CN106161710B - A kind of user account safety management system based on smart phone - Google Patents
A kind of user account safety management system based on smart phone Download PDFInfo
- Publication number
- CN106161710B CN106161710B CN201510199485.6A CN201510199485A CN106161710B CN 106161710 B CN106161710 B CN 106161710B CN 201510199485 A CN201510199485 A CN 201510199485A CN 106161710 B CN106161710 B CN 106161710B
- Authority
- CN
- China
- Prior art keywords
- password
- submodule
- user
- module
- website
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Abstract
The present invention provides a kind of user account safety management system based on smart phone, including database module, management module and card module;The database module, the steganography for providing user account data are stored and are called;The management module, the additions and deletions for providing system login interface and user, which are looked into, changes operation;The card module, for monitoring users in operations such as the logins, password modification, account registration of website or Application Program Interface.The present invention can be with safe preservation user account data, and can fill automatically in the website or Application Program Interface for needing to fill in username and password, facilitate user to use on smart phone, while having ensured information security.
Description
Technical field
The present invention relates to smart phone technical field, specifically a kind of user account safety management system based on smart phone
System.
Background technique
In today of network prosperity, many websites could use after needing user's registration.Since website is too many, user name and
The too difficult memory of password, so many users use same set of username and password to many websites, once the use of some websites
Name in an account book and password leakage, the username and password of other websites will be also broken.And since too complicated password is difficult to remember,
Most people uses simple password, and attacker can be broken through with the method for dictionary attack.Recently, many websites produce use
Family information leakage event, the password that analysis is wherein revealed can be seen that most people and use " 123456 " etc. simple close
Code, it is very dangerous.
Some users can be stored in decodement local to remember complicated password, but in this way and unsafe,
If local computer or cell phone system are broken, information will be revealed.If password encryption saves, use when, is each
It requires to decrypt manually, in this way using very inconvenient.The existing general Encryption Algorithm of code management device is all fairly simple, and
It is inconvenient for operation to increase password, Modify password etc..Digital picture steganography is the technology by image watermarking into picture, with biography
The encryption technology of system is compared, and concealment is stronger.
In recent years, the usage amount of smart phone alreadys exceed personal computer, but user is also lacked on smart phone
Just, highly-safe code management device.
Summary of the invention
The purpose of the present invention is to provide a kind of user account safety management system based on smart phone improves intelligent hand
The safety of local user's account data, is not related to network transmission on machine.
The technical solution of the present invention is as follows:
A kind of user account safety management system based on smart phone, the system include database module, management module
And card module;
The database module, for providing steganography storage and the tune of user account data for management module and card module
With service, the user account data include that the network address of website or the packet name of application program and the website or application program are corresponding
Username and password;
The management module, for providing the user's login interface and data editing interface of the system, to user account number
According to being increased, deleted, searched or modified operation;
The card module, for monitoring website or Application Program Interface, when user needs to input username and password,
Automatic filling username and password edit box updates storage the password in database module when user's Modify password, when with
When new account is registered at family, by the packet name and the newly-built website or application program pair of the login interface network address of website or application program
The username and password answered is stored in database module.
The user account safety management system based on smart phone, the database module include verifying submodule
Block, steganography submodule and extracting sub-module, the management module include logging in submodule and editor's submodule, the card module
Including filling submodule, change submodule and registration submodule;
The verifying submodule, it is whether correct for verifying system login password, after being proved to be successful, with system login password
Ciphertext data encryption key, and data encryption key is stored in the memory of smart phone, be also used to verification management module and
Whether the sensitive operation of card module is within the system login cipher memory time;
The steganography submodule, for using data encryption key stored in memory to the user's account for newly increasing or modifying
Number is encrypted, and recycles image latent writing algorithm by encrypted user account image watermarking into predetermined pictures;
The extracting sub-module, for using image latent writing algorithm by hide into predetermined pictures user account data extraction
Out, management module or card module are sent to after recycling data encryption key stored in memory to decrypt;
The login submodule, for providing user's login interface of the system, by the system login password of user's input
Verifying submodule is sent to the system login cipher memory time of setting;
Editor's submodule obtains user account from extracting sub-module for providing the data edition interface of the system
Data are increased, are deleted, searched or are modified operation, and the user account number that will be newly increased or modify to user account data
According to being sent to steganography submodule;
The filling submodule, for monitoring the login interface of website or application program, when user needs to input user name
When with password login, the edit box of filling username and password is automatically identified, and will obtain from extracting sub-module and the net
It stands or the corresponding username and password of application program is filled into the edit box;
The change submodule, the password for monitoring website or application program modifies interface, when user's Modify password,
Modified password is sent to steganography submodule;
The registration submodule, it is raw when the new account of user's registration for monitoring the register interface of website or application program
Security password at the random string of specified digit as new account, and by the login interface network address of website or application program
Packet name and the newly-built website or the corresponding username and password of application program are sent to steganography submodule.
The user account safety management system based on smart phone, described image steganographic algorithm are specially that LSB is calculated
Method.
As shown from the above technical solution, the present invention can be with safe preservation user account data, and are needing to fill in user
The website or Application Program Interface of name and password can fill automatically, and user is facilitated to use on smart phone, while ensure
Information security.
Detailed description of the invention
Fig. 1 is the structural schematic diagram of the specific embodiment of the invention.
Specific embodiment
The present invention is further illustrated in the following with reference to the drawings and specific embodiments.
As shown in Figure 1, a kind of user account safety management system based on smart phone, including database module 1, management
Module 2 and card module 3, wherein database module 1 includes verifying submodule 11, steganography submodule 12 and extracting sub-module 13,
Management module 2 includes logging in submodule 21 and editor's submodule 22, and card module 3 includes registration submodule 31, change submodule
32 and filling submodule 33.
Submodule 11 is verified, is stepped on by using irreversible Secure Hash Algorithm (Safe Hash Algorithm) calculating
The hash value for the system login password that record submodule 21 is sent, and compared with the hash value of the system login password prestored
It is right, it is whether correct to verify the system login password that user inputs.After being proved to be successful, encrypted with system login password ciphertext data
Key, and data encryption key is stored in the memory of smart phone so that steganography submodule 12 and extracting sub-module 13 are adjusted
With.
Submodule 11 is verified, is also responsible for checking whether the sensitive operation of management module 2 and card module 3 has permission, is
It is no to carry out these operations within the system login cipher memory time.Sensitive operation refer to duplication password, Edit Password, check it is close
The operations such as code list, " password " here refers to website or the corresponding password of application program, rather than system of the invention is stepped on
Record password.
Steganography submodule 12, using data encryption key stored in memory to the user account data for newly increasing or modifying
It is encrypted, recycles LSB algorithm by encrypted user account image watermarking into predetermined pictures.User accounts all in this way
Data are ensconced in a picture on smart phone, even if smart phone is lost, attacker also cannot get any effective letter
Breath.User account data include the network address of website or the packet name of application program and the website or the corresponding user name of application program and
Password.The packet name of application program refers to unique designation of the application program on smart phone.
The user account data for hiding into predetermined pictures are extracted using LSB algorithm, are recycled by extracting sub-module 13
The user account data extracted are decrypted in data encryption key stored in memory, then pass to management module 2
Or card module 3.
Submodule 21 is logged in, user's login interface of the system is provided, user inputs login password, and selects to remember password
Time: 1 minute, 10 minutes, 30 minutes, 1 hour or 24 hours.Log in the system login password that submodule 21 inputs user
Verifying submodule 11 is sent to the cipher memory time of selection.After logining successfully, sensitive behaviour is carried out within the period of selection
When making, do not need to log on.
Submodule 22 is edited, the data edition interface of the system is provided, obtains user account data from extracting sub-module 13,
Increased, deleted, searched or modified operation, and the user account data transmission that will be newly increased or modify to user account data
To steganography submodule 12.
User is as follows using the account number cipher process of editor's 22 edit websites of submodule or application program:
(1) user checks account number cipher list in the interface selection of editor's submodule 22;
(2) verifying submodule 11 check user's last time login it is whether expired, i.e., whether setting system login password
In memory time, if expired, need to log in again, otherwise continue;
(3) user account clear data is returned to editor's submodule 22 by extracting sub-module 13;
(4) user selects a record, then Modify password clicks storage;
(5) record of modification is issued steganography submodule 12 by editor's submodule 22, and steganography is into predetermined pictures after encryption.
Submodule 31 is filled, the login interface of website or application program is monitored, when user needs to input username and password
When login, automatically identify the edit box of filling username and password, and will be obtained from extracting sub-module 13 with the website or
The corresponding username and password of application program is filled into edit box.There are the feelings of multiple accounts for a website or application program
Condition, user can choose account filling, while user can replicate the website or the corresponding user name of application program or password,
It needs to carry out within the system login cipher memory time when middle duplication password, otherwise needs to re-enter system login password.
Submodule 32 is changed, the password for monitoring website or application program modifies interface, has modified password when listening to user
When, modified password is sent to steganography submodule 12 after the user approval.
Submodule 33 is registered, the register interface of website or application program is monitored, when the new account of user's registration, is generated specified
Security password of the random string of digit as new account, and after the user approval by the login interface network address of website or application
The packet name of program and the newly-built website or the corresponding username and password of application program are sent to steganography submodule 12.
When user is when website or Application Program Interface operate, card module 3 is started to work, it can be seen from the above, using inserting
Part module 3 can be filled easily, be changed, newly-built username and password, while sensitive operation needs system login password again
Verifying has reached good equilibrium in safety and ease for use, convenient to use on smart phone.
The course of work of the card module 3 in user's log-on webpage is exemplified below:
(1) user opens the login interface of Baidu in a browser, without account, register interface is gone to fill in new user
Name, clicks the suspended window of card module 3, and selection generates security password;
(2) the registration submodule 33 of card module 3 generates the random string of a specified digit, returns to user and makees newly
Password;
(3) user submits new user name and when password, pops up dialog box, reminds whether user saves new user name and close
Code;
(4) it is to register submodule 33 for new Baidu's username and password and the login interface network address of Baidu that user, which clicks,
The steganography submodule 12 for being sent to database module 1 is saved;
(5) user returns to the login interface of Baidu, and the filling submodule 31 of card module 3 is by the login interface network address of Baidu
It is sent to the extracting sub-module 13 of database module 1;
(6) extracting sub-module 13 has found the corresponding username and password of network address, returns to filling submodule 31;
(7) filling submodule 31 is filled with the list of username and password automatically, and user can directly log in and not have to again
Fill in password.
It is exemplified below when user's Modify password in the application, the working method of card module 3:
(1) user opens Sina weibo app, enters Modify password interface;
(2) it fills in new password and clicks ACK button later, it is close that the change submodule 32 of card module 3 detects modification
Modify password request after user confirms preservation modification, is sent to the steganography submodule 12 of database module 1 by code;
(3) steganography submodule 12 covers former record by steganography after modified recording of encrypted into particular picture.
Embodiment described above is only that preferred embodiments of the present invention will be described, not to model of the invention
It encloses and is defined, without departing from the spirit of the design of the present invention, those of ordinary skill in the art are to technical side of the invention
The various changes and improvements that case is made, should fall within the scope of protection determined by the claims of the present invention.
Claims (2)
1. a kind of user account safety management system based on smart phone, it is characterised in that: the system include database module,
Management module and card module;
The database module, for providing the steganography storage of user account data for management module and card module and calling and take
Business, the user account data include the login interface network address of website or the packet name of application program and the website or application program pair
The username and password answered;
The management module, for providing the user's login interface and data editing interface of the system, to user account data into
Row increases, deletes, searching or modification operation;
The card module, for monitoring website or Application Program Interface, when user needs to input username and password, automatically
Filling username and password edit box updates storage the password in database module when user's Modify password, when user infuses
It is when the new account of volume, the packet name and the newly-built website of the login interface network address of website or application program or application program is corresponding
Username and password is stored in database module;
The database module includes verifying submodule, steganography submodule and extracting sub-module, and the management module includes logging in
Submodule and editor's submodule, the card module include filling submodule, change submodule and registration submodule;
The verifying submodule, it is whether correct for verifying system login password, after being proved to be successful, decrypted with system login password
Data encryption key, and data encryption key is stored in the memory of smart phone, it is also used to verification management module and plug-in unit
Whether the sensitive operation of module is within the system login cipher memory time;
The steganography submodule, for using data encryption key stored in memory to the user account number for newly increasing or modifying
According to being encrypted, recycle image latent writing algorithm by encrypted user account image watermarking into predetermined pictures;
The extracting sub-module, for being extracted the user account data for hiding into predetermined pictures using image latent writing algorithm
Come, is sent to management module or card module after recycling data encryption key stored in memory to decrypt;
The login submodule by the system login password of user's input and is set for providing user's login interface of the system
The system login cipher memory time set is sent to verifying submodule;
Editor's submodule obtains user account data from extracting sub-module for providing the data edition interface of the system,
Increased, deleted, searched or modified operation, and the user account data transmission that will be newly increased or modify to user account data
To steganography submodule;
The filling submodule, for monitoring the login interface of website or application program, when user needs to input user name and close
When code logs in, automatically identify the edit box of filling username and password, and will be obtained from extracting sub-module with the website or
The corresponding username and password of application program is filled into the edit box;
The change submodule, the password for monitoring website or application program are modified interface and will be repaired when user's Modify password
Password after changing is sent to steganography submodule;
The registration submodule, for monitoring the register interface of website or application program, when the new account of user's registration, generation refers to
Position security password of the random string as new account of number, and by the login interface network address of website or the packet name of application program
And newly-built website or the corresponding username and password of application program is sent to steganography submodule.
2. the user account safety management system according to claim 1 based on smart phone, it is characterised in that: the figure
As steganographic algorithm is specially LSB algorithm.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510199485.6A CN106161710B (en) | 2015-04-24 | 2015-04-24 | A kind of user account safety management system based on smart phone |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510199485.6A CN106161710B (en) | 2015-04-24 | 2015-04-24 | A kind of user account safety management system based on smart phone |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106161710A CN106161710A (en) | 2016-11-23 |
| CN106161710B true CN106161710B (en) | 2019-02-15 |
Family
ID=57346387
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510199485.6A Active CN106161710B (en) | 2015-04-24 | 2015-04-24 | A kind of user account safety management system based on smart phone |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106161710B (en) |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106790686A (en) * | 2017-02-16 | 2017-05-31 | 上海斐讯数据通信技术有限公司 | A kind of user name password fill method and system |
| CN110383313B (en) * | 2017-03-07 | 2023-08-29 | 万事达卡国际公司 | Method and system for recording point-to-point transaction processing |
| CN109660348B (en) * | 2018-12-03 | 2021-10-26 | 东华大学 | Password recording system |
| CN110610071A (en) * | 2019-08-20 | 2019-12-24 | 广州海颐信息安全技术有限公司 | Privileged account management method and device based on screen identification |
| CN116244684A (en) * | 2023-05-11 | 2023-06-09 | 深圳奥联信息安全技术有限公司 | Password management method, password management system, computer equipment and storage medium |
| CN117540364A (en) * | 2023-11-22 | 2024-02-09 | 国电南瑞南京控制系统有限公司 | Cloud ECS (electronic control system) operating system password intelligent generation batch modification system and method |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6480903B1 (en) * | 1995-08-24 | 2002-11-12 | Compaq Information Technologies Group, L.P. | Hardware component interface for desktop computer management systems |
| CN1282093C (en) * | 2003-09-15 | 2006-10-25 | 联想(北京)有限公司 | Method of information automatic collecting and playback |
-
2015
- 2015-04-24 CN CN201510199485.6A patent/CN106161710B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN106161710A (en) | 2016-11-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106161710B (en) | A kind of user account safety management system based on smart phone | |
| CN101272237B (en) | Method and system for automatically generating and filling login information | |
| CN102300182B (en) | Short-message-based authentication method, system and device | |
| CN103618717B (en) | The dynamic confirming method of more account client informations, device and system | |
| US8719915B2 (en) | Method for improving network application security and the system thereof | |
| CN105743905B (en) | A kind of method that realizing secure log, unit and system | |
| KR20140042905A (en) | Identity authentication and management device and method thereof | |
| CN106685973A (en) | Method and device for remembering log in information, log in control method and device | |
| JP2017507552A (en) | Method and apparatus for providing client-side score-based authentication | |
| CN107871081A (en) | A kind of computer information safe system | |
| CN108075888B (en) | Dynamic URL generation method and device, storage medium and electronic equipment | |
| US20160149886A1 (en) | Method, device and system for account recovery with a durable code | |
| Bakar et al. | Adaptive authentication based on analysis of user behavior | |
| KR101897085B1 (en) | Apparatus and method for generating a realtime password and storage medium | |
| CN106790243A (en) | A kind of password remapping method of safe U disc | |
| US10657234B2 (en) | Method, computer program, and system to realize and guard over a secure input routine based on their behavior | |
| CN104601532B (en) | A kind of method and device of logon account | |
| CN117375986A (en) | Application access method, device and server | |
| US10769265B2 (en) | Managing passwords using steganography | |
| CN106685938B (en) | A kind of method and apparatus generating protection configuration for login page | |
| CN111949952A (en) | Method for processing verification code request and computer-readable storage medium | |
| EP3756332B1 (en) | Automated account recovery using trusted devices | |
| CN113794571A (en) | Authentication method, device and medium based on dynamic password | |
| CN106534214A (en) | Router security authentication method, device and system | |
| CN103023855A (en) | Security login system based on hardware parameters of client computer |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |