, described authorization information and the authentication secret prestored in a device are compared, and comparison result and the verification condition preset are compared;
If comparison result meets default verification condition, then described authorization information is verified, and allows to enter user interface;
If comparison result does not meet the verification condition preset, then described authorization information checking is not passed through, and performs and operates the protection of described user interface.
Further, described authorization information checking is not passed through, and performs and operates the protection of described user interface, comprising:
Return authorization information inputting interface, prompting user re-enters authorization information, and returns the verification operation performed described authorization information.
Further, if the authorization information that user's input validation does not pass through reaches pre-determined number, then enter the pseudo-user interface different from user interface, the layout of described pseudo-user interface and described user interface, content, pattern and color all similar or relevant, described pseudo-user interface does not comprise the privacy content in described user interface; Described pseudo-user interface does not provide the entrance of user interface.
Particularly, described authorization information comprises: password, user name and/or identifying code; Described authentication secret comprises the password that prestores, prestored user name and/or the identifying code that prestores; Described verification condition is that described user name and/or identifying code and described prestored user name and/or the identifying code that prestores are completely the same, and described password and the described password that prestores exist the numerical value difference of fixing in fixing password figure place.
Particularly, described pseudo-user interface is built by User Defined, specifies existing link or system automatically to build.
Correspondingly, present invention also offers a kind of privacy protection device, described device comprises:
Receiver module, for the authorization information entering user interface in reception user input,
Authentication module, for described authorization information and the authentication secret prestored in a device being compared, and compares comparison result and the verification condition preset;
First Executive Module, for meeting default verification condition at comparison result, then described authorization information is verified, and allows to enter user interface;
Second Executive Module, for not meeting the verification condition preset at comparison result, then described authorization information checking is not passed through, and performs and operates the protection of described user interface.
Further, described second Executive Module also comprises Tip element, and described Tip element is used for, when described authorization information checking is not passed through, returning authorization information inputting interface, prompting user re-enters authorization information, and returns the verification operation performed described authorization information.
Particularly, described second Executive Module also comprises performance element, the authorization information that described performance element is used for not passing through at user's input validation reaches pre-determined number, then enter the pseudo-user interface different from user interface, the layout of described pseudo-user interface and described user interface, content, pattern and color all similar or relevant, described pseudo-user interface does not comprise the privacy content in described user interface; Described pseudo-user interface does not provide the entrance of user interface.
Particularly, described receiver module is also for exporting the prompting of filling in authorization information to user by predetermined manner, described authorization information comprises: password, user name and/or identifying code;
Described device also comprises memory module, described memory module is for storing authentication secret and verification condition, described authentication secret comprises the password that prestores, prestored user name and/or the identifying code that prestores, described verification condition is that described user name and/or identifying code and described prestored user name and/or the identifying code that prestores are completely the same, and described password and the described password that prestores exist the numerical value difference of fixing in fixing password figure place.
Particularly, described pseudo-user interface is built by User Defined, specifies existing link or system automatically to build
Due to technique scheme, the present invention has following beneficial effect:
1. when the authorization information of authentication of users input, first authorization information and authentication secret are compared, again comparison result and the verification condition preset are compared, it is completely the same that verification condition is set to user name and/or identifying code and prestored user name and/or the identifying code that prestores, fixing numerical value difference is there is in password and the described password that prestores in fixing password figure place, thus improve the difficulty be verified, steal some general information that secret person can not easily pass through user to crack, improve the fail safe of privacy information.
2. repeatedly input validation information is obstructed out-of-date, then enter the pseudo-user interface different from user interface, pseudo-user interface does not comprise the privacy content in user interface, and does not provide the entrance entering user interface, thus the fascination person of stealing secret information, ensure the safety of privacy of user.
Accompanying drawing explanation
In order to be illustrated more clearly in technical scheme of the present invention, be briefly described to the accompanying drawing used required in embodiment or description of the prior art below, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to these accompanying drawings.
Fig. 1 is the schematic flow sheet of a kind of method for secret protection of the present invention.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, be clearly and completely described the technical scheme in the embodiment of the present invention, obviously, described embodiment is only the present invention's part embodiment, instead of whole embodiments.Based on the embodiment in the present invention, the every other embodiment that those of ordinary skill in the art obtain under the prerequisite of not making creative work, all belongs to the scope of protection of the invention.
