CN105610784A - Enhanced protection method for twice verification login of account - Google Patents
Enhanced protection method for twice verification login of account Download PDFInfo
- Publication number
- CN105610784A CN105610784A CN201510766069.XA CN201510766069A CN105610784A CN 105610784 A CN105610784 A CN 105610784A CN 201510766069 A CN201510766069 A CN 201510766069A CN 105610784 A CN105610784 A CN 105610784A
- Authority
- CN
- China
- Prior art keywords
- account
- user
- identifying code
- time
- logined
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 23
- 238000012795 verification Methods 0.000 title abstract 13
- 238000009434 installation Methods 0.000 claims description 20
- 238000010200 validation analysis Methods 0.000 claims description 4
- 239000011521 glass Substances 0.000 claims 1
- 230000002596 correlated effect Effects 0.000 abstract 1
- 230000000875 corresponding effect Effects 0.000 abstract 1
- 238000007689 inspection Methods 0.000 description 4
- 238000013500 data storage Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000007613 environmental effect Effects 0.000 description 2
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/108—Network architectures or network communication protocols for network security for controlling access to devices or network resources when the policy decisions are valid for a limited amount of time
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Information Transfer Between Computers (AREA)
- Telephonic Communication Services (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to a reinforced protection method for two-time verification login of an account, which comprises a server system, a server system and a server system, wherein the server system receives that a user passes through different electronic devices and passes through programs on the electronic devices in an Internet way, a firmware request is linked to the server system, after a first verification code is input for login, the account corresponding to the verification code is allowed to be input into another electronic device or the same electronic device within minutes after the verification code is logged in, the account and a second verification password are verified and logged in the system, if the first verification code correlated with the account is not successfully logged in, even if the account and the correct second verification password exist, the system still does not allow login, meanwhile, the user can change the content of the first verification code by himself and the system can periodically change the first verification code and send the first verification code to software or firmware of the electronic device appointed by the user for inputting verification by the user, the inconvenience that the user needs to change the used second verification password frequently is reduced, and the security of the login account password is improved.
Description
Technical field
The present invention has a kind of login more protection about account method, can be at different electronic installationsOr on same electronic installation, after inputting individually the first identifying code and being verified, in allow inputSeveral minutes in, be familiar with the account number cipher of use another electronic installation input user. Good authenticationBy rear, just can use system service. If exceed with the first identifying code of user's account relating defeatedEnter to pass through allow input time in, even if the account of inputting at another electronic installation and second is testedCard password is correct, still cannot successful accessing system. Simultaneously with the first identifying code of user's account relating,Except user can change first identifying code associated with account by accessing system, simultaneity factor also can weekPhase property changes first identifying code associated with user account and is sent to the specified Email of user, letterNews, allow user can clickthrough be online to system host by internet to input the first identifying code and testCard, or the software of user's electronic installation or firmware allow user input with user's account relatingThe first identifying code is online to system host input validation by internet, and reducing user needs often memoryChange the account that uses and the inconvenience of the second authentication password, simultaneously again can the use of increase systemSecurity, and user also can set and login notice, in the time that user logins, establishes according to userFixed Email or news in brief are notified user's the situation of logining, and reach enhancement system and use accountThe security of logining and convenience, simultaneously also can get rid of hacker and steal the harmfulness of account number cipher.
Background technology
The arriving of Internet Age, provides various network high in the clouds service, but these high in the clouds services are largePart is only to provide simple account number cipher and logins mechanism.
But the service of each network high in the clouds login machine-processed opening, if allow hacker steal user's accountPassword, just can serve with user's account accessing system easily. Allow user need to often upgrade noteRecall the new password of account of oneself, worry that again the data of oneself can be obtained easily by hacker.
How in the time that user needs high in the clouds service, just to open to allow to login to input and oneself usually useAccount number cipher, increase user and input security and the convenience of account number cipher, reduce hacker and steal useHarmfulness after the account number cipher of family is the problem that inventor desires most ardently solution really.
Summary of the invention
Because traditional system account number cipher is logined mechanism and is still had imperfection place, inventor's processHammer away, finally developing can increase user input account number cipher just in the time that accessing system is servedProfit, the security of logining with increase system, if reduce hacker and steal the danger of user account password simultaneouslyThe more protection method that twice checking of the account of evil property logined.
The present invention is the more protection method that twice checking of account logined, and it comprises: one or more is watchedTake end system, it can accept one or more user by different electronic installations, via wireless orThe mode of internet, program, firmware or the Internet software hyperlink request by electronic installation on itTo this one or more servo, after inputting and successfully logining after first identifying code, the time that record is loginedAfter, allow in several minutes after the first identifying code of this and user's account relating is successfully logined with itCorresponding account can be inputted its account and second at another electronic installation or same electronic installationAuthentication password checking accessing system, tests with first of user's account relating if successfully do not login checkingCard code, even if having account and the second correct authentication password, system does not still allow successfully to login, withTime and the first identifying code of user's account relating, can accessing system except user change new and useThe first identifying code that family account connects, simultaneity factor can periodically change that to be sent to user specifiedEmail, news in brief, allow user's clickthrough link to system host by internet, input theOne identifying code checking, or utilize software or the firmware of user's electronic installation, allow user input,By internet, link to system host input validation the first identifying code. Reduce user and need often noteRecall account that change uses and the inconvenience of the second authentication password, can increase system use again simultaneouslySecurity, and user also can set and login notice, in the time that user logins, according to userThe Email of setting or news in brief are notified user's the situation of logining, and reach enhancement system and use accountSecurity and the convenience number logined, also can get rid of hacker and steal the harmfulness of account number cipher simultaneously.
Brief description of the drawings
Fig. 1 is that user uses electronic equipment to link to system by internet to use twice checking to loginThe environmental aspect schematic diagram of more protection method accessing system.
Fig. 2 is the schematic flow sheet of logining of the more protection method reality logined of twice checking of account.
Description of reference numerals
A---user
B---electronic installation
C---wireless or internet
D1---the first identifying code is logined time recording module
D2---account and the second password authentication module
D3---notification module
D4---the first identifying code Notification of Changes module
E---data storage module
F---system host
S11---link to system at the first electronic installation by internet and input the first identifying code
S12---note down the first identifying code in system and successfully login the time
S13---on the main second electronic device using, input account and the second authentication password is logined
S14---the time is logined in the success that checks the first identifying code corresponding to account therewith
S15---capturing the time that current account logins successfully logins the time with the first corresponding identifying codeBetween gap
S16---refusal second electronic device is logined
S17---whether account and the second authentication password that inspection second electronic device is inputted be correct
S18---whether whether inspection user sets is notified
S19---whether whether inspection user sets is notified
S20---send and notify to user
S21---send and notify to user
S22---accessing system success
S23---accessing system failure
Detailed description of the invention
Refer to Fig. 1, Fig. 1 uses twice for user uses electronic equipment to link to system by internetThe environmental aspect schematic diagram of the more protection method accessing system that checking is logined.
The present invention has a kind of login more protection about account method, user A (can be natural person,Legal person or group), can be at different electronic installation B, input individually the first identifying code pass through because ofAfter special net C is verified to system host F, login time recording module by D1 the first identifying code, recordRecord the first identifying code and login after the successful time, another electronic installation B (can be personal computer,Tablet PC, smart mobile phone, notebook computer) the input user account number cipher of being familiar with use steps onFashionable by D2 account and the second password authentication module, login time recording module from D1 the first identifying codeCapture first identifying code corresponding with account and successfully login the time, check corresponding with user A accountThe success of one identifying code login the time and use at present that user's account and the second authentication password login timeBetween before and after gap, allows if exceed the first identifying code input the interior (example: first verifies of time of inputting by instituteThe successful accessing system of code is logined surrounding time with current account and the second authentication password and is exceeded 2 minutes), orBe and unsuccessful first identifying code of logining, even if the account of inputting at another electronic installation B and second is testedCard password is correct, still cannot successful accessing system F, and the first identifying code can pass through system F's simultaneouslyD4 the first identifying code Notification of Changes module, except allowing user A change identifying code content, also can simultaneouslyPeriodically change the electronic installation that is sent to the specified Email of user A, news in brief or userThe software of B or firmware, allow user pass through internet C and input the first identifying code to system F, reduces userThe account that often memory change is used and the inconvenience of the second authentication password, can increase again simultaneouslyThe security that adding system uses, and user also can set and login notice, by D3 notification module,In the time that user logins, the Email of setting according to user or news in brief are notified user's the shape of loginingCondition, reaches security and convenience that enhancement system is used account to login, also can get rid of hacker simultaneouslySteal the harmfulness of account number cipher, above correlation module data D1 the first identifying code is logined time record mouldPiece, D2 account and the second password authentication module, D3 notification module, D4 the first identifying code Notification of Changes mouldThe related data of piece can store record in data storage module E.
The flow process of logining that refers to Fig. 2 and be the more protection method reality that twice checking of account login is shownIntention. The more protection method that user uses twice checking of account to login is logined flow process, (S11) existsThe first electronic installation links to system by internet and inputs the first identifying code, and the first identifying code is verified intoAfter merit, note down the first identifying code at (S12) in system and successfully login the time, then mainly use at (S13)Second electronic device on input account and the second authentication password is logined, (S14) check account correspondence therewithThe success of the first identifying code login the time, (S15) capture time that current account logins and correspondingOne identifying code is successfully logined gap between the time, if be greater than the allowed time (for example 2 minutes) (S16) straightConnect logining of refusal second electronic device, for example, if be less than (S17) inspection of allowed time (2 minutes)Whether the account that second electronic device is inputted and the second authentication password be correct, if correctly check and useWhether whether person sets is notified, and notifies user to send rear (S22) the successful accessing system of notice if set,Do not notify user not send rear (S22) the successful accessing system of notice if set, if the account of inputtingNumber and the second authentication password incorrect, (S19) checks whether user sets and whether notify, if setFor notify user (S21) send and notify to user the failure of (S23) accessing system, if set obstructedKnow that user does not send rear (S23) accessing system failure of notice.
Can make to be familiar with the technology personnel by above detailed description and understand that the present invention really can reach aforesaid order, the real regulation that has met Patent Law, so propose application for a patent for invention in accordance with the law.
Claims (7)
1. the more protection method that twice checking of account logined, is characterized in that comprising:
Can, on different electronic installations or identical electronic installation, input individually the first identifying code,After being verified, after the time that the first identifying code of record and account relating is successfully logined, at another electricityOn sub-device or identical electronic device, relatively first identifying code relevant to account successfully logined time and accountWhether the surrounding time interval in the time logining is several minutes of allow input number with the second authentication passwordIn, if in allowed surrounding time interval, input user is familiar with the account number cipher usingAfter good authentication is passed through, just can use system service, if exceed and use first of this account relatingIdentifying code input allows in the time of input, if user does not successfully login with user account by instituteNumber the first associated identifying code, even the account of inputting at another electronic installation and the second authentication passwordCorrectly, still cannot successful accessing system;
One first identifying code is successfully logined time recording module, and it is in order to record associated with user account firstThe time that identifying code is successfully logined, account and the second password authentication module can be taken according to its demandThe time of successfully logining with the first identifying code of account relating;
One account and the second password authentication module, it is mainly system service and logins the flow process that uses checking, thisOne module to the first identifying code is successfully logined time recording module and is taken and the first identifying code of account relatingSuccess login after the time, the time in the time that user uses account accessing system is associated with user accountThe first identifying code is successfully logined the surrounding time interval of time, can not exceed institute predetermined time interval,If exceed this time interval, even if the account of inputting and the second authentication password are correct, still cannotSuccess accessing system;
One notification module, Email or news in brief that it is set according to user, if set notice in accountWhile number logining, send Email or news in brief is notified user;
One first identifying code Notification of Changes module, it can periodically be notified or according to user's request change and accountNumber connect identifying code after, send Email or news in brief that new identifying code sets to user,Allow user can click it and connect content by internet, link to system host success input validation instituteLogining the time of the first identifying code changing, or utilize software or the firmware of user's electronic installation,Allow user input the first changed identifying code by internet, link to system host, input validationThe first identifying code, allows user can change very easily checking and tests with first of user's account relatingCard code, increases security and convenience, reduce account that user needs often memory to change to use withThe inconvenience of the second authentication password, the security simultaneously again can increase system using, also can simultaneouslyGet rid of the harmfulness that hacker steals account number cipher.
2. the more protection method that twice checking of account as claimed in claim 1 logined, is characterized in that electricitySub-device includes notebook computer, computer, server, palm PC, PDA, dull and stereotyped calculatingMachine, intelligent mobile phone, intelligent watch, intelligent glasses, Web TV or action mobile phone.
3. the more protection method that twice checking of account as claimed in claim 1 logined, is characterized in thatOne identifying code is successfully logined time recording module, its in order to note down that the first identifying code successfully logins timeBetween, account and the second password authentication module can be taken with first of account relating and test according to its demandThe time that card code is successfully logined.
4. the more protection method that twice checking of account as claimed in claim 1 logined, is characterized in that accountNumber with the second password authentication module, its be mainly system service login use checking flow process, this mouldPiece to the first identifying code successfully logins that time recording module takes with the first identifying code of account relatingSuccessfully login after the time, the time in the time that user uses account accessing system obtained is associated with user accountThe first identifying code successfully login the surrounding time interval of time, can not exceed between institute's predetermined timeEvery, if exceed this time interval, even if the account of inputting and the second authentication password are correct, stillCannot successful accessing system.
5. the more protection method that twice checking of account as claimed in claim 1 logined, is characterized in thatOne identifying code Notification of Changes module, it can periodically be notified or connect according to user's request change and accountAfter the identifying code connecing, send new identifying code to Email or news in brief that user sets, allowUser can click it and connect content by internet, links to system host success input validation and changesLogining the time of the first identifying code becoming, or utilize software or the firmware of user's electronic installation,Allow user input the first changed identifying code by internet, link to system host, input is testedDemonstrate,prove the first identifying code, allow user can change very easily checking and first of user's account relatingIdentifying code.
6. the more protection method that twice checking of account as claimed in claim 1 logined, is characterized in that usingFamily can be connected into server-side default and when whether account is logined, will notify user and set and will lead toThe user's who knows Email or setting user's news in brief.
7. the more protection method that twice checking of account as claimed in claim 1 logined, is characterized in that usingWhether family can be connected into server-side default needs periodically change and first of account relating to verifyCode, sets user email or the news in brief that will notify.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
TW103139318A TWI525468B (en) | 2014-11-13 | 2014-11-13 | Twice to verify the account login to strengthen protection methods |
TW103139318 | 2014-11-13 |
Publications (1)
Publication Number | Publication Date |
---|---|
CN105610784A true CN105610784A (en) | 2016-05-25 |
Family
ID=55990324
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510766069.XA Pending CN105610784A (en) | 2014-11-13 | 2015-11-11 | Enhanced protection method for twice verification login of account |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN105610784A (en) |
TW (1) | TWI525468B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108263337A (en) * | 2018-01-19 | 2018-07-10 | 杭州左中右网络科技有限公司 | Self-service car lending system password matching method based on bluetooth communication |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111163327B (en) * | 2019-12-31 | 2022-07-05 | 广州酷狗计算机科技有限公司 | Method and device for counting number of online accounts |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20070266257A1 (en) * | 2004-07-15 | 2007-11-15 | Allan Camaisa | System and method for blocking unauthorized network log in using stolen password |
CN102055728A (en) * | 2009-11-02 | 2011-05-11 | 中华电信股份有限公司 | System login method for avoiding account number from being falsely used |
CN103747013A (en) * | 2014-01-24 | 2014-04-23 | 沈文策 | Cloud terminal login verification method and device |
CN103763101A (en) * | 2013-10-18 | 2014-04-30 | 北京奇虎科技有限公司 | Method, apparatus, and system for user login verification |
CN103916366A (en) * | 2012-12-31 | 2014-07-09 | 中国移动通信集团公司 | Login method, maintenance terminal, data management service equipment and login system |
-
2014
- 2014-11-13 TW TW103139318A patent/TWI525468B/en not_active IP Right Cessation
-
2015
- 2015-11-11 CN CN201510766069.XA patent/CN105610784A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20070266257A1 (en) * | 2004-07-15 | 2007-11-15 | Allan Camaisa | System and method for blocking unauthorized network log in using stolen password |
CN102055728A (en) * | 2009-11-02 | 2011-05-11 | 中华电信股份有限公司 | System login method for avoiding account number from being falsely used |
CN103916366A (en) * | 2012-12-31 | 2014-07-09 | 中国移动通信集团公司 | Login method, maintenance terminal, data management service equipment and login system |
CN103763101A (en) * | 2013-10-18 | 2014-04-30 | 北京奇虎科技有限公司 | Method, apparatus, and system for user login verification |
CN103747013A (en) * | 2014-01-24 | 2014-04-23 | 沈文策 | Cloud terminal login verification method and device |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108263337A (en) * | 2018-01-19 | 2018-07-10 | 杭州左中右网络科技有限公司 | Self-service car lending system password matching method based on bluetooth communication |
Also Published As
Publication number | Publication date |
---|---|
TW201617950A (en) | 2016-05-16 |
TWI525468B (en) | 2016-03-11 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110602052B (en) | Micro-service processing method and server | |
JP2022078093A (en) | Distributed, decentralized data aggregation | |
KR102141836B1 (en) | Two factor authentication | |
US8499053B2 (en) | Segmenting access to electronic message boards | |
CN101764819A (en) | methods and systems for detecting man-in-the-browser attacks | |
CN106850503B (en) | Login-free identity authentication method and device | |
CN109257321B (en) | Secure login method and device | |
US9544317B2 (en) | Identification of potential fraudulent website activity | |
US9491229B1 (en) | Application experience sharing system | |
KR102550923B1 (en) | System for blocking harmful site and method thereof | |
KR20160048161A (en) | Method and system for authenticating service | |
WO2020233009A1 (en) | Identity authentication method and apparatus, computing device, and storage medium | |
WO2019114246A1 (en) | Identity authentication method, server and client device | |
US20140157433A1 (en) | Management apparatus, membership managing method, service providing apparatus, and membership managing system | |
US10666663B2 (en) | Detecting fraudulent user access to online web services via user flow | |
CN105610784A (en) | Enhanced protection method for twice verification login of account | |
US11196753B2 (en) | Selecting user identity verification methods based on verification results | |
US10021082B2 (en) | Integration of form and file services | |
US11645346B2 (en) | System and method of generating individual content for a user of a service | |
CN114629955A (en) | Identity authentication method, identity authentication equipment and computer readable storage medium | |
US10853789B2 (en) | Dynamic digital consent | |
KR20150112131A (en) | System and method for user certification in using web service | |
US20200372551A1 (en) | Diversity-based system for administration of charitable trust | |
KR102428235B1 (en) | System for blocking harmful site and method thereof | |
CN104378338A (en) | Password protection information maintenance method and device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20160525 |
|
WD01 | Invention patent application deemed withdrawn after publication |