CN107370603A - The method and server of a kind of authentication - Google Patents

The method and server of a kind of authentication Download PDF

Info

Publication number
CN107370603A
CN107370603A CN201610322308.7A CN201610322308A CN107370603A CN 107370603 A CN107370603 A CN 107370603A CN 201610322308 A CN201610322308 A CN 201610322308A CN 107370603 A CN107370603 A CN 107370603A
Authority
CN
China
Prior art keywords
information
terminal
answer
abbreviation
validation problem
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201610322308.7A
Other languages
Chinese (zh)
Other versions
CN107370603B (en
Inventor
彭丹丹
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Technology Shenzhen Co Ltd
Original Assignee
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology Shenzhen Co Ltd filed Critical Tencent Technology Shenzhen Co Ltd
Priority to CN201610322308.7A priority Critical patent/CN107370603B/en
Publication of CN107370603A publication Critical patent/CN107370603A/en
Application granted granted Critical
Publication of CN107370603B publication Critical patent/CN107370603B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The embodiment of the invention discloses a kind of method of authentication, for improving the security of authentication.Including:Server obtains abridged in the input method database of first terminal information and corresponding implication information, and information of abridging is that first terminal is recorded according to the input habit of user with corresponding implication information, server generates validation problem further according to abbreviation information, and the first answer of validation problem is generated according to corresponding implication information.Server then carries out authentication according to validation problem and the first answer to second terminal.So, in validation problem and the generating process of answer, user does not know that what specific validation problem and answer be, and when carrying out authentication, because validation problem and answer are set according to the input habit of user, user can know the answer according to personal input habit, and input habit is individual subscriber, and other people are difficult to learn.Therefore, the security of authentication is substantially increased.