See Fig. 1, a kind of method for secret protection provided by the invention, described method comprises:
S1. receive the authorization information entering user interface of user's input, described authorization information and the authentication secret prestored in a device are compared, and comparison result and the verification condition preset are compared;
If S2. comparison result meets default verification condition, then described authorization information is verified, and allows to enter user interface;
If S3. comparison result does not meet the verification condition preset, then described authorization information checking is not passed through, and performs and operates the protection of described user interface.
Further, described authorization information checking is not passed through, and performs and operates the protection of described user interface, comprising:
Return authorization information inputting interface, prompting user re-enters authorization information, and returns the verification operation performed described authorization information.
Further, if the authorization information that user's input validation does not pass through reaches pre-determined number, then enter the pseudo-user interface different from user interface, the layout of described pseudo-user interface and described user interface, content, pattern and color all similar or relevant, described pseudo-user interface does not comprise the privacy content in described user interface; Described pseudo-user interface does not provide the entrance of user interface.
Particularly, described authorization information comprises: password, user name and/or identifying code; Described authentication secret comprises the password that prestores, prestored user name and/or the identifying code that prestores; Described verification condition is that described user name and/or identifying code and described prestored user name and/or the identifying code that prestores are completely the same, and described password and the described password that prestores exist the numerical value difference of fixing in fixing password figure place.
Particularly, described pseudo-user interface is built by User Defined, specifies existing link or system automatically to build.
Correspondingly, present invention also offers a kind of privacy protection device, described device comprises:
Receiver module, for the authorization information entering user interface in reception user input,
Authentication module, for described authorization information and the authentication secret prestored in a device being compared, and compares comparison result and the verification condition preset;
First Executive Module, for meeting default verification condition at comparison result, then described authorization information is verified, and allows to enter user interface;
Second Executive Module, for not meeting the verification condition preset at comparison result, then described authorization information checking is not passed through, and performs and operates the protection of described user interface.
Further, described second Executive Module also comprises Tip element, and described Tip element is used for, when described authorization information checking is not passed through, returning authorization information inputting interface, prompting user re-enters authorization information, and returns the verification operation performed described authorization information.
Particularly, described second Executive Module also comprises performance element, the authorization information that described performance element is used for not passing through at user's input validation reaches pre-determined number, then enter the pseudo-user interface different from user interface, the layout of described pseudo-user interface and described user interface, content, pattern and color all similar or relevant, described pseudo-user interface does not comprise the privacy content in described user interface; Described pseudo-user interface does not provide the entrance of user interface.
Particularly, described receiver module is also for exporting the prompting of filling in authorization information to user by predetermined manner, described authorization information comprises: password, user name and/or identifying code;
Described device also comprises memory module, described memory module is for storing authentication secret and verification condition, described authentication secret comprises the password that prestores, prestored user name and/or the identifying code that prestores, described verification condition is that described user name and/or identifying code and described prestored user name and/or the identifying code that prestores are completely the same, and described password and the described password that prestores exist the numerical value difference of fixing in fixing password figure place.
Particularly, described pseudo-user interface is built by User Defined, specifies existing link or system automatically to build
Due to technique scheme, the present invention has following beneficial effect:
1. when the authorization information of authentication of users input, first authorization information and authentication secret are compared, again comparison result and the verification condition preset are compared, it is completely the same that verification condition is set to user name and/or identifying code and prestored user name and/or the identifying code that prestores, fixing numerical value difference is there is in password and the described password that prestores in fixing password figure place, thus improve the difficulty be verified, steal some general information that secret person can not easily pass through user to crack, improve the fail safe of privacy information.
2. repeatedly input validation information is obstructed out-of-date, then enter the pseudo-user interface different from user interface, pseudo-user interface does not comprise the privacy content in user interface, and does not provide the entrance entering user interface, thus the fascination person of stealing secret information, ensure the safety of privacy of user.
Above disclosedly be only several preferred embodiment of the present invention, certainly can not limit the interest field of the present invention with this, therefore according to the equivalent variations that the claims in the present invention are done, still belong to the scope that the present invention is contained.
