CN105335674B - Password burglary-preventing method and device - Google Patents
Password burglary-preventing method and device Download PDFInfo
- Publication number
- CN105335674B CN105335674B CN201410386637.9A CN201410386637A CN105335674B CN 105335674 B CN105335674 B CN 105335674B CN 201410386637 A CN201410386637 A CN 201410386637A CN 105335674 B CN105335674 B CN 105335674B
- Authority
- CN
- China
- Prior art keywords
- password
- user
- input
- application
- control object
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Abstract
The invention discloses a kind of password burglary-preventing method and devices, application of the password burglary-preventing method therein suitable for the Intelligent mobile equipment for showing interface for password input to user in the process of running, the method comprising the steps of: in the case where showing interface for password input to user in application operational process, intercept the password of user's input, by the password storage being truncated in predetermined variable, and storage is different from the dummy letter of the password in the password control object of application creation;In the case where the application needs to carry out subsequent operation using the password that user inputs, the password is obtained from the predetermined variable, and it is supplied to application, make the application that the password that the password obtained from the predetermined variable is inputted as user is executed subsequent operation.
Description
Technical field
The present invention relates to information security technologies, fill more particularly to a kind of password burglary-preventing method and corresponding cipher anti theft
It sets.
Background technique
Some in Intelligent mobile equipment apply and log in or durings payment etc. executing, it will usually it is required that user is referring to
Password is inputted at fixed position or username and password is inputted at specified position.Operating system in Intelligent mobile equipment
There is provided corresponding safety measure often to guarantee that the password of user's input will not maliciously be stolen;One specific example, base
Almost all of application in the Intelligent mobile equipment of iOS is all based on the primary password control of iOS to obtain user password, and
Execute the operations such as subsequent login or payment;One specific implementation process of the example are as follows: user inputs password by soft keyboard,
The password is stored into password control, and does not show the password of user's input (as only shown identical digit in user interface
Dot etc.), later, using the password of the acquisition user input from password control, and execute the behaviour such as subsequent login or payment
Make.
Inventor has found that there is the password quilts of user's input in some Intelligent mobile equipments in realizing process of the present invention
The phenomenon that malice is stolen has system permission using due to escaping from prison such as in the Intelligent mobile equipment based on the iOS to escape from prison,
Making to apply may be implemented across application access, i.e., the data of the one accessible other application of application;(such as to some malicious applications
IKeyMonitor etc.) can use across this feature of application access obtain other application user log in or pay waited
The password that user is inputted in journey.
Summary of the invention
In view of the above problems, it proposes on the present invention overcomes the above problem or at least be partially solved in order to provide one kind
State the password burglary-preventing method and device of problem.
According to one aspect of the present invention, a kind of password burglary-preventing method is provided, this method is suitable in the process of running
The application in the Intelligent mobile equipment of interface for password input is shown to user, the method includes the steps: applying operational process
In the case where the middle displaying interface for password input to user, the password of interception user's input, by the password storage being truncated in predetermined
In variable, and storage is different from the dummy letter of the password in the password control object of application creation;It is needed in the application
In the case where carrying out subsequent operation using the password that user inputs, the password is obtained from the predetermined variable, and be supplied to
Using the password execution subsequent operation for inputting the application password obtained from the predetermined variable as user.
According to another aspect of the present invention, a kind of cipher anti-theft device is provided, which is suitable in the process of running
The application in the Intelligent mobile equipment of interface for password input is shown to user, and described device includes: cryptographic handling module, is suitable for
In the case where showing interface for password input to user in application operational process, the password of interception user's input, by what is be truncated to
Storage is different from the false close of the password to password storage in predetermined variable, and in the password control object of application creation
Code;Password obtains module, in the case where suitable for needing the password progress subsequent operation using user's input in the application, from institute
It states and obtains the password in predetermined variable, and be supplied to the application, obtain the application will from the predetermined variable
Password executes subsequent operation as the password that user inputs.
The password that password burglary-preventing method and device of the invention is inputted by interception user, and in the password of application creation
Storage is different from the dummy letter of the password of user's input in control object, in this way, (being referred to as malice journey in malicious application
Sequence) by across application access mode come from the password control object that some is applied obtain password when, from password control object
In the password that gets be not user's input true password, but dummy letter disliked so as to avoid the password of user
The phenomenon that meaning application is stolen;The present invention passes through the password storage that the user that will be intercepted inputs to be needed in specifying variable, and in application
When the true password for wanting user to input the operation such as logs in or pay to execute, password is obtained from specifying variable, in this way,
Corresponding operation is carried out using the true password that can use user's input, to have peace in the true password for guaranteeing user
Make to apply under the premise of full property and can correctly execute corresponding operation;The final present invention improves the safety of userspersonal information
Property, avoid the leakage as userspersonal information and unnecessary damage caused by property or the person to user etc.