Description

The method and server of a kind of authentication
Technical field
The present invention relates to the method and server of server field, more particularly to a kind of authentication
Background technology
In network communications, network security is particularly important, if user is stored in the privacy information quilt in terminal Other people steal, and are likely to result in serious loss.Therefore, in network environment of today, user is either Access network still logs in application, is typically necessary and carries out authentication to user, and user then needs to input Username and password, after server side receives username and password, first judge the user name whether Through being saved, then judge whether the password is correct, when server side preserves the user name, and user is defeated When the password entered password corresponding with the user name preserved is consistent, server side then can be to the body of user Part is authorized.
In general terminal identity verification mode, generally by obtaining the use that is inputted by terminal of user Name in an account book and password are verified, in order to improve the security of authentication, typically require that user is inputted Password need band English alphabet and numeral combination and total number of word must not be less than 6 or 8, due to this limit System, so causing user to often forget about password.
Universal, user in order to remembeing password for a long time, it will usually using the character that oneself is commonly used, such as Birthday number or cell-phone number, but because this kind of password is not the character of absolute privacy, and used Frequency is more frequent, causes this kind of password to be easy to be stolen, therefore, the peace of existing authentication mode Full property is relatively low.
The content of the invention
The embodiments of the invention provide a kind of method of authentication and server, for improving authentication Security.
First aspect of the embodiment of the present invention provides a kind of method of authentication, including:
Obtain abridged in the input method database of first terminal information and corresponding implication information, the abbreviation Information is that the first terminal is recorded according to the input habit of user with corresponding implication information;
According to the abbreviation information generation validation problem;
The first answer of the validation problem is generated according to the corresponding implication information;
Receive the authentication request that second terminal is sent;
Authentication is carried out to the second terminal according to the validation problem and first answer.
In a kind of possible implementation, the abbreviation information is abridged for first letter of pinyin, described corresponding Implication information is the corresponding first choice Chinese of first letter of pinyin abbreviation;Or
The abbreviation information is five acronyms, and the corresponding implication information is five lead-ins The corresponding first choice Chinese of mother's abbreviation.
In alternatively possible implementation, the validation problem includes:User is prompted to input the abbreviation The prompting of implication information corresponding to information.
In alternatively possible implementation, methods described also includes:
The classification information belonging to the corresponding implication information is obtained from the input method database;
Included according to the abbreviation information generation validation problem:
It is to carry according to the abbreviation information and classification information generation validation problem, the validation problem Show the prompting of user's implication information according to corresponding to the classification information input abbreviation information.
In alternatively possible implementation, according to the validation problem and first answer to described Second terminal carries out authentication and specifically included:
The validation problem is sent to second terminal;
Receive the second answer that the second terminal is sent;
Judge whether first answer and second answer are consistent, if unanimously, it is determined that described second Terminal identity is verified;It is if inconsistent, it is determined that the second terminal authentication does not pass through.
Second aspect of the embodiment of the present invention provides a kind of server, including:
Acquiring unit, abridge in the input method database for obtaining first terminal information and corresponding implication Information, the abbreviation information are input habit of the first terminal according to user with corresponding implication information Recorded;
Generation unit, for according to the abbreviation information generation validation problem;
The generation unit is additionally operable to, and the of the validation problem is generated according to the corresponding implication information One answer;
First receiving unit, for receiving the authentication request of second terminal transmission;
Authentication unit, body is carried out to the second terminal for the validation problem and first answer Part checking.
In a kind of possible implementation, the abbreviation information is abridged for first letter of pinyin, described corresponding Implication information is the corresponding first choice Chinese of first letter of pinyin abbreviation;Or
The abbreviation information is five acronyms, and the corresponding implication information is five lead-ins The corresponding first choice Chinese of mother's abbreviation.
In alternatively possible implementation, the validation problem includes:User is prompted to input the abbreviation The prompting of implication information corresponding to information.
In alternatively possible implementation, the acquiring unit is additionally operable to:
The classification information belonging to the corresponding implication information is obtained from the input method database;
The generation unit is specifically used for:
It is to carry according to the abbreviation information and classification information generation validation problem, the validation problem Show the prompting of user's implication information according to corresponding to the classification information input abbreviation information.
In alternatively possible implementation, the authentication unit specifically includes:
Transmitting element, for the validation problem to be sent into second terminal;
Second receiving unit, the second answer sent for receiving the second terminal;
Judging unit, for judging whether first answer and second answer are consistent;
Determining unit, for judging that first answer is consistent with second answer when the judging unit When, determine that the second terminal authentication passes through;
The determining unit is additionally operable to, when the judging unit judges that first answer is answered with described second When case is inconsistent, it is determined that the second terminal authentication does not pass through.
As can be seen from the above technical solutions, the embodiment of the present invention has advantages below:The embodiment of the present invention In, first, server obtains information of being abridged in the input method database of first terminal to be believed with corresponding implication Breath, and information of abridging is that first terminal is recorded according to the input habit of user with corresponding implication information, Further according to abbreviation information generation validation problem, and validation problem is generated according to the corresponding implication information First answer.So, being equivalent to realizes server generates for authentication for user automatically Username and password.When server receives the authentication request of second terminal, server then basis Validation problem and the first answer carry out authentication to second terminal.So, server independently obtains use The input habit at family, validation problem and answer for authentication are generated further according to the input habit of user, Therefore, in validation problem and the generating process of answer, user does not know specific validation problem With answer what is, and when carrying out authentication, because validation problem and answer are according to the defeated of user Entering what custom was set, server first informs user's checking problem, therefore user forgets user name without worry, User can know corresponding answer when knowing validation problem according to personal input habit, and Input habit is individual subscriber, and other people are difficult to learn.Therefore, by scheme of the embodiment of the present invention, greatly The big security for improving authentication.