Claims (10)
1. a method for secret protection, is characterized in that, described method comprises:
Receive the authorization information entering user interface of user's input, described authorization information and the authentication secret prestored in a device are compared, and comparison result and the verification condition preset are compared;
If comparison result meets default verification condition, then described authorization information is verified, and allows to enter user interface;
If comparison result does not meet the verification condition preset, then described authorization information checking is not passed through, and performs and operates the protection of described user interface.
2. a kind of method for secret protection according to claim 1, is characterized in that, described authorization information checking is not passed through, and performs and operates the protection of described user interface, comprising:
Return authorization information inputting interface, prompting user re-enters authorization information, and returns the verification operation performed described authorization information.
3. a kind of method for secret protection according to claim 2, it is characterized in that, if the authorization information that user's input validation does not pass through reaches pre-determined number, then enter the pseudo-user interface different from user interface, the layout of described pseudo-user interface and described user interface, content, pattern and color all similar or relevant, described pseudo-user interface does not comprise the privacy content in described user interface; Described pseudo-user interface does not provide the entrance of user interface.
4. according to a kind of method for secret protection in claim 1-3 described in any one, it is characterized in that, described authorization information comprises: password, user name and/or identifying code; Described authentication secret comprises the password that prestores, prestored user name and/or the identifying code that prestores; Described verification condition is that described user name and/or identifying code and described prestored user name and/or the identifying code that prestores are completely the same, and described password and the described password that prestores exist the numerical value difference of fixing in fixing password figure place.
5. a kind of method for secret protection according to Claims 2 or 3, is characterized in that, described pseudo-user interface is built by User Defined, specify existing link or system automatically to build.
6. a privacy protection device, is characterized in that, described device comprises:
Receiver module, for the authorization information entering user interface in reception user input,
Authentication module, for described authorization information and the authentication secret prestored in a device being compared, and compares comparison result and the verification condition preset;
First Executive Module, for meeting default verification condition at comparison result, then described authorization information is verified, and allows to enter user interface;
Second Executive Module, for not meeting the verification condition preset at comparison result, then described authorization information checking is not passed through, and performs and operates the protection of described user interface.
7. a kind of privacy protection device according to claim 6; it is characterized in that; described second Executive Module also comprises Tip element; described Tip element is used for when described authorization information checking is not passed through; return authorization information inputting interface; prompting user re-enters authorization information, and returns the verification operation performed described authorization information.
8. a kind of privacy protection device according to claim 7, it is characterized in that, described second Executive Module also comprises performance element, the authorization information that described performance element is used for not passing through at user's input validation reaches pre-determined number, then enter the pseudo-user interface different from user interface, the layout of described pseudo-user interface and described user interface, content, pattern and color all similar or relevant, described pseudo-user interface does not comprise the privacy content in described user interface; Described pseudo-user interface does not provide the entrance of user interface.
9. according to a kind of privacy protection device in claim 6-8 described in any one, it is characterized in that, described receiver module is also for exporting the prompting of filling in authorization information to user by predetermined manner, described authorization information comprises: password, user name and/or identifying code;
Described device also comprises memory module, described memory module is for storing authentication secret and verification condition, described authentication secret comprises the password that prestores, prestored user name and/or the identifying code that prestores, described verification condition is that described user name and/or identifying code and described prestored user name and/or the identifying code that prestores are completely the same, and described password and the described password that prestores exist the numerical value difference of fixing in fixing password figure place.
10. a kind of privacy protection device according to claim 7 or 8, is characterized in that, described pseudo-user interface is built by User Defined, specify existing link or system automatically to build.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510369194.7A CN105007267A (en) | 2015-06-29 | 2015-06-29 | Privacy protection method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510369194.7A CN105007267A (en) | 2015-06-29 | 2015-06-29 | Privacy protection method and device |
Publications (1)
Publication Number | Publication Date |
---|---|
CN105007267A true CN105007267A (en) | 2015-10-28 |
Family
ID=54379790
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510369194.7A Pending CN105007267A (en) | 2015-06-29 | 2015-06-29 | Privacy protection method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105007267A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105450421A (en) * | 2015-12-04 | 2016-03-30 | 魅族科技(中国)有限公司 | Input information verification method and input information verification device |
CN105450665A (en) * | 2015-12-30 | 2016-03-30 | 宇龙计算机通信科技(深圳)有限公司 | Secure login method, secure login device and terminal |
CN108260084A (en) * | 2017-12-18 | 2018-07-06 | 西安电子科技大学 | Based on the method for secret protection for returning to verification |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030023559A1 (en) * | 2001-07-30 | 2003-01-30 | Jong-Uk Choi | Method for securing digital information and system therefor |
CN101252439A (en) * | 2008-04-10 | 2008-08-27 | 北京飞天诚信科技有限公司 | System and method for increasing information safety equipment security |
CN101308593A (en) * | 2008-06-23 | 2008-11-19 | 中国工商银行股份有限公司 | Multi-cipher system and method for bank account |
CN102279915A (en) * | 2011-09-07 | 2011-12-14 | 奇智软件(北京)有限公司 | Privacy protection method and device |
-
2015
- 2015-06-29 CN CN201510369194.7A patent/CN105007267A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030023559A1 (en) * | 2001-07-30 | 2003-01-30 | Jong-Uk Choi | Method for securing digital information and system therefor |
CN101252439A (en) * | 2008-04-10 | 2008-08-27 | 北京飞天诚信科技有限公司 | System and method for increasing information safety equipment security |
CN101308593A (en) * | 2008-06-23 | 2008-11-19 | 中国工商银行股份有限公司 | Multi-cipher system and method for bank account |
CN102279915A (en) * | 2011-09-07 | 2011-12-14 | 奇智软件(北京)有限公司 | Privacy protection method and device |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105450421A (en) * | 2015-12-04 | 2016-03-30 | 魅族科技(中国)有限公司 | Input information verification method and input information verification device |
CN105450665A (en) * | 2015-12-30 | 2016-03-30 | 宇龙计算机通信科技(深圳)有限公司 | Secure login method, secure login device and terminal |
CN105450665B (en) * | 2015-12-30 | 2018-11-06 | 宇龙计算机通信科技(深圳)有限公司 | Safe login method and device, terminal |
CN108260084A (en) * | 2017-12-18 | 2018-07-06 | 西安电子科技大学 | Based on the method for secret protection for returning to verification |
CN108260084B (en) * | 2017-12-18 | 2020-01-07 | 西安电子科技大学 | Privacy protection method based on return verification |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP1571525B1 (en) | A method, a hardware token, and a computer program for authentication | |
CN110149328B (en) | Interface authentication method, device, equipment and computer readable storage medium | |
US20060037073A1 (en) | PIN recovery in a smart card | |
US20040225899A1 (en) | Authentication system and method based upon random partial digitized path recognition | |
CN105243314B (en) | A kind of security system and its application method based on USB key | |
CN101616003B (en) | Password-protecting system and method | |
CN102930436A (en) | Mobile payment method and device | |
CN102346831A (en) | Handheld device privacy encryption protection method of Android operating system | |
CN102279915A (en) | Privacy protection method and device | |
CN104820805B (en) | A kind of method and device of subscriber identification card information theft-preventing | |
CN1523809A (en) | Password variable identification verification technique | |
US8327420B2 (en) | Authentication system and method | |
CN104834840B (en) | Cipher code protection method based on mapping drift technology | |
CN102025506A (en) | User authentication method and device | |
CN111131202A (en) | Identity authentication method and system based on multiple information authentication | |
TWI668586B (en) | Data communication method and system, client and server | |
WO2014180345A1 (en) | User identity verification and authorization system | |
CN105069361A (en) | Safety access method and system for privacy space | |
CN106973043A (en) | A kind of password validation system and method for password authentication | |
CN102521169B (en) | Confidential USB (universal serial bus) memory disk with display screen and security control method of confidential USB memory disk | |
CN105007267A (en) | Privacy protection method and device | |
CN101304315B (en) | Method for improving identification authentication security based on password card | |
CN107392008A (en) | Cipher management method, Password Management equipment and computer-readable recording medium | |
CN105516500A (en) | Method and system for selecting device mode | |
CN105590044A (en) | Information authentication method and apparatus |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WD01 | Invention patent application deemed withdrawn after publication | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20151028 |