It loses.
The above description is only an overview of the technical scheme of the present invention, in order to better understand the technical means of the present invention,
And it can be implemented in accordance with the contents of the specification, and in order to allow above and other objects of the present invention, feature and advantage can
It is clearer and more comprehensible, the followings are specific embodiments of the present invention.
Detailed description of the invention
By reading the following detailed description of the preferred embodiment, various other advantages and benefits are common for this field
Technical staff will become clear.Figure of description only for the purpose of illustrating preferred embodiments, and is not considered as pair
Limitation of the invention.And throughout the drawings, the same reference numbers will be used to refer to the same parts.In the accompanying drawings:
Fig. 1 shows according to embodiments of the present invention one password burglary-preventing method flow chart;
Fig. 2 shows according to embodiments of the present invention two password burglary-preventing method flow charts;
Fig. 3 shows according to embodiments of the present invention three password burglary-preventing method schematic diagram;
Fig. 4 shows according to embodiments of the present invention four cipher anti-theft device schematic diagram;
Fig. 5 shows according to embodiments of the present invention five cipher anti-theft device schematic diagram.
Specific embodiment
Exemplary embodiments of the present disclosure are described in more detail below with reference to accompanying drawings.Although showing the disclosure in attached drawing
Exemplary embodiment, it being understood, however, that may be realized in various forms the disclosure without should be by embodiments set forth here
It is limited.On the contrary, these embodiments are provided to facilitate a more thoroughly understanding of the present invention, and can be by the scope of the present disclosure
It is fully disclosed to those skilled in the art.
Embodiment one, password burglary-preventing method.
The present embodiment changes the intelligent sliding where application by intercepting the application password that user inputs in the process of running
Data transmission channel between keyboard (such as soft keyboard) input of dynamic equipment and password control object, by the true close of user's input
Code is stored in predetermined variable, while storage dummy letter is (such as complete with the password digit of user's input in password control object
Identical dummy letter), and durings subsequent login or payment etc., no longer make close using being obtained from password control object
Code, but password is obtained from predetermined variable, in this way, the present embodiment in the case where ensure that using operating normally, makes malice
The password that program (such as iKeyMonitor) is captured from the password control object of application build is dummy letter;To this reality
Apply the safety that example effectively increases password.
It is described in detail below with reference to specific implementation step of the Fig. 1 to the method for the present embodiment.
S100, application operational process in user show interface for password input in the case where, interception user input it is close
Code by the password storage being truncated in predetermined variable, and stores in the password control object of application creation different from above-mentioned
The dummy letter of password.
Specifically, inputting password if necessary to user, then application will create password control pair using in the process of running
As, and include the corresponding interface for password input of password control object in the user interface of its building.User can pass through key
Disk is based on the interface for password input and inputs password;For example, user can be by way of soft keyboard and based on Password Input circle
Face inputs its password.In the case where Intelligent mobile equipment is circumscribed with keyboard equipment, user can also be set by external keyboard
It is standby and its password is inputted based on the interface for password input.
The present embodiment intercepts there are many passwords of user's input, for example, what can be supported using password control object is showed
Some callback methods (being referred to as call back function) come intercept user input password.
In the case where application creates its password control object using existing mode, process of the user in input password
In, password control object can receive the password of user's input, and store the password of user's input, meanwhile, password control object
Can show that dot or star such as spend at the character or symbol of non-password in interface for password input, with hide user input it is true
Password.
The present embodiment can expand password control object during application creates password control object accordingly
Exhibition is such as inserted into corresponding program code in the corresponding position of password control object, defeated to receive user in password control object
When the password entered, the password of user's input is intercepted by callback method that password control object is supported, and will be successfully truncated to
Password storage in predetermined variable, meanwhile, to password control object provide dummy letter, make password control object store password
Dummy letter for the password inputted different from user;Likewise, the password control object of the application creation of the present embodiment can be close
Show that dot or star such as spend at the character or symbol of non-password in code input interface, with hide user input it is true close
Code.
The dummy letter that the present embodiment is stored in password control object can be the digit of the password of digit and user's input
Identical dummy letter;In addition, the dummy letter can be random number or predetermined character etc.;Here predetermined character can be display
Dot or star in interface for password input are spent.