Brief description of the drawings
Fig. 1 is a schematic diagram of the method for authentication in the embodiment of the present invention;
Fig. 2 is another schematic diagram of the method for authentication in the embodiment of the present invention;
Fig. 3 is a schematic diagram for selecting validation problem in the embodiment of the present invention in practical application scene;
Fig. 4 is a schematic diagram for judging validation problem in the embodiment of the present invention in practical application scene;
Fig. 5 is the schematic diagram of validation problem of being filled a vacancy in the embodiment of the present invention in practical application scene;
Fig. 6 is a schematic diagram of server in the embodiment of the present invention;
Fig. 7 is another schematic diagram of server in the embodiment of the present invention;
Fig. 8 is another schematic diagram of server in the embodiment of the present invention.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out Clearly and completely describing, it is clear that described embodiment is only part of the embodiment of the present invention, and The embodiment being not all of.Based on the embodiment in the present invention, those skilled in the art are not making wound The every other embodiment obtained under the premise of the property made work, belongs to the scope of protection of the invention.
Term " first ", " second " in description and claims of this specification and above-mentioned accompanying drawing, " Three ", the (if present) such as " 4th " is for distinguishing similar object, without specific for describing Order or precedence.It should be appreciated that the data so used can exchange in the appropriate case, so as to The embodiments described herein can be implemented with the order in addition to the content for illustrating or describing herein.This Outside, term " comprising " and " having " and their any deformation, it is intended that cover non-exclusive Comprising for example, containing the process of series of steps or unit, method, system, product or equipment not Be necessarily limited to those steps or the unit clearly listed, but may include not list clearly or for The intrinsic other steps of these processes, method, product or equipment or unit.
The embodiments of the invention provide a kind of method of authentication and server, for improving authentication Security.
Shown in reference picture 1, one embodiment of the method for authentication includes in the embodiment of the present invention:
101st, server obtains abbreviation information from the input method database of first terminal and believed with corresponding implication Breath, the abbreviation information are input habit institute of the first terminal according to user with corresponding implication information Record;
Input method is that user inputs instrument necessary to information to terminal, and therefore, terminal is typically fitted with Input method.Existing input method is more and more intelligent, and it is able to record the input habit of user.Such as In spelling input method, if user first presses " zs " two letters by input method, then by browsing word After group finds " Zhang San " and confirmed, then " Zhang San " displayed on the terminals, when user's continuous several times pass through " zs " During letter input " Zhang San ", terminal can then record the input habit of user, by " zs " and " Zhang San " shape It is stored in into mapping relations in input method database, so, when user presses " sz " two letters next time, Then the preferred Chinese in input method prompting frame is exactly " Zhang San ", facilitates user to directly input.In input method In the mapping relations preserved in database, " zs " then as abbreviation information, " Zhang San " is then used as " zs " Implication information corresponding to information of abridging.
In embodiments of the present invention, then be make use of terminal can preserve user input habit characteristic, So that server automatically generates validation problem and answer according to user's input habit, carrying out identity to terminal tests Card.User's custom is mainly reflected in user and corresponding implication information is inputted using some abbreviation information, because This, server contains firstly the need of abbreviation information is obtained from the input method database of first terminal with corresponding Adopted information.
Optionally, server can be obtained from the input method database of first terminal it is multigroup abbreviation information with Implication information corresponding to multiple.Server retrieves abbreviation all in input method database in first terminal Information and corresponding implication information, such as the abbreviation information that is retrieved of server and corresponding implication letter Breath includes:Abridge information " cs " with corresponding implication information " Changsha " and abridge information " zs " with it is right The implication information " Zhang San " answered, and abbreviation information " lcw " and corresponding implication information " Liang Chaowei ", clothes Being engaged in device can be by all retrieved abbreviation information and corresponding implication acquisition of information, and is used as generation test Card problem and the foundation of the first answer;From retrieval result, the abbreviation information of preset number can also be obtained With corresponding implication information, and as generation validation problem and the first answer foundation.Such as retrieval result In have a three groups of abbreviation information and corresponding implication information, server then obtains wherein two groups as generation checking Problem and the foundation of the first answer.So, the abbreviation information and corresponding implication packet that server obtains Include multigroup, then the validation problem of generation and the first answer also include it is multigroup, can provide user's selection or Person carries out multiple-authentication to user.It is unique to avoid the validation problem subsequently generated, and may cause to use Family can not guess success, cause authentication failed, improve the reliability of user's checking problem, also carry The high security of subscriber authentication.
It should be noted that terminal can include PC (English full name:Personal computer, English abbreviation:PC), the equipment such as handheld terminal.
102nd, the server is according to the abbreviation information generation validation problem;
In the embodiment of the present invention, server obtained from the input method database of first terminal abbreviation information with After corresponding implication information, validation problem can be generated according to the abbreviation information, the validation problem can be with Do not limited herein using the abbreviation information as a part for stem, the specific mode for generating validation problem.
It should be noted that the validation problem can be select permeability, decision problem or fill-in-question etc. Form, concrete form do not limit herein.
103rd, the server generates the first of the validation problem according to the corresponding implication information and answered Case;
When server gets abbreviation information from the input method database in first terminal and corresponding contains During adopted information, then independently according to abbreviation information generation validation problem, and according to the life of corresponding implication information Into the first answer of validation problem, so, validation problem and answer are generated as what server was autonomously generated, User is unaware of, and when carrying out authentication, user can only be guessed by oneself personal input habit Correct answer is surveyed, therefore improves the security of authentication.
, can be with the mark of first terminal offer after server generates validation problem and the first answer Binding storage is carried out, the mark can be login account, user's mark, user name etc., specifically herein not Limit.For example, when user generates QQ close guarantor by computer, user needs to input QQ number first And QQ password login QQ, user input the instruction that request server automatically generates close guarantor, such as clicked on close Generation button is protected, after server receives the instruction, then in the input method database for obtaining the computer Abridge information and corresponding implication information, and by the abbreviation information and corresponding implication information and user QQ number bound.
104th, the server receives the authentication request that second terminal is sent;
When second terminal asks login account or gives password for change or asks to post, it is necessary to carry out identity During checking, then server can receive the authentication request of second terminal transmission.For example, in some societies Hand in website, for user in register account number, the Website server is then automatically according to terminal used in user Validation problem and the first answer are generated, when user needs to log in the website, not only needs input original The user name and password of registration, it is also necessary to answer the validation problem that the Website server is generated, therefore The authentication request can include the answer of user name, password and validation problem that user inputs.Again For example, in the scene of password is given for change, user have forgotten login password, therefore can be according to user name to clothes Business device sends the request for giving password for change, and server then can send validation problem according to the user name and user is entered Row authentication, therefore the authentication request that user is sent by second terminal can only include described test The answer of card problem.In another example in the scene posted of request, user is by user name and close Code successful log, but because present browser has the function of remembeing password, during in order to ensure to post It is user, server, which limits user, which posts, must carry out authentication, therefore when user posts, Validation problem can be sent to terminal used in user, user needs to enter after answering the validation problem Row is posted, therefore the authentication request that is sent by second terminal of user can only include described verify and ask The answer of topic.
The mark of second terminal offer can be provided in the request, such as login account, user mark, used Name in an account book etc., is not limited specifically herein.
105th, the server enters according to the validation problem and first answer to the second terminal Row authentication.
After server receives the authentication request of second terminal transmission, second terminal can be extracted and carried The mark of confession, if the mark that the mark provides with first terminal matches, server is then asked according to checking Topic and the first answer carry out authentication to second terminal.It should be noted that first terminal and second Terminal can be same equipment, or distinct device, carry out authentication to second terminal, be To carrying out authentication using the user of second terminal.
In the embodiment of the present invention, server independently obtains the input habit of user, further according to the input of user Validation problem and answer of the custom generation for authentication, therefore, in validation problem and the generation of answer During, user does not know that what specific validation problem and answer be, and is tested carrying out identity During card, because validation problem and answer are set according to the input habit of user, server informs user Validation problem, user can know corresponding answer according to personal input habit, and input habit is to use Family individual's, other people are difficult to learn.Therefore, by scheme of the embodiment of the present invention, identity is substantially increased The security of checking.
Shown in reference picture 2, another embodiment of the method for authentication includes in the embodiment of the present invention:
201st, server obtains abbreviation information from the input method database of first terminal and believed with corresponding implication Breath, the abbreviation information are input habit institute of the first terminal according to user with corresponding implication information Record;
Optionally, abbreviation information can be acronym, and corresponding implication information can be Chinese.One In the possible implementation of kind, if user often uses spelling input method, then the abbreviation information is that phonetic is first Letter abbreviations, the corresponding implication information are that the corresponding first choice of first letter of pinyin abbreviation is Chinese, Preferred Chinese is arranged in i.e. after user presses first letter of pinyin abbreviation from keyboard in input method choice box The Chinese of first.
In alternatively possible implementation, if user often uses five-stroke input method, then the abbreviation information For five acronyms, the corresponding implication information is the head corresponding to five acronyms Choose text.
It should be noted that the abbreviation information is first letter of pinyin abbreviation or five acronyms It is two kinds of implementations in the embodiment of the present invention, in actual applications, abbreviation information can also include the One word is spelling, and second word is abbreviation, or first character is that second word of abbreviation is the feelings such as spelling Condition.Such as " zsan " or " zhangs " this fall within the abbreviation of " Zhang San ".Information of abridging can be with For the abbreviation of English or other language, corresponding implication information can be then corresponding language content, specifically Do not repeat.
In the embodiment of the present invention, server obtains abbreviation information from the input method database in first terminal And the trigger condition of corresponding implication information can be user's triggering, such as, server receives the The validation problem generation request that one terminal is sent;And in another implementation, server can also basis Predetermined period obtains abbreviation information and corresponding implication information, and generates validation problem and answer, such as, Server obtains once abridge information and corresponding implication for every seven days from the input method database of first terminal Information, and validation problem and answer are generated, so, validation problem can often change with answer, improve The security of authentication.
202nd, the server is obtained from the input method database belonging to the corresponding implication information Classification information;
In input method database, typically can all classification packet be carried out to many phrases or individual character, it is optional , the packet of classification can be stored in terminal local, can also be stored in the input method server of distal end. Such as including automotive-type, stars, place name class etc., then phrase as " Cayenne " then belongs to automobile Class, phrase as " Fan Bingbing " then belong to stars, and phrase then belongs to place name class as " Changsha ". Such classification information has indicative effect to abbreviation information, so server is getting abbreviation information And after corresponding implication information, can according to the classification described in the implication acquisition of information implication information, than If the implication information is " Changsha ", then the classification that server can also obtain " Changsha " is place name.
, can also be by server come to the class belonging to the corresponding implication information in another implementation Other information is grouped.For example it is " Changsha " that server, which gets implication information corresponding to " cs ", so The classification information according to belonging to " Changsha " in " Changsha " search server database itself is place name afterwards.
It should be noted that step 202 is optional step.
203rd, the server is according to the abbreviation information generation validation problem;
Specifically, server can be according to abbreviation information generation validation problem:Server is believed according to abbreviation Breath generation prompting, the prompting are used to prompt implication information corresponding to user's input abbreviation information.Such as If information of abridging is " cs ", then the validation problem generated can be that " please input corresponding to " cs " Chinese ".Prompt message can be set more specifically, such as " " cs " please is inputted on keyboard, and root Preferred Chinese is inputted according to choice box ".
Optionally, if server also obtains the classification belonging to implication information, then what server was generated Validation problem can also include the classification, for example validation problem is " please input place name corresponding to " cs " ". So, it provide the user corresponding prompt message so that user inputs more accurate during answer.
204th, the server generates the first of the validation problem according to the corresponding implication information and answered Case;
Detailed content is with reference to described in step 103.
205th, the server receives the authentication request that second terminal is sent;
Detailed content is with reference to described in step 104.
206th, the validation problem is sent to second terminal by the server;
Because validation problem and the first answer all preserve in the server, so working as needs to enter second terminal During row authentication, server can identify according to second terminal entrained in authentication request, from Validation problem corresponding to being retrieved in memory and corresponding first answer, and validation problem will be sent to Second terminal.
Optionally, because server is to obtain abbreviation information from the input method database of terminal with implication to believe Breath be autonomously generated validation problem and answer, and so, user is not know that specific checking is asked Topic and answer, it may so cause user can not guess correct option according to validation problem for the moment, Cause authentication failed;So in embodiments of the present invention, server is carrying out authentication to second terminal When, multiple validation problems can be sent to second terminal, second terminal is enumerated these validation problems, Independently select one of them to answer by user, answer questions can authentication pass through.So, use is improved Experience at family.
Or when validation problem is Universal Problems, such as " place name corresponding to " cs " please be input ", Appropriator may guess correct option, and be assumed another's name to be verified caused by possibility.So in the present invention In embodiment, server can be sent multiple when carrying out authentication to second terminal to second terminal Validation problem, and require that user answers questions wherein whole issue or most of problem just judges that user identity is tested Card passes through.Such as server send five validation problems, it is desirable to user answer questions wherein three be just able to verify that it is logical Cross.So, the security of authentication is improved.
207th, the server receives the second answer that the second terminal is sent;
When second terminal receives the validation problem of server transmission, the validation problem can be shown, user When seeing the validation problem shown by second terminal, then can be inputted in input frame corresponding to the second answer, Second user answer is then sent to server by second terminal, and judge user's input by server second is answered Whether case is correct.
208th, the server judges whether first answer and second answer are consistent, if unanimously, Then determine that the second terminal authentication passes through;It is if inconsistent, it is determined that the second terminal identity is tested Card does not pass through;
When server receives the second answer of second terminal transmission, then the second answer is somebody's turn to do with what is preserved The first answer corresponding to validation problem is compared, and the second answer of institute is consistent with the first answer, it is determined that Second terminal authentication is by if inconsistent, it is determined that second terminal authentication does not pass through.
For ease of understanding, auth method is described in detail with a specific application scenarios below:
User A carries out word input using QQ input methods on computers, through use after a while, QQ input methods meeting counting user A use habit, the result of statistics can be:User A inputs " cs " The probability for having 93% when being abridged as first letter of pinyin can select in candidate word " Changsha " to be tied as input Fruit, the probability for having 5% can select in candidate word " parameter " to be used as input results, the probability meeting for having 2% " transmission " in selection candidate word is used as input results, then QQ input methods can believe " cs " as abbreviation Breath, and Chinese implication " Changsha " corresponding to it is subjected to binding record as implication information.
User A often logs in QQ mailbox receiving and dispatching mails, to improve the security of mailbox, facilitating user A gives password or more new password for change in time after mailbox is maliciously usurped, and QQ mailbox servers provide close guarantor Service, that is, the higher close guarantor's problem of privacy and Mi Bao answers are set.
Close guarantor's problem and Mi Bao answers can voluntarily be set by user A, can also be by QQ mailbox services Device is set automatically, and when being set automatically by QQ mailbox servers, QQ mailbox servers can be every seven days The computer used to user A sends information acquisition request, and the computer can extract currently from QQ input methods The binding of information of abridging and corresponding implication information (such as " cs " and " Changsha ") records, and is sent to QQ mailbox servers.
After QQ mailbox servers receive the abbreviation information " cs " and corresponding implication information " Changsha ", The classification information belonging to implication information " Changsha " can be determined from input method database locally or remotely " place name ".
Then, QQ mailbox servers selection validation problem masterplate, the form of validation problem, the checking are determined The form of problem can be multiple-choice question, or True-False, can also be gap-filling questions, it is necessary to explanation That different validation problem masterplates goes for different security level requireds, security level required compared with Under low scene, multiple-choice question masterplate can be used, under security level required in general scene, can select True-False masterplate, under the higher scene of security level required, gap-filling questions masterplate can be selected.
Fig. 3 to Fig. 5 is referred to, Fig. 3 is multiple-choice question interface schematic diagram, and Fig. 4 is True-False interface schematic diagram, Fig. 5 is gap-filling questions interface schematic diagram.
In the present embodiment, the level of security of QQ mailbox servers requirement is higher, therefore uses gap-filling questions masterplate, The validation problem of generation is " please input place name corresponding to cs ".
QQ mailbox servers also need to the standard according to corresponding to implication information " Changsha " generates the validation problem Answer, i.e. " Changsha ", meanwhile, QQ mailbox servers can also read user A and currently log in QQ mailboxes QQ number 12345, and QQ number, validation problem and model answer are associated preservation.
When user A has forgotten the QQ mailbox passwords of oneself, then more new password can be protected by close, now User A can send password update to QQ mailbox servers by computer or other-end and ask, the password User A QQ number 12345 is carried in renewal request, QQ mailbox servers receive the password update After request, validation problem " place name corresponding to please inputting cs " is extracted according to QQ number.
When user A directly inputs first letter of pinyin " cs " using QQ input methods, according to QQ input methods The use habit recorded, the phrases such as " Changsha ", " parameter " " transmission " can be shown, in the word of display In group result, rational phrase is independently selected by user, and as shielding in answer, QQ mailbox servers receive This is answered after answer, can determine that the answer of answering is consistent with model answer by comparing, you can confirms logical Authentication is crossed, subsequent operation can be carried out.
And if user B has illegally known user A QQ number, and attempt to steal user A QQ mailboxes When, user B can send password update to QQ mailbox servers by computer or other-end and ask, should User A QQ number 12345 is carried in password update request, QQ mailbox servers receive the password After renewal request, validation problem " place name corresponding to please inputting cs " is extracted according to QQ number.
Although existing certain prompting in validation problem, i.e., " place name ", because user B and user A make Might not be identical with the use habit of input method, when user's B input Pinyins acronym " cs ", Due to user B and user A input habit is unaware of, is shielded so user B can be selected as in answer Chinese implication is probably " Changshu ", " Chaozhou-Shantou region " etc., and when the answer of answering of these Chinese implications is sent out Deliver to after QQ mailbox servers, because the answer of answering is inconsistent with model answer, then QQ mailboxes take Business device can refuse user B password update request.
Shown in reference picture 6, one embodiment of server includes in the embodiment of the present invention:
Acquiring unit 601, abbreviation information contains with corresponding in the input method database for obtaining first terminal Adopted information, the abbreviation information are that the first terminal is practised according to the input of user with corresponding implication information It is used to what is recorded;
Detailed content is with reference to described in step 101.
Generation unit 602, for according to the abbreviation information generation validation problem;
Detailed content is with reference to described in step 102.
The generation unit 602 is additionally operable to, and the validation problem is generated according to the corresponding implication information The first answer;
Detailed content is with reference to described in step 103.
First receiving unit 603, for receiving the authentication request of second terminal transmission;
Detailed content is with reference to described in step 104.
Authentication unit 604, the second terminal is carried out for the validation problem and first answer Authentication;
Detailed content is with reference to described in step 105.
Shown in reference picture 7, another embodiment of server includes in the embodiment of the present invention:
Acquiring unit 701, abbreviation information contains with corresponding in the input method database for obtaining first terminal Adopted information, the abbreviation information are that the first terminal is practised according to the input of user with corresponding implication information It is used to what is recorded;
Detailed content is with reference to described in step 201.
The acquiring unit 701 is additionally operable to:The corresponding implication is obtained from the input method database Classification information belonging to information;
Detailed content is with reference to described in step 202.
Generation unit 702, for according to the abbreviation information generation validation problem;
Detailed content is with reference to described in step 203.
The generation unit 702 is additionally operable to, and the validation problem is generated according to the corresponding implication information The first answer;
Detailed content is with reference to described in step 204.
First receiving unit 703, for receiving the authentication request of second terminal transmission;
Detailed content is with reference to described in step 205.
Authentication unit 704 specifically includes:Transmitting element 7041, for the validation problem to be sent into Two terminals;
Detailed content is with reference to described in step 206.
Second receiving unit 7042, the second answer sent for receiving the second terminal;
Detailed content is with reference to described in step 207.
Judging unit 7043, for judging whether first answer and second answer are consistent;
Determining unit 7044, for judging first answer and second answer when the judging unit When consistent, determine that the second terminal authentication passes through;
The determining unit 7044 is additionally operable to, when the judging unit judges first answer and described the When two answers are inconsistent, it is determined that the second terminal authentication does not pass through.
Detailed content is with reference to described in step 208.
It should be noted that acquiring unit, generation unit list in the embodiment of the present invention described in server Member, judging unit and determining unit can be integrated and realized on a processor, the first receiving unit, second Receiving unit and transmitting element can integrate to be realized on the transceiver, wherein, processor includes centre Manage device (Central Processing Unit, CPU), application specific integrated circuit (Application Specific Integrated Circuit, referred to as:ASIC), field programmable gate array (Field-Programmable Gate Array, referred to as:) or other PLDs etc. FPGA.
Fig. 8 is a kind of server architecture schematic diagram provided in an embodiment of the present invention, and the server 800 can be because Configuration or performance are different and produce bigger difference, can include one or more central processing units (central processing units, CPU) 822 (for example, one or more processors) and storage Device 832, one or more storage application programs 842 or data 844 storage medium 830 (such as One or more mass memory units).Wherein, memory 832 and storage medium 830 can be short Temporary storage or persistently storage.One or more moulds can be included by being stored in the program of storage medium 830 Block (diagram does not mark), each module can include operating the series of instructions in server.More enter one Step ground, central processing unit 822 could be arranged to communicate with storage medium 830, held on server 800 Series of instructions operation in row storage medium 830.
Server 800 can also include one or more power supplys 826, one or more it is wired or Radio network interface 850, one or more input/output interfaces 858, and/or, one or one with Upper operating system 841, such as Windows ServerTM, Mac OS XTM, UnixTM, LinuxTM, FreeBSDTM etc..
Can be based on the server architecture shown in the Fig. 8 as the step performed by server in above-described embodiment.
It is apparent to those skilled in the art that for convenience and simplicity of description, it is above-mentioned to retouch The specific work process for the system, apparatus, and unit stated, it may be referred to the correspondence in preceding method embodiment Process, it will not be repeated here.
In several embodiments provided herein, it should be understood that disclosed system, device and Method, it can realize by another way.For example, device embodiment described above is only to show Meaning property, for example, the division of the unit, only a kind of division of logic function can when actually realizing To there is other dividing mode, such as multiple units or component can combine or be desirably integrated into another System, or some features can be ignored, or not perform.Another, shown or discussed is mutual Coupling or direct-coupling or communication connection can be INDIRECT COUPLING by some interfaces, device or unit Or communication connection, can be electrical, mechanical or other forms.
The unit illustrated as separating component can be or may not be it is physically separate, make It can be for the part that unit is shown or may not be physical location, you can with positioned at a place, Or it can also be distributed on multiple NEs.Can select according to the actual needs part therein or Person's whole unit realizes the purpose of this embodiment scheme.
In addition, each functional unit in each embodiment of the present invention can be integrated in a processing unit In or unit be individually physically present, can also two or more units be integrated in one In individual unit.Above-mentioned integrated unit can both be realized in the form of hardware, can also use software work( The form of energy unit is realized.
If the integrated unit is realized in the form of SFU software functional unit and is used as independent production marketing Or in use, it can be stored in a computer read/write memory medium.Based on such understanding, sheet Part that the technical scheme of invention substantially contributes to prior art in other words or the technical scheme It can completely or partially be embodied in the form of software product, the computer software product is stored in one In storage medium, including some instructions to cause a computer equipment (can be personal computer, Server, or network equipment etc.) perform all or part of step of each embodiment methods described of the present invention Suddenly.And foregoing storage medium includes:USB flash disk, mobile hard disk, read-only storage (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), Magnetic disc or CD etc. are various can be with the medium of store program codes.
Described above, the above embodiments are merely illustrative of the technical solutions of the present invention, rather than its limitations; Although the present invention is described in detail with reference to the foregoing embodiments, one of ordinary skill in the art should Work as understanding:It can still modify to the technical scheme described in foregoing embodiments, or to it Middle some technical characteristics carry out equivalent substitution;And these modifications or replacement, do not make appropriate technical solution Essence depart from various embodiments of the present invention technical scheme spirit and scope.

Claims (10)

  1. A kind of 1. method of authentication, it is characterised in that methods described includes:
    Obtain abridged in the input method database of first terminal information and corresponding implication information, the abbreviation Information is that the first terminal is recorded according to the input habit of user with corresponding implication information;
    According to the abbreviation information generation validation problem;
    The first answer of the validation problem is generated according to the corresponding implication information;
    Receive the authentication request that second terminal is sent;
    Authentication is carried out to the second terminal according to the validation problem and first answer.
  2. 2. according to the method for claim 1, it is characterised in that the abbreviation information is phonetic lead-in Mother's abbreviation, the corresponding implication information are that the corresponding first choice of first letter of pinyin abbreviation is Chinese;Or Person,
    The abbreviation information is five acronyms, and the corresponding implication information is five lead-ins The corresponding first choice Chinese of mother's abbreviation.
  3. 3. according to the method for claim 1, it is characterised in that the validation problem includes:Prompting The prompting of implication information corresponding to user's input abbreviation information.
  4. 4. according to the method for claim 1, it is characterised in that methods described also includes:
    The classification information belonging to the corresponding implication information is obtained from the input method database;
    Included according to the abbreviation information generation validation problem:
    It is to carry according to the abbreviation information and classification information generation validation problem, the validation problem Show the prompting of user's implication information according to corresponding to the classification information input abbreviation information.
  5. 5. according to the method described in Claims 1-4 wherein any one, it is characterised in that described Authentication is carried out according to the validation problem and first answer to the second terminal to specifically include:
    The validation problem is sent to second terminal;
    Receive the second answer that the second terminal is sent;
    Judge whether first answer and second answer are consistent, if unanimously, it is determined that described second Terminal identity is verified;It is if inconsistent, it is determined that the second terminal authentication does not pass through.
  6. 6. a kind of server, it is characterised in that the server includes:
    Acquiring unit, abridge in the input method database for obtaining first terminal information and corresponding implication Information, the abbreviation information are input habit of the first terminal according to user with corresponding implication information Recorded;
    Generation unit, for according to the abbreviation information generation validation problem;
    The generation unit is additionally operable to, and the of the validation problem is generated according to the corresponding implication information One answer;
    First receiving unit, for receiving the authentication request of second terminal transmission;
    Authentication unit, body is carried out to the second terminal for the validation problem and first answer Part checking.
  7. 7. server according to claim 6, it is characterised in that the abbreviation information is that phonetic is first Letter abbreviations, the corresponding implication information are that the corresponding first choice of first letter of pinyin abbreviation is Chinese; Or
    The abbreviation information is five acronyms, and the corresponding implication information is five lead-ins The corresponding first choice Chinese of mother's abbreviation.
  8. 8. server according to claim 6, it is characterised in that the validation problem includes:Carry Show the prompting of implication information corresponding to user's input abbreviation information.
  9. 9. server according to claim 6, it is characterised in that the acquiring unit is additionally operable to:
    The classification information belonging to the corresponding implication information is obtained from the input method database;
    The generation unit is specifically used for:
    It is to carry according to the abbreviation information and classification information generation validation problem, the validation problem Show the prompting of user's implication information according to corresponding to the classification information input abbreviation information.
  10. 10. according to the server described in claim 6 to 9 wherein any one, it is characterised in that institute Authentication unit is stated to specifically include:
    Transmitting element, for the validation problem to be sent into second terminal;
    Second receiving unit, the second answer sent for receiving the second terminal;
    Judging unit, for judging whether first answer and second answer are consistent;
    Determining unit, for judging that first answer is consistent with second answer when the judging unit When, determine that the second terminal authentication passes through;
    The determining unit is additionally operable to, when the judging unit judges that first answer is answered with described second When case is inconsistent, it is determined that the second terminal authentication does not pass through.
CN201610322308.7A 2016-05-13 2016-05-13 Identity authentication method, server and computer readable storage medium Active CN107370603B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610322308.7A CN107370603B (en) 2016-05-13 2016-05-13 Identity authentication method, server and computer readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610322308.7A CN107370603B (en) 2016-05-13 2016-05-13 Identity authentication method, server and computer readable storage medium

Publications (2)

Publication Number Publication Date
CN107370603A true CN107370603A (en) 2017-11-21
CN107370603B CN107370603B (en) 2020-05-05

Family

ID=60304227

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610322308.7A Active CN107370603B (en) 2016-05-13 2016-05-13 Identity authentication method, server and computer readable storage medium

Country Status (1)

Country Link
CN (1) CN107370603B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108090373A (en) * 2017-12-26 2018-05-29 赤脊山科技(广州)有限公司 A kind of data processing and exploitation total management system

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2006107134A (en) * 2004-10-05 2006-04-20 Japan Science & Technology Agency Health information providing system, and method thereof
CN101414905A (en) * 2007-10-17 2009-04-22 谢丹 Various selectivity cipher safety authentication system and method
CN102063452A (en) * 2010-05-31 2011-05-18 百度在线网络技术(北京)有限公司 Method, equipment, server and system for inputting characters by user
CN102075507A (en) * 2010-07-30 2011-05-25 百度在线网络技术(北京)有限公司 User verification method and equipment based on word-sentence verification diagram
CN104917612A (en) * 2014-03-14 2015-09-16 腾讯科技(深圳)有限公司 Identity verification method and device

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2006107134A (en) * 2004-10-05 2006-04-20 Japan Science & Technology Agency Health information providing system, and method thereof
CN101414905A (en) * 2007-10-17 2009-04-22 谢丹 Various selectivity cipher safety authentication system and method
CN102063452A (en) * 2010-05-31 2011-05-18 百度在线网络技术(北京)有限公司 Method, equipment, server and system for inputting characters by user
CN102075507A (en) * 2010-07-30 2011-05-25 百度在线网络技术(北京)有限公司 User verification method and equipment based on word-sentence verification diagram
CN104917612A (en) * 2014-03-14 2015-09-16 腾讯科技(深圳)有限公司 Identity verification method and device

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108090373A (en) * 2017-12-26 2018-05-29 赤脊山科技(广州)有限公司 A kind of data processing and exploitation total management system

Also Published As

Publication number Publication date
CN107370603B (en) 2020-05-05

Similar Documents

Publication Publication Date Title
US8881251B1 (en) Electronic authentication using pictures and images
TWI592820B (en) Man-machine recognition method and system
CN106161392B (en) A kind of auth method and equipment
KR102125348B1 (en) Auto-reply methods, devices, equipment, and computer-readable storage media
CN104135365B (en) Method, server and the client that access request is verified
CN105376287B (en) Account data processing method, system and server
US20170300676A1 (en) Method and device for realizing verification code
CN107800672A (en) A kind of Information Authentication method, electronic equipment, server and information authentication system
JP2007522551A (en) Multi-select challenge-response user authentication system and method
CN103546877A (en) Method and system for obtaining and inputting content code and mobile terminal
WO2014108003A1 (en) Method for verifying sensitive operations, terminal device, server, and verification system
CN109194689B (en) Abnormal behavior recognition method, device, server and storage medium
US20170017782A1 (en) Access Code Obfuscation Using Speech Input
CN109902459A (en) Man-machine identification verification method, system, equipment and the storage medium of WEB page
CN110990811A (en) Identity authentication method and device
CN107517180A (en) Login method and device
CN109460653A (en) Verification method, verifying equipment, storage medium and the device of rule-based engine
CN108111533A (en) The registration login method and system of APP
CN107196889A (en) The detection method and device of corpse account
US20050114679A1 (en) Method and apparatus for extracting authentication information from a user
CN107612915A (en) The method and apparatus of the anti-password cracking of double secure forms based on checking code conversion
CN107231358B (en) Questionnaire data acquisition method, server and mobile terminal
KR101182629B1 (en) Learning services providing method and system
CN107370603A (en) The method and server of a kind of authentication
CN107172088A (en) A kind of data processing method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant