CN106570392A - Method of modifying passwords periodically - Google Patents
Method of modifying passwords periodically Download PDFInfo
- Publication number
- CN106570392A CN106570392A CN201610919358.3A CN201610919358A CN106570392A CN 106570392 A CN106570392 A CN 106570392A CN 201610919358 A CN201610919358 A CN 201610919358A CN 106570392 A CN106570392 A CN 106570392A
- Authority
- CN
- China
- Prior art keywords
- password
- end applications
- middleware
- new
- old
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
- G06F21/46—Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/23—Updating
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Abstract
The invention discloses a method for modifying passwords periodically. The objective of the invention is to strengthen the protection of a database. In some scenes, password of the database is needed to be updated periodically, while, current common practices cannot provide perfect solutions for the periodic update of the password. According to the method, front-end applications can be connected with middleware or a back-end database through new passwords or old passwords; the middleware or the database circularly compares saved passwords; if the passwords provided by the front-end applications are any one password in the passwords in the middleware or the database, the front-end applications can log in the middleware or the database; if clients log in the middleware at first, the middleware verifies the validity of the passwords of the client, and if the front-end applications need to log in the back-end database, the front-end applications are connected with the back-end database, so that data communication can be performed between the front-end applications and the back-end database; and after the middleware or the database detects that all the front-end applications use the new passwords, the old passwords are deleted, and only the new passwords are reserved.
Description
Technical field
The invention belongs to technical field of network security and database technical field, more particularly to a kind of periodic modification password
Method.
Background technology
In some major companies, for database security, periodic modification database password is needed.Major company may have into hundred
Thousands of applications, and these applications may require connect to data base, carry out the operation of data base, and need when being connected to data base
The clear-text passwords of data base is wanted, and a current data base can only configure a password.Data base only support one it is close
In the case of code, periodic modification database password is a highly difficult thing.
Mainly have currently for the method for this periodic modification password:One, for password is written directly to answering in code
With changing database password (as shown in Figure 1) by issuing new application program;Two, application is managed by configuration file
Password, the password applied in periodic modification configuration file can (as shown in Figure 2);Three, being managed by intermediate server should
Password, realizes quickly changing the requirement of client password (such as Fig. 3 institutes by changing the password applied in intermediate server
Show).But these methods either first change the password that the database password of application end still first changes database side, can all have
The inconsistent situation of the front and back end password of short time, can all bring Consumer's Experience bad or even bring serious safety problem.
The content of the invention
Present invention aims to the deficiencies in the prior art, there is provided a kind of method of periodic modification password.
The purpose of the present invention is achieved through the following technical solutions:A kind of side based on middleware periodic modification password
Method, the method are comprised the following steps that:
(1) prestore on middleware password, and the password includes new password and Old Password;
(2) middleware obtains the input password that front end applications are provided, and the password is compared with the password for prestoring, such as
The password that fruit front end applications are provided is consistent with any one password in the password for prestoring, then it is assumed that in the middle of front end applications have passed through
The checking of part;
(3) after checking, middleware is logined, client database sends checking information to middleware backward, in passing through
Between part front end applications are coupled together with back-end data base, the communication of front end applications and back-end data base is turned by middleware
Send out;
(4) middleware detects and records the password service condition of front end applications, if when all of front end applications are all used
When new password connects, Old Password is just deleted, so as to complete the modification of password.
Further, the middleware has data forwarding module, secure verification module, front end applications password detection module
And Password Management module.
Further, the data forwarding module is used for the communication of front end applications and back-end data base, the safety verification
Module is used for the input password for obtaining front end applications offer, and the password is compared with the password for prestoring, if front end should
It is consistent with any one password in the password for prestoring with the password for providing, then it is assumed that front end applications have passed through testing for middleware
Card;The new Old Password preserving module for amended password and the password before modification are preserved within a period of time simultaneously, i.e.,
New password and Old Password are preserved simultaneously;The front end applications password detection module is used for detection and judges that front end applications are currently to use
New password is logged in or is logged in Old Password;The Password Management module be used for preserve front end applications password service condition and
When all of front end applications all use new password to connect, Old Password is deleted.
Further, it is described a period of time in be from Modify password start to front end applications all using new password this
The section time.
Further, the back-end data base is a kind of system of data storage.
The application also provides another scheme:A kind of method based on back-end data base periodic modification password, the method
Comprise the following steps that:
(1) prestore on back-end data base password, and the password includes new password and Old Password;
(2) back-end data base obtains the input password that front end applications are provided, and the password is compared with the password for prestoring
Compared with if the password that front end applications are provided is consistent with any one password in the password for prestoring, then it is assumed that front end applications pass through
The checking of back-end data base;
(3) after checking, back-end data base is logined, so as to directly be connected front end applications with back-end data base
Come;
(4) back-end data base detects and records the password situation of front end applications, if when all of front end applications are all used
When new password connects, Old Password is just deleted, so as to complete the modification of password.
Further, the back-end data base is a kind of system of data storage, with secure verification module, new Old Password
Preserving module, front end applications password detection module and Password Management module.
Further, the secure verification module be used for obtain front end applications offer input password, and by the password with
The password for prestoring is compared, if the password that front end applications are provided is consistent with any one password in the password for prestoring,
Think that front end applications have passed through the checking of middleware;The new Old Password preserving module is in a period of time interior preservation simultaneously
Password before amended password and modification, i.e., preserve new password and Old Password simultaneously;The front end applications password detection module
Judge that front end applications are currently to log in using new password or logged in Old Password for detection;The Password Management module is used for
Preserve the service condition of front end applications password and when all of front end applications all use new password to connect, delete Old Password.
Further, it is described a period of time in be from Modify password start to front end applications all using new password this
The section time.
The invention has the beneficial effects as follows:The inventive method solves the problems, such as periodic modification database password.Before the present invention
End application first passes through the checking of middleware or back-end data base, when all using new password to connect if all of front end applications,
Old Password is just deleted, time enough is so provided and is carried out more new password by front end applications.During more new password, Bu Huizao
Into front end applications and the inconsistent problem of back-end data base.The situation of experience variation will not be brought to user, enterprise will not be also given
Bring loss.
Description of the drawings
Fig. 1 is the structure chart that password writes the application in code and database communication;
Fig. 2 is saved in the structure chart of the application in configuration file and the communication of data base for password;
Fig. 3 is saved in the structure chart of the application of intermediate server and the communication of data base for password;
Fig. 4 is application program and the structure chart for realizing the middleware of new technique or the communication of data base;
Fig. 5 is the checking flow chart for realizing the middleware or data base of new technique to front end applications;
Specific embodiment
The present invention is described in further detail with specific embodiment below in conjunction with the accompanying drawings.The inventive method can be used appoints
What computer language realization, and for software and hardware do not have particular/special requirement.
As shown in Fig. 4 b and Fig. 5 b, a kind of method of periodic modification password, the method are comprised the following steps that:
(1) prestore on middleware password first, and the password includes new password and Old Password;Front end applications obtain password
Mode is still identical with original, password can be written in front end applications, or is written in configuration file, or preserves
To on third-party server.
(2) middleware obtains the input password that front end applications are provided, and the password is compared with the password for prestoring, such as
The password that fruit front end applications are provided is consistent with any one password in the password for prestoring, then it is assumed that in the middle of front end applications have passed through
The checking of part;
(3) after checking, middleware is logined, client database sends checking information to middleware backward, in passing through
Between part front end applications are coupled together with back-end data base, the communication of front end applications and back-end data base is turned by middleware
Send out, such as shown in Fig. 4 (b);
(4) middleware detects and records the password situation of front end applications, if when all of front end applications all use Xinmi City
During code connection, Old Password is just deleted, so as to complete the modification of password.
The middleware has data forwarding module, secure verification module, new Old Password preserving module, front end applications password
Detection module and Password Management module, the data forwarding module are used for the communication of front end applications and back-end data base, described
Secure verification module is used for the input password for obtaining front end applications offer, and the password is compared with the password for prestoring, such as
The password that fruit front end applications are provided is consistent with any one password in the password for prestoring, then it is assumed that in the middle of front end applications have passed through
The checking of part;Before the new Old Password preserving module is for preserving amended password and changing within a period of time simultaneously
Password, i.e., preserve new password and Old Password simultaneously;The front end applications password detection module is used for detection and judges that front end applications are worked as
Before be to log in or logged in Old Password using new password;The Password Management module is used for the use for preserving front end applications password
Situation and when all of front end applications all use new password connect when, delete Old Password;Described is from repairing within a period of time
Change password to start to front end applications all using this period of new password.
As shown in Fig. 4 a and Fig. 5 b, the application also provides a kind of method of periodic modification password, and the method concrete steps are such as
Under:
(1) prestore on back-end data base password, and the password includes new password and Old Password;
(2) back-end data base obtains the input password that front end applications are provided, and the password is compared with the password for prestoring
Compared with if the password that front end applications are provided is consistent with any one password in the password for prestoring, then it is assumed that front end applications pass through
The checking of back-end data base;
(3) after checking, back-end data base is logined, so as to directly be connected front end applications with back-end data base
Come, such as shown in Fig. 4 (a);
(4) back-end data base detects and records the password situation of front end applications, if when all of front end applications are all used
When new password connects, Old Password is just deleted, so as to complete the modification of password.
The back-end data base is a kind of system of data storage, with secure verification module, new Old Password preserving module,
Front end applications password detection module and Password Management module;The secure verification module is used to obtain the defeated of front end applications offer
Enter password, and the password is compared with the password for prestoring, if in the front end applications password for providing and the password for prestoring
Any one password is consistent, then it is assumed that front end applications have passed through the checking of middleware;The new Old Password preserving module is used for
Preserve amended password and the password before modification within a period of time simultaneously, i.e., preserve new password and Old Password simultaneously;It is described
Front end applications password detection module is used for detection and judges that front end applications are currently to log in using new password or logged in Old Password;
The Password Management module is used to preserve the service condition of front end applications password and when all of front end applications all use Xinmi City
During code connection, Old Password is deleted;Described is to start to front end applications all to use new password from Modify password within a period of time
This period.
Using the interaction flow between front end applications of the present invention and back-end data base, that a situation arises is as follows, as shown in figure 5,
A () is existing verification step, (b) be using the verification step after the present invention.When utilizing the present invention, front end applications use mesh
Front password (can be new password can also be Old Password) initiates connection to middleware or back-end data base, can all connect into
Work(.
Claims (9)
1. a kind of method based on middleware periodic modification password, it is characterised in that the method is comprised the following steps that:
(1) prestore on middleware password, and the password includes new password and Old Password;
(2) middleware obtains the input password that front end applications are provided, and the password is compared with the password for prestoring, if front
The password that end application is provided is consistent with any one password in the password for prestoring, then it is assumed that front end applications have passed through middleware
Checking;
(3) after checking, middleware is logined, client database sends checking information to middleware backward, so as to pass through middleware
Front end applications are coupled together with back-end data base, the communication of front end applications and back-end data base is forwarded by middleware;
(4) middleware detects and records the password service condition of front end applications, if when all of front end applications all use Xinmi City
During code connection, Old Password is just deleted, so as to complete the modification of password.
2. the method for periodic modification password according to claim 1, it is characterised in that the middleware has data forwarding
Module, secure verification module, front end applications password detection module and Password Management module.
3. the method for periodic modification password according to claim 2, it is characterised in that the data forwarding module is used for front
Using the communication with back-end data base, the secure verification module is used for the input password for obtaining front end applications offer, and will at end
The password is compared with the password for prestoring, if any one the password phase in the front end applications password for providing and the password for prestoring
Unanimously, then it is assumed that front end applications have passed through the checking of middleware;The new Old Password preserving module is for interior in a period of time
Amended password and the password before modification are preserved simultaneously, i.e., preserve new password and Old Password simultaneously;The front end applications password
Detection module is used for detection and judges that front end applications are currently to log in using new password or logged in Old Password;The Password Management
Module is used for the service condition for preserving front end applications password and when all of front end applications all use new password to connect, and deletes
Old Password.
4. the method for periodic modification password according to claim 3, it is characterised in that described is from repairing within a period of time
Change password to start to front end applications all using this period of new password.
5. the method for periodic modification password according to claim 1, it is characterised in that the back-end data base is that one kind is deposited
The system of storage data.
6. a kind of method based on back-end data base periodic modification password, it is characterised in that the method is comprised the following steps that:
(1) prestore on back-end data base password, and the password includes new password and Old Password;
(2) back-end data base obtains the input password that front end applications are provided, and the password is compared with the password for prestoring, such as
The password that fruit front end applications are provided is consistent with any one password in the password for prestoring, then it is assumed that front end applications have passed through rear end
The checking of data base;
(3) after checking, back-end data base is logined, so as to directly couple together front end applications with back-end data base;
(4) back-end data base detects and records the password situation of front end applications, if when all of front end applications all use Xinmi City
During code connection, Old Password is just deleted, so as to complete the modification of password.
7. the method for periodic modification password according to claim 6, it is characterised in that the back-end data base is that one kind is deposited
The system of storage data, with secure verification module, new Old Password preserving module, front end applications password detection module and password pipe
Reason module.
8. the method for periodic modification password according to claim 7, it is characterised in that the secure verification module is used to obtain
The input password of front end applications offer is provided, and the password is compared with the password for prestoring, if front end applications offer is close
Code is consistent with any one password in the password for prestoring, then it is assumed that front end applications have passed through the checking of middleware;It is described new
Old Password preserving module preserves new simultaneously for amended password and the password before modification are preserved within a period of time simultaneously, i.e.,
Password and Old Password;The front end applications password detection module is used for detection and judges that front end applications are logged in using new password
Or logged in Old Password;The Password Management module is used for the service condition for preserving front end applications password and before all of
When end application all uses new password to connect, Old Password is deleted.
9. the method for periodic modification password according to claim 8, it is characterised in that described is from repairing within a period of time
Change password to start to front end applications all using this period of new password.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610919358.3A CN106570392A (en) | 2016-10-21 | 2016-10-21 | Method of modifying passwords periodically |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610919358.3A CN106570392A (en) | 2016-10-21 | 2016-10-21 | Method of modifying passwords periodically |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106570392A true CN106570392A (en) | 2017-04-19 |
Family
ID=60414206
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610919358.3A Pending CN106570392A (en) | 2016-10-21 | 2016-10-21 | Method of modifying passwords periodically |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106570392A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109889336A (en) * | 2019-03-08 | 2019-06-14 | 浙江齐治科技股份有限公司 | A kind of middleware obtains the method, apparatus and system of password |
| CN113792304A (en) * | 2021-08-12 | 2021-12-14 | 青岛海尔科技有限公司 | Database access system and method |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JPH11238010A (en) * | 1998-02-23 | 1999-08-31 | Nec Corp | Management device/method for data base and recording medium recording the method |
| CN1802637A (en) * | 2003-04-10 | 2006-07-12 | 松下电器产业株式会社 | Password change system |
| CN1858794A (en) * | 2006-03-27 | 2006-11-08 | 华为技术有限公司 | Virtual article leasing processing system and method |
| CN102866998A (en) * | 2011-07-05 | 2013-01-09 | 中兴通讯股份有限公司 | Centralized password management method and centralized password management system in synchronous system |
| CN104917740A (en) * | 2014-03-14 | 2015-09-16 | 中国移动通信集团广东有限公司 | Password resetting method and password verifying method and device |
-
2016
- 2016-10-21 CN CN201610919358.3A patent/CN106570392A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JPH11238010A (en) * | 1998-02-23 | 1999-08-31 | Nec Corp | Management device/method for data base and recording medium recording the method |
| CN1802637A (en) * | 2003-04-10 | 2006-07-12 | 松下电器产业株式会社 | Password change system |
| CN1858794A (en) * | 2006-03-27 | 2006-11-08 | 华为技术有限公司 | Virtual article leasing processing system and method |
| CN102866998A (en) * | 2011-07-05 | 2013-01-09 | 中兴通讯股份有限公司 | Centralized password management method and centralized password management system in synchronous system |
| CN104917740A (en) * | 2014-03-14 | 2015-09-16 | 中国移动通信集团广东有限公司 | Password resetting method and password verifying method and device |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109889336A (en) * | 2019-03-08 | 2019-06-14 | 浙江齐治科技股份有限公司 | A kind of middleware obtains the method, apparatus and system of password |
| CN109889336B (en) * | 2019-03-08 | 2022-06-14 | 浙江齐治科技股份有限公司 | Method, device and system for middleware to acquire password |
| CN113792304A (en) * | 2021-08-12 | 2021-12-14 | 青岛海尔科技有限公司 | Database access system and method |
| CN113792304B (en) * | 2021-08-12 | 2023-11-17 | 青岛海尔科技有限公司 | Database access system and method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105468295B (en) | A kind of security protection access method and system for realizing object storage | |
| US10250613B2 (en) | Data access method based on cloud computing platform, and user terminal | |
| WO2015085809A1 (en) | Mobile payment security system with wireless data private network physically isolated from internet | |
| US11245704B2 (en) | Automatically executing responsive actions based on a verification of an account lineage chain | |
| CN105915338A (en) | Key generation method and key generation system | |
| US20100242101A1 (en) | Method and system for securely managing access and encryption credentials in a shared virtualization environment | |
| CN110138779B (en) | Hadoop platform safety management and control method based on multi-protocol reverse proxy | |
| CN107426223B (en) | Cloud document encryption and decryption method, cloud document encryption and decryption device and cloud document processing system | |
| US20220217143A1 (en) | Identity security gateway agent | |
| US20230362263A1 (en) | Automatically Executing Responsive Actions Upon Detecting an Incomplete Account Lineage Chain | |
| CN106330880A (en) | Management method for address book and home gateway | |
| CN110912893A (en) | Account number merging method | |
| CN110175439A (en) | User management method, device, equipment and computer readable storage medium | |
| CN106570392A (en) | Method of modifying passwords periodically | |
| CN108111486A (en) | A kind of method and device for exempting from repeat logon | |
| CN109617929A (en) | Node and user's interactive authentication method and system under block chain network mode | |
| CN108712247A (en) | Server account cipher management method, system and server | |
| CN113448926A (en) | Block chaining operation and maintenance management system and method | |
| CN106302473B (en) | A kind of the duplication maintaining method and system of SQL Server database | |
| CN103678654A (en) | Method for acquiring linkage information in database safety audit | |
| WO2021081705A1 (en) | Method and device for payment platform management, payment platform, and computer storage medium | |
| CN107154982A (en) | A kind of method and system of audit log record | |
| WO2015192796A1 (en) | Automatic application release method and system based on trusted service manager | |
| CN109756495A (en) | A kind of Mail Clients and its email processing method | |
| CN111585967A (en) | Cloud service authentication connection method, system, computer and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20170419 |