In the present embodiment, the specifying variable of the password of storage user input generally falls into memory variable, in this way, applying
After end of run, memory variable can be automatically released, and so as to avoid applying after end of run, still be stayed in Intelligent mobile equipment
There is the phenomenon that password of user's input, eliminates the security risk that the password of the retention may will be leaked.
S110, above-mentioned application need using user input password carry out subsequent operation in the case where, from predetermined variable
Middle acquisition password, and it is supplied to the application, make to apply and holds the password that the password obtained from predetermined variable is inputted as user
Row subsequent operation.
Specifically, needing the case where carrying out the operations such as subsequent login or payment using the password that user inputs in application
Under, the present embodiment is to obtain password from predetermined variable to be supplied to application, rather than from the password control object that application creates
It obtains password and is supplied to application;For example, user can click in user interface after user completes the input operation of password
" login " or the buttons such as " determination " or " payment ", in the case, the present embodiment obtained from memory variable user input
True password is supplied to application, rather than obtains dummy letter from password control and be supplied to application;In this way, using can will be from
The password obtained in predetermined variable executes the operations such as corresponding login or payment as the password that user inputs.Specifically step on
The specific implementation process of the operations such as record or payment is no longer described in detail herein.
Embodiment two, password burglary-preventing method.
The password that application in the present embodiment is inputted by intercepting user, and the keyboard for changing Intelligent mobile equipment is (such as soft
Keyboard) input password control object between data transmission channel, by user input true password storage in predetermined variable
In, while dummy letter (the identical dummy letter of password digit such as inputted with user) is stored in password control object, and
Durings subsequent login or payment etc., using no longer obtaining password from password control object, but from predetermined variable
Password is obtained, in this way, the present embodiment makes rogue program (such as iKeyMonitor in the case where ensure that using operating normally
Deng) password that captures from the password control object of application build is dummy letter;To which the present embodiment effectively increases password
Safety.
It is described in detail below with reference to specific implementation step of the Fig. 2 to the method for the present embodiment.
In Fig. 2, the application in S200, Intelligent mobile equipment shows to include Password Input frame to user in the process of running
User interface.
Specifically, the Intelligent mobile equipment in the present embodiment can be the intelligence based on iOS (including based on the iOS to escape from prison)
Mobile device, certainly, if other operating systems used in terms of password control with based on the same or similar processing of iOS
Mode, then the Intelligent mobile equipment in the present embodiment may be the Intelligent mobile equipment using other operating systems.
Application in Intelligent mobile equipment inputs password in the process of running, if necessary to user, then application will create close
Code control object, and include the corresponding Password Input frame of the password control object in the user interface of its building.User can be with
The Password Input frame, which is based on, by keyboard inputs password;For example, user can be by way of soft keyboard and defeated based on the password
Enter frame and inputs its password.In the case where Intelligent mobile equipment is circumscribed with keyboard equipment, user can also pass through external keyboard
Equipment and its password is inputted based on the Password Input frame.
S210, the password inputted using interception user by user interface, by the password storage being truncated in predetermined variable
In, and storage is different from the dummy letter of the password of its interception in the password control object of its creation.
Specifically, the present embodiment can be propped up using password control object there are many passwords of application interception user's input
The existing callback method (being referred to as call back function) held intercept user input password.
In the case where application creates its password control object using existing mode, process of the user in input password
In, password control object can receive the password of user's input, and store the password of user's input, meanwhile, password control object
Can show that dot or star such as spend at the character or symbol of non-password in the password input box, with hide user input it is true
Password.
The application of the present embodiment can carry out password control object corresponding during creating password control object
Extension is such as inserted into corresponding program code in the corresponding position of password control object, to receive user in password control object
When the password of input, the password of user's input is intercepted by callback method that password control object is supported, and will successfully be intercepted
To password storage in predetermined variable, meanwhile, to password control object provide dummy letter, make password control object store it is close
Code is the dummy letter of the password inputted different from user;Likewise, the password control object of the application creation of the present embodiment can be
Show that dot or star such as spend at the character or symbol of non-password in Password Input frame, to hide the true close of user's input
Code.
The dummy letter that the present embodiment is stored in password control object can be the digit of the password of digit and user's input
Identical dummy letter;In addition, the dummy letter can be random number or predetermined character etc.;Here predetermined character can be display
Dot or star in the password input box is spent.
In the present embodiment, the specifying variable of the password of storage user input generally falls into memory variable, in this way, applying
After end of run, memory variable can be automatically released, and so as to avoid applying after end of run, still be stayed in Intelligent mobile equipment
There is the phenomenon that password of user's input, eliminates the security risk that the password of the retention may will be leaked.
S220, in the case where application needs to carry out subsequent operation using the password that user inputs, using from predetermined variable
Middle acquisition password.
Specifically, needing the case where carrying out the operations such as subsequent login or payment using the password that user inputs in application
Under, password is obtained from predetermined variable using meeting, rather than obtains password from the password control object that it is created;For example,
After user completes the input operation of password, user can click in user interface " login " either " determination " or " payment "
Equal buttons, in the case, using the true password for obtaining user's input from memory variable, rather than from password control
Obtain dummy letter.
S230, subsequent operation is executed using the password for inputting the password obtained from predetermined variable as user.
Specifically, executing and stepping on accordingly as the password that user inputs using the password for obtaining it from predetermined variable
The operation such as record or payment.The specific implementation process of the operations such as specific login or payment is no longer described in detail herein.
Embodiment three, password burglary-preventing method.It is described in detail below with reference to method of the Fig. 3 to the present embodiment.
In Fig. 3, certain in step 1, the Intelligent mobile equipment based on the iOS to escape from prison is applied in execution building password control pair
After equal operation, login window as shown in Figure 3 is shown to user, user inputs close by the soft keyboard in the login window
Code.
Step 2, the application intercept the password that user is inputted by soft keyboard in such a way that password control object is supported;
For example, include in the password control object of the application creation callback method in UITextFieldDelegate (such as
ShoudChangeCharactersInRanges), which is the open interface of iOS, is not interfered with using the interface
Audit and restocking of application etc..
Step 3, the true password storage inputted using the user intercepted are in memory variable.
Step 4 is sent to password control object using by dummy letter, and password control object stores the dummy letter, i.e. password
Dummy letter is stored in password control object by the plug-in unit in control object.
The dummy letter that above-mentioned application is sent to password control object can be identical as the true password digit that user inputs
Dot.Password control object can show dot in the Password Input frame of login window, in this way, the present embodiment can be kept
It is consistent with iOS usage experience.
It should be strongly noted that above-mentioned steps 3 and step 4 usually executed parallel.
Step 5, user click " login " button in login interface after the completion of Password Input, at this point, using from memory
The true password that user's input is obtained in variable executes subsequent register, and does not use and store in password control object
Dummy letter execute subsequent register.
Step 6, malicious plugins (being referred to as rogue program or malicious application, such as iKeyMonitor) are across application
When grabbing password from the password control object of this application, the password grabbed is not the true password of user's input,
But dummy letter, such as the password that malicious plugins grab is four dots.
Example IV, cipher anti-theft device.It is described in detail below with reference to device of the Fig. 4 to the present embodiment.
Cipher anti-theft device shown in Fig. 4 is generally disposed in Intelligent mobile equipment, and the Intelligent mobile equipment can be with
For the Intelligent mobile equipment based on iOS (including based on the iOS to escape from prison), certainly, if other operating systems are in password control side
Face is used with based on the same or similar processing mode of iOS, then the Intelligent mobile equipment in the present embodiment may be to adopt
With the Intelligent mobile equipment of other operating systems.
Cipher anti-theft device shown in Fig. 4 specifically includes that cryptographic handling module 400 and password obtain module 410.
Cryptographic handling module 400 is primarily adapted for the case where showing interface for password input to user in application operational process
Under, the password of interception user's input, by the password storage being truncated in predetermined variable, and in the password control of above-mentioned application creation
Storage is different from the dummy letter of above-mentioned password in part object.
Specifically, inputting password if necessary to user, then application will create password control pair using in the process of running
As, and include the corresponding interface for password input of password control object in the user interface of its building.User can pass through key
Disk is based on the interface for password input and inputs password;For example, user can be by way of soft keyboard and based on Password Input circle
Face inputs its password.In the case where Intelligent mobile equipment is circumscribed with keyboard equipment, user can also be set by external keyboard
It is standby and its password is inputted based on the interface for password input.
Cryptographic handling module 400 intercepts there are many passwords of user's input, for example, cryptographic handling module 400 can use
The existing callback method (being referred to as call back function) that password control object is supported intercept user input password.
In the case where application creates its password control object using existing mode, process of the user in input password
In, password control object can receive the password of user's input, and store the password of user's input, meanwhile, password control object
Can show that dot or star such as spend at the character or symbol of non-password in interface for password input, with hide user input it is true
Password.
The present embodiment can expand password control object during application creates password control object accordingly
Exhibition is such as inserted into cryptographic handling module 400 in the corresponding position of password control object, defeated to receive user in password control object
When the password entered, cryptographic handling module 400 intercepts the password that user inputs by the callback method that password control object is supported,
And by the password storage being successfully truncated in predetermined variable, meanwhile, cryptographic handling module 400 provides false to password control object
Password, the dummy letter for the password that the password for storing password control object is inputted different from user;Likewise, the present embodiment
It can show that dot or star such as spend at the character or symbol of non-password in interface for password input using the password control object of creation
Number, to hide the true password of user's input.
The dummy letter that cryptographic handling module 400 is stored in password control object can be the password of digit and user's input
The identical dummy letter of digit;In addition, the dummy letter can be random number or predetermined character etc.;Here predetermined character can be with
Dot or star to be shown in interface for password input are spent.
In the present embodiment, the specifying variable of the password of storage user input generally falls into memory variable, in this way, applying
After end of run, memory variable can be automatically released, and so as to avoid applying after end of run, still be stayed in Intelligent mobile equipment
There is the phenomenon that password of user's input, eliminates the security risk that the password of the retention may will be leaked.
Password obtains module 410 and is primarily adapted for needing the case where carrying out subsequent operation using the password that user inputs in application
Under, password is obtained from above-mentioned predetermined variable, and be supplied to application, make using using the password obtained from predetermined variable as use
The password of family input executes subsequent operation.
Specifically, needing the case where carrying out the operations such as subsequent login or payment using the password that user inputs in application
Under, it is acquisition password and the password control for being supplied to application, rather than creating from application from predetermined variable that password, which obtains module 410,
Password is obtained in part object and is supplied to application;For example, user can click after user completes the input operation of password
" login " in user interface either buttons such as " determination " or " payment ", in the case, password obtains module 410 from memory
The true password that user's input is obtained in variable is supplied to application, rather than acquisition dummy letter is supplied to and answers from password control
With;In this way, using can be executed using the password obtained from predetermined variable as the password that user inputs it is corresponding log in or
The operations such as person's payment.The specific implementation process of the operations such as specific login or payment is no longer described in detail herein.
Embodiment five, cipher anti-theft device.It is described in detail below with reference to device of the Fig. 5 to the present embodiment.
Cipher anti-theft device shown in Fig. 5 is generally disposed in Intelligent mobile equipment, and the Intelligent mobile equipment can be with
For the Intelligent mobile equipment based on iOS (including based on the iOS to escape from prison), certainly, if other operating systems are in password control side
Face is used with based on the same or similar processing mode of iOS, then the Intelligent mobile equipment in the present embodiment may be to adopt
With the Intelligent mobile equipment of other operating systems.
Cipher anti-theft device shown in Fig. 5 specifically includes that showing interface module 500, cryptographic handling module 510, password
Obtain module 520 and flow executing modules 530.
Showing interface module 500 is primarily adapted in the operational process of the application in Intelligent mobile equipment, shows to user
It include the user interface of Password Input frame.
Specifically, inputting password if necessary to user, then interface in the operational process of the application in Intelligent mobile equipment
Display module 500 will create password control object, and corresponding comprising the password control object in the user interface of its building
Password Input frame.User can be based on the Password Input frame by keyboard and input password;For example, user can pass through soft keyboard
Mode and its password is inputted based on the Password Input frame.In the case where Intelligent mobile equipment is circumscribed with keyboard equipment, Yong Huye
Its password can be inputted by external keyboard equipment and based on the Password Input frame.
Cryptographic handling module 510 is primarily adapted for intercepting the password of user's input, and the password storage being truncated to is become in predetermined
In amount, and storage is different from the dummy letter of the password in the password control object of application creation.
Specifically, cryptographic handling module 510 intercepts there are many passwords of user's input, as cryptographic handling module 510 can be with
The existing callback method (being referred to as call back function) supported using password control object intercept user input it is close
Code.
In the case where application creates its password control object using existing mode, process of the user in input password
In, password control object can receive the password of user's input, and store the password of user's input, meanwhile, password control object
Can show that dot or star such as spend at the character or symbol of non-password in the password input box, with hide user input it is true
Password.
The showing interface module 500 of the present embodiment can be during creating password control object, to password control pair
As being extended accordingly, it such as is inserted into cryptographic handling module 510 in the corresponding position of password control object, in password control pair
As receive user input password when, cryptographic handling module 510 is intercepted by the callback method that password control object is supported
The password of user's input, and by the password storage being successfully truncated in predetermined variable, meanwhile, cryptographic handling module 510 is to close
Code control object provides dummy letter, the password for inputting the password stored in password control object different from user it is false close
Code;Likewise, the password control object that showing interface module 500 creates can show that dot or star are spent in the password input box
The character or symbol of non-password, to hide the true password of user's input.
The dummy letter that cryptographic handling module 510 is stored in password control object can be the password of digit and user's input
The identical dummy letter of digit;In addition, the dummy letter can be random number or predetermined character etc.;Here predetermined character can be with
To show that dot in the password input box or star are spent.
In the present embodiment, the specifying variable of the password of storage user input generally falls into memory variable, in this way, applying
After end of run, memory variable can be automatically released, and so as to avoid applying after end of run, still be stayed in Intelligent mobile equipment
There is the phenomenon that password of user's input, eliminates the security risk that the password of the retention may will be leaked.
Password obtains module 520 and is primarily adapted for needing the case where carrying out subsequent operation using the password that user inputs in application
Under, password is obtained from predetermined variable.
Specifically, needing the case where carrying out the operations such as subsequent login or payment using the password that user inputs in application
Under, password obtains module 520 and understands the password control that obtain password from predetermined variable, rather than create from showing interface module 500
Password is obtained in part object;For example, user can click in user interface after user completes the input operation of password
" login " either buttons such as " determination " or " payment ", in the case, password obtain module 520 and obtain use from memory variable
The true password of family input, rather than dummy letter is obtained from password control.
Flow executing modules 530 are primarily adapted for the password that the password that will be obtained from predetermined variable is inputted as user and execute
Subsequent operation.
Specifically, the password that flow executing modules 530 obtain password acquisition module 520 from predetermined variable is as user
The password of input and execute corresponding log in or the operations such as payment.The specific implementation of the operations such as specific login or payment
Journey is no longer described in detail herein.
Algorithm and display are not inherently related to any particular computer, virtual system, or other device provided herein.
Various general-purpose systems can also be used together with teachings based herein.According to specific descriptions above, this kind of system institute is constructed
It is required that structure be obvious.In addition, the present invention is also not directed to any particular programming language.It should be understood that can use
Various programming languages realize summary of the invention described herein, and the description done above to language-specific is to disclose
Preferred forms of the invention.
In the instructions provided here, numerous specific details are set forth.It is to be appreciated, however, that implementation of the invention
Example can be practiced without these specific details.In some instances, well known method, structure is not been shown in detail
And technology, so as not to obscure the understanding of this specification.
Similarly, it should be understood that in order to simplify the disclosure and help to understand one or more of the various inventive aspects,
Above in the description of exemplary embodiment of the present invention, each feature of the invention is grouped together into single implementation sometimes
In example, figure or descriptions thereof.However, the disclosed method should not be interpreted as reflecting the following intention: i.e. required to protect
Shield the present invention claims features more more than feature expressly recited in each claim.More precisely, as following
Claims reflect as, inventive aspect is all features less than single embodiment disclosed above.Therefore,
Thus the claims for following specific embodiment are expressly incorporated in the specific embodiment, wherein each claim itself
All as a separate embodiment of the present invention.
Those skilled in the art will understand that can be carried out adaptively to the module in the equipment in embodiment
Change and they are arranged in one or more devices different from this embodiment.It can be the module or list in embodiment
Member or component are combined into a module or unit or component, and furthermore they can be divided into multiple submodule or subelement or
Sub-component.Other than such feature and/or at least some of process or unit exclude each other, it can use any
Combination is to all features disclosed in this specification (including adjoint claim, abstract and attached drawing) and so disclosed
All process or units of what method or apparatus are combined.Unless expressly stated otherwise, this specification is (including adjoint power
Benefit require, abstract and attached drawing) disclosed in each feature can carry out generation with an alternative feature that provides the same, equivalent, or similar purpose
It replaces.
In addition, it will be appreciated by those of skill in the art that although some embodiments described herein include other embodiments
In included certain features rather than other feature, but the combination of the feature of different embodiments mean it is of the invention
Within the scope of and form different embodiments.For example, in the following claims, embodiment claimed is appointed
Meaning one of can in any combination mode come using.
Various component embodiments of the invention can be implemented in hardware, or to run on one or more processors
Software module realize, or be implemented in a combination thereof.It will be understood by those of skill in the art that can be used in practice
Microprocessor or digital signal processor (DSP) come realize some in cipher anti-theft device according to an embodiment of the present invention or
The some or all functions of whole components.The present invention is also implemented as a part for executing method as described herein
Or whole device or device program (for example, computer program and computer program product).Such realization present invention
Program can store on a computer-readable medium, or can have the form of one or more signals.Such signal
It can be downloaded from an internet website to obtain, be perhaps provided on the carrier signal or be provided in any other form.
It should be noted that above-described embodiment is that the present invention will be described, rather than limits the invention, and
Those skilled in the art can be designed alternative embodiment without departing from the scope of the appended claims.In claim
In, any reference symbol between parentheses should not be configured to limitations on claims.Word "comprising" is not excluded for depositing
In elements or steps not listed in the claims.Word "a" or "an" located in front of the element does not exclude the presence of multiple
Such element.The present invention can be by means of including the hardware of several different elements and by means of properly programmed computer
To realize.In the unit claims listing several devices, several in these devices can be by same hard
Part item embodies.The use of word first, second and third etc. does not indicate any sequence, can be construed to these words
Title.
Claims (12)
1. a kind of password burglary-preventing method, this method is suitable for showing the intelligent sliding of interface for password input to user in the process of running
Application in dynamic equipment, the method includes the steps:
In the case where showing interface for password input to user in application operational process, the password of interception user's input will be intercepted
To password storage in predetermined variable, and application creation password control object in storage be different from the password vacation it is close
Code;
In the case where the application needs to carry out subsequent operation using the password that user inputs, obtained from the predetermined variable
The password, and it is supplied to the application, input the application using the password obtained from the predetermined variable as user
Password execute subsequent operation.
2. password burglary-preventing method as described in claim 1, wherein it is described interception user input password include:
The password that user is inputted by soft keyboard is intercepted by the callback method that the password control object of application creation is supported.
3. password burglary-preventing method as described in claim 1, wherein the predetermined variable belongs to memory variable.
4. password burglary-preventing method as described in claim 1, wherein the position of the digit of the dummy letter and the password of user's input
Number is identical.
5. password burglary-preventing method as claimed in claim 1 or 2 or 3 or 4, wherein the Intelligent mobile equipment is based on iOS's
Intelligent mobile equipment.
6. a kind of cipher anti-theft device, which is suitable for showing the intelligent sliding of interface for password input to user in the process of running
Application in dynamic equipment, described device include:
Cryptographic handling module intercepts user in the case where being suitable for showing interface for password input to user in application operational process
The password of input by the password storage being truncated in predetermined variable, and is deposited in the password control object of application creation
Storage is different from the dummy letter of the password;
Password obtains module, in the case where suitable for needing the password progress subsequent operation using user's input in the application, from
The password is obtained in the predetermined variable, and is supplied to the application, obtain the application will from the predetermined variable
The password that inputs as user of password execute subsequent operation.
7. cipher anti-theft device as claimed in claim 6, wherein the cryptographic handling module is also particularly adapted to: by described
The password that the callback method interception user supported using the password control object of creation is inputted by soft keyboard.
8. cipher anti-theft device as claimed in claim 6, wherein the predetermined variable belongs to memory variable.
9. cipher anti-theft device as claimed in claim 6, wherein the position of the digit of the dummy letter and the password of user's input
Number is identical.
10. the cipher anti-theft device as described in claim 6 or 7 or 8 or 9, wherein the Intelligent mobile equipment is based on iOS
Intelligent mobile equipment.
11. a kind of computer readable storage medium is stored thereon with the computer program of cipher anti theft, which is characterized in that the journey
The method of any one of claim 1-5 is realized when sequence is executed by processor.
12. a kind of computer equipment including memory, processor and is stored on a memory and can be run on a processor close
The antitheft computer program of code, which is characterized in that the processor realizes any one of claim 1-5's when executing described program
Method.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410386637.9A CN105335674B (en) | 2014-08-07 | 2014-08-07 | Password burglary-preventing method and device |
| CN201811630017.XA CN109635601B (en) | 2014-08-07 | 2014-08-07 | Password anti-theft method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410386637.9A CN105335674B (en) | 2014-08-07 | 2014-08-07 | Password burglary-preventing method and device |
Related Child Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811630017.XA Division CN109635601B (en) | 2014-08-07 | 2014-08-07 | Password anti-theft method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105335674A CN105335674A (en) | 2016-02-17 |
| CN105335674B true CN105335674B (en) | 2019-02-12 |
Family
ID=55286192
Family Applications (2)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811630017.XA Active CN109635601B (en) | 2014-08-07 | 2014-08-07 | Password anti-theft method and device |
| CN201410386637.9A Active CN105335674B (en) | 2014-08-07 | 2014-08-07 | Password burglary-preventing method and device |
Family Applications Before (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811630017.XA Active CN109635601B (en) | 2014-08-07 | 2014-08-07 | Password anti-theft method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (2) | CN109635601B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109635601A (en) * | 2014-08-07 | 2019-04-16 | 北京奇虎科技有限公司 | Password burglary-preventing method and device |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105653994A (en) * | 2016-02-22 | 2016-06-08 | 浪潮通用软件有限公司 | Method for preventing memory password from leakage |
| CN112261005B (en) * | 2020-09-27 | 2022-12-06 | 中孚安全技术有限公司 | Method and system for hiding Web secure login password |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1719370A (en) * | 2004-07-09 | 2006-01-11 | 中国民生银行股份有限公司 | Method of implementing cipher protection against computer keyboard information interfference |
| CN102447558A (en) * | 2011-11-22 | 2012-05-09 | 王勇 | Encryption method using random sequence on-demand and having misleading function |
| CN103150525A (en) * | 2013-01-31 | 2013-06-12 | 深圳市金立通信设备有限公司 | Password input method and password input terminal |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1756152A (en) * | 2004-04-05 | 2006-04-05 | 王松 | Radix algorithm encryption method for dynamic password |
| US9245154B2 (en) * | 2010-03-08 | 2016-01-26 | Eva Andreasson | System and method for securing input signals when using touch-screens and other input interfaces |
| CN102170350B (en) * | 2011-04-11 | 2014-03-26 | 桂林电子科技大学 | Multiple uncertainty encryption system with misleading function |
| CN102904725B (en) * | 2012-10-22 | 2016-02-10 | 广东欧珀移动通信有限公司 | A kind of cipher-code input method, device and mobile terminal |
| CN109635601B (en) * | 2014-08-07 | 2022-01-11 | 北京奇虎科技有限公司 | Password anti-theft method and device |
-
2014
- 2014-08-07 CN CN201811630017.XA patent/CN109635601B/en active Active
- 2014-08-07 CN CN201410386637.9A patent/CN105335674B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1719370A (en) * | 2004-07-09 | 2006-01-11 | 中国民生银行股份有限公司 | Method of implementing cipher protection against computer keyboard information interfference |
| CN102447558A (en) * | 2011-11-22 | 2012-05-09 | 王勇 | Encryption method using random sequence on-demand and having misleading function |
| CN103150525A (en) * | 2013-01-31 | 2013-06-12 | 深圳市金立通信设备有限公司 | Password input method and password input terminal |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109635601A (en) * | 2014-08-07 | 2019-04-16 | 北京奇虎科技有限公司 | Password burglary-preventing method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109635601B (en) | 2022-01-11 |
| CN109635601A (en) | 2019-04-16 |
| CN105335674A (en) | 2016-02-17 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11593055B2 (en) | Selective screen sharing | |
| Kantarcioglu et al. | Securing big data in the age of AI | |
| Memon et al. | Colluding apps: Tomorrow's mobile malware threat | |
| US9563773B2 (en) | Systems and methods for securing BIOS variables | |
| CN105335674B (en) | Password burglary-preventing method and device | |
| CN105809000A (en) | Information processing method and electronic device | |
| US20190197216A1 (en) | Method, apparatus, and computer-readable medium for executing a logic on a computing device and protecting the logic against reverse engineering | |
| CN104915594B (en) | Application program operation method and device | |
| WO2014145186A1 (en) | Methods and apparatus for securing user input in a mobile device | |
| US11379568B2 (en) | Method and system for preventing unauthorized computer processing | |
| CN110178135B (en) | Altering application security to support instant access | |
| US9942221B2 (en) | Authentication for blocking shoulder surfing attacks | |
| EP3756119B1 (en) | Masked key hopping | |
| US20230018027A1 (en) | Virtual keyboard captcha | |
| US10878129B2 (en) | Classification of GUI items according to exposure to security sensitive operations | |
| CN106792666A (en) | The method and device of network sensitive information in protection wireless network connection | |
| US10642979B1 (en) | System and method for application tamper discovery | |
| US11263328B2 (en) | Encrypted log aggregation | |
| EP2907064B1 (en) | License information access based on developer profiles | |
| Yee | Reducing the attack surface for private data | |
| US9642012B1 (en) | Mobile device access control with two-layered display | |
| US20180225468A1 (en) | System and method for selecting a data entry mechanism during application creation | |
| US10044846B2 (en) | Method for executing dual operating systems of smart phone | |
| US9852314B1 (en) | Mobile device access control with two-layered display | |
| CN115801271A (en) | Method, equipment and storage medium for realizing dynamic password |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20220712 Address after: Room 801, 8th floor, No. 104, floors 1-19, building 2, yard 6, Jiuxianqiao Road, Chaoyang District, Beijing 100015 Patentee after: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Address before: 100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park) Patentee before: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Patentee before: Qizhi software (Beijing) Co., Ltd |
|
| TR01 | Transfer of patent right |