CN107370603A - The method and server of a kind of authentication - Google Patents
The method and server of a kind of authentication Download PDFInfo
- Publication number
- CN107370603A CN107370603A CN201610322308.7A CN201610322308A CN107370603A CN 107370603 A CN107370603 A CN 107370603A CN 201610322308 A CN201610322308 A CN 201610322308A CN 107370603 A CN107370603 A CN 107370603A
- Authority
- CN
- China
- Prior art keywords
- information
- terminal
- answer
- abbreviation
- validation problem
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Telephonic Communication Services (AREA)
Abstract
The embodiment of the invention discloses a kind of method of authentication, for improving the security of authentication.Including:Server obtains abridged in the input method database of first terminal information and corresponding implication information, and information of abridging is that first terminal is recorded according to the input habit of user with corresponding implication information, server generates validation problem further according to abbreviation information, and the first answer of validation problem is generated according to corresponding implication information.Server then carries out authentication according to validation problem and the first answer to second terminal.So, in validation problem and the generating process of answer, user does not know that what specific validation problem and answer be, and when carrying out authentication, because validation problem and answer are set according to the input habit of user, user can know the answer according to personal input habit, and input habit is individual subscriber, and other people are difficult to learn.Therefore, the security of authentication is substantially increased.
Description
Technical field
The present invention relates to the method and server of server field, more particularly to a kind of authentication
Background technology
In network communications, network security is particularly important, if user is stored in the privacy information quilt in terminal
Other people steal, and are likely to result in serious loss.Therefore, in network environment of today, user is either
Access network still logs in application, is typically necessary and carries out authentication to user, and user then needs to input
Username and password, after server side receives username and password, first judge the user name whether
Through being saved, then judge whether the password is correct, when server side preserves the user name, and user is defeated
When the password entered password corresponding with the user name preserved is consistent, server side then can be to the body of user
Part is authorized.
In general terminal identity verification mode, generally by obtaining the use that is inputted by terminal of user
Name in an account book and password are verified, in order to improve the security of authentication, typically require that user is inputted
Password need band English alphabet and numeral combination and total number of word must not be less than 6 or 8, due to this limit
System, so causing user to often forget about password.
Universal, user in order to remembeing password for a long time, it will usually using the character that oneself is commonly used, such as
Birthday number or cell-phone number, but because this kind of password is not the character of absolute privacy, and used
Frequency is more frequent, causes this kind of password to be easy to be stolen, therefore, the peace of existing authentication mode
Full property is relatively low.
The content of the invention
The embodiments of the invention provide a kind of method of authentication and server, for improving authentication
Security.
First aspect of the embodiment of the present invention provides a kind of method of authentication, including:
Obtain abridged in the input method database of first terminal information and corresponding implication information, the abbreviation
Information is that the first terminal is recorded according to the input habit of user with corresponding implication information;
According to the abbreviation information generation validation problem;
The first answer of the validation problem is generated according to the corresponding implication information;
Receive the authentication request that second terminal is sent;
Authentication is carried out to the second terminal according to the validation problem and first answer.
In a kind of possible implementation, the abbreviation information is abridged for first letter of pinyin, described corresponding
Implication information is the corresponding first choice Chinese of first letter of pinyin abbreviation;Or
The abbreviation information is five acronyms, and the corresponding implication information is five lead-ins
The corresponding first choice Chinese of mother's abbreviation.
In alternatively possible implementation, the validation problem includes:User is prompted to input the abbreviation
The prompting of implication information corresponding to information.
In alternatively possible implementation, methods described also includes:
The classification information belonging to the corresponding implication information is obtained from the input method database;
Included according to the abbreviation information generation validation problem:
It is to carry according to the abbreviation information and classification information generation validation problem, the validation problem
Show the prompting of user's implication information according to corresponding to the classification information input abbreviation information.
In alternatively possible implementation, according to the validation problem and first answer to described
Second terminal carries out authentication and specifically included:
The validation problem is sent to second terminal;
Receive the second answer that the second terminal is sent;
Judge whether first answer and second answer are consistent, if unanimously, it is determined that described second
Terminal identity is verified;It is if inconsistent, it is determined that the second terminal authentication does not pass through.
Second aspect of the embodiment of the present invention provides a kind of server, including:
Acquiring unit, abridge in the input method database for obtaining first terminal information and corresponding implication
Information, the abbreviation information are input habit of the first terminal according to user with corresponding implication information
Recorded;
Generation unit, for according to the abbreviation information generation validation problem;
The generation unit is additionally operable to, and the of the validation problem is generated according to the corresponding implication information
One answer;
First receiving unit, for receiving the authentication request of second terminal transmission;
Authentication unit, body is carried out to the second terminal for the validation problem and first answer
Part checking.
In a kind of possible implementation, the abbreviation information is abridged for first letter of pinyin, described corresponding
Implication information is the corresponding first choice Chinese of first letter of pinyin abbreviation;Or
The abbreviation information is five acronyms, and the corresponding implication information is five lead-ins
The corresponding first choice Chinese of mother's abbreviation.
In alternatively possible implementation, the validation problem includes:User is prompted to input the abbreviation
The prompting of implication information corresponding to information.
In alternatively possible implementation, the acquiring unit is additionally operable to:
The classification information belonging to the corresponding implication information is obtained from the input method database;
The generation unit is specifically used for:
It is to carry according to the abbreviation information and classification information generation validation problem, the validation problem
Show the prompting of user's implication information according to corresponding to the classification information input abbreviation information.
In alternatively possible implementation, the authentication unit specifically includes:
Transmitting element, for the validation problem to be sent into second terminal;
Second receiving unit, the second answer sent for receiving the second terminal;
Judging unit, for judging whether first answer and second answer are consistent;
Determining unit, for judging that first answer is consistent with second answer when the judging unit
When, determine that the second terminal authentication passes through;
The determining unit is additionally operable to, when the judging unit judges that first answer is answered with described second
When case is inconsistent, it is determined that the second terminal authentication does not pass through.
As can be seen from the above technical solutions, the embodiment of the present invention has advantages below:The embodiment of the present invention
In, first, server obtains information of being abridged in the input method database of first terminal to be believed with corresponding implication
Breath, and information of abridging is that first terminal is recorded according to the input habit of user with corresponding implication information,
Further according to abbreviation information generation validation problem, and validation problem is generated according to the corresponding implication information
First answer.So, being equivalent to realizes server generates for authentication for user automatically
Username and password.When server receives the authentication request of second terminal, server then basis
Validation problem and the first answer carry out authentication to second terminal.So, server independently obtains use
The input habit at family, validation problem and answer for authentication are generated further according to the input habit of user,
Therefore, in validation problem and the generating process of answer, user does not know specific validation problem
With answer what is, and when carrying out authentication, because validation problem and answer are according to the defeated of user
Entering what custom was set, server first informs user's checking problem, therefore user forgets user name without worry,
User can know corresponding answer when knowing validation problem according to personal input habit, and
Input habit is individual subscriber, and other people are difficult to learn.Therefore, by scheme of the embodiment of the present invention, greatly
The big security for improving authentication.
Brief description of the drawings
Fig. 1 is a schematic diagram of the method for authentication in the embodiment of the present invention;
Fig. 2 is another schematic diagram of the method for authentication in the embodiment of the present invention;
Fig. 3 is a schematic diagram for selecting validation problem in the embodiment of the present invention in practical application scene;
Fig. 4 is a schematic diagram for judging validation problem in the embodiment of the present invention in practical application scene;
Fig. 5 is the schematic diagram of validation problem of being filled a vacancy in the embodiment of the present invention in practical application scene;
Fig. 6 is a schematic diagram of server in the embodiment of the present invention;
Fig. 7 is another schematic diagram of server in the embodiment of the present invention;
Fig. 8 is another schematic diagram of server in the embodiment of the present invention.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out
Clearly and completely describing, it is clear that described embodiment is only part of the embodiment of the present invention, and
The embodiment being not all of.Based on the embodiment in the present invention, those skilled in the art are not making wound
The every other embodiment obtained under the premise of the property made work, belongs to the scope of protection of the invention.
Term " first ", " second " in description and claims of this specification and above-mentioned accompanying drawing, "
Three ", the (if present) such as " 4th " is for distinguishing similar object, without specific for describing
Order or precedence.It should be appreciated that the data so used can exchange in the appropriate case, so as to
The embodiments described herein can be implemented with the order in addition to the content for illustrating or describing herein.This
Outside, term " comprising " and " having " and their any deformation, it is intended that cover non-exclusive
Comprising for example, containing the process of series of steps or unit, method, system, product or equipment not
Be necessarily limited to those steps or the unit clearly listed, but may include not list clearly or for
The intrinsic other steps of these processes, method, product or equipment or unit.
The embodiments of the invention provide a kind of method of authentication and server, for improving authentication
Security.
Shown in reference picture 1, one embodiment of the method for authentication includes in the embodiment of the present invention:
101st, server obtains abbreviation information from the input method database of first terminal and believed with corresponding implication
Breath, the abbreviation information are input habit institute of the first terminal according to user with corresponding implication information
Record;
Input method is that user inputs instrument necessary to information to terminal, and therefore, terminal is typically fitted with
Input method.Existing input method is more and more intelligent, and it is able to record the input habit of user.Such as
In spelling input method, if user first presses " zs " two letters by input method, then by browsing word
After group finds " Zhang San " and confirmed, then " Zhang San " displayed on the terminals, when user's continuous several times pass through " zs "
During letter input " Zhang San ", terminal can then record the input habit of user, by " zs " and " Zhang San " shape
It is stored in into mapping relations in input method database, so, when user presses " sz " two letters next time,
Then the preferred Chinese in input method prompting frame is exactly " Zhang San ", facilitates user to directly input.In input method
In the mapping relations preserved in database, " zs " then as abbreviation information, " Zhang San " is then used as " zs "
Implication information corresponding to information of abridging.
In embodiments of the present invention, then be make use of terminal can preserve user input habit characteristic,
So that server automatically generates validation problem and answer according to user's input habit, carrying out identity to terminal tests
Card.User's custom is mainly reflected in user and corresponding implication information is inputted using some abbreviation information, because
This, server contains firstly the need of abbreviation information is obtained from the input method database of first terminal with corresponding
Adopted information.
Optionally, server can be obtained from the input method database of first terminal it is multigroup abbreviation information with
Implication information corresponding to multiple.Server retrieves abbreviation all in input method database in first terminal
Information and corresponding implication information, such as the abbreviation information that is retrieved of server and corresponding implication letter
Breath includes:Abridge information " cs " with corresponding implication information " Changsha " and abridge information " zs " with it is right
The implication information " Zhang San " answered, and abbreviation information " lcw " and corresponding implication information " Liang Chaowei ", clothes
Being engaged in device can be by all retrieved abbreviation information and corresponding implication acquisition of information, and is used as generation test
Card problem and the foundation of the first answer;From retrieval result, the abbreviation information of preset number can also be obtained
With corresponding implication information, and as generation validation problem and the first answer foundation.Such as retrieval result
In have a three groups of abbreviation information and corresponding implication information, server then obtains wherein two groups as generation checking
Problem and the foundation of the first answer.So, the abbreviation information and corresponding implication packet that server obtains
Include multigroup, then the validation problem of generation and the first answer also include it is multigroup, can provide user's selection or
Person carries out multiple-authentication to user.It is unique to avoid the validation problem subsequently generated, and may cause to use
Family can not guess success, cause authentication failed, improve the reliability of user's checking problem, also carry
The high security of subscriber authentication.
It should be noted that terminal can include PC (English full name:Personal computer,
English abbreviation:PC), the equipment such as handheld terminal.
102nd, the server is according to the abbreviation information generation validation problem;
In the embodiment of the present invention, server obtained from the input method database of first terminal abbreviation information with
After corresponding implication information, validation problem can be generated according to the abbreviation information, the validation problem can be with
Do not limited herein using the abbreviation information as a part for stem, the specific mode for generating validation problem.
It should be noted that the validation problem can be select permeability, decision problem or fill-in-question etc.
Form, concrete form do not limit herein.
103rd, the server generates the first of the validation problem according to the corresponding implication information and answered
Case;
When server gets abbreviation information from the input method database in first terminal and corresponding contains
During adopted information, then independently according to abbreviation information generation validation problem, and according to the life of corresponding implication information
Into the first answer of validation problem, so, validation problem and answer are generated as what server was autonomously generated,
User is unaware of, and when carrying out authentication, user can only be guessed by oneself personal input habit
Correct answer is surveyed, therefore improves the security of authentication.
, can be with the mark of first terminal offer after server generates validation problem and the first answer
Binding storage is carried out, the mark can be login account, user's mark, user name etc., specifically herein not
Limit.For example, when user generates QQ close guarantor by computer, user needs to input QQ number first
And QQ password login QQ, user input the instruction that request server automatically generates close guarantor, such as clicked on close
Generation button is protected, after server receives the instruction, then in the input method database for obtaining the computer
Abridge information and corresponding implication information, and by the abbreviation information and corresponding implication information and user
QQ number bound.
104th, the server receives the authentication request that second terminal is sent;
When second terminal asks login account or gives password for change or asks to post, it is necessary to carry out identity
During checking, then server can receive the authentication request of second terminal transmission.For example, in some societies
Hand in website, for user in register account number, the Website server is then automatically according to terminal used in user
Validation problem and the first answer are generated, when user needs to log in the website, not only needs input original
The user name and password of registration, it is also necessary to answer the validation problem that the Website server is generated, therefore
The authentication request can include the answer of user name, password and validation problem that user inputs.Again
For example, in the scene of password is given for change, user have forgotten login password, therefore can be according to user name to clothes
Business device sends the request for giving password for change, and server then can send validation problem according to the user name and user is entered
Row authentication, therefore the authentication request that user is sent by second terminal can only include described test
The answer of card problem.In another example in the scene posted of request, user is by user name and close
Code successful log, but because present browser has the function of remembeing password, during in order to ensure to post
It is user, server, which limits user, which posts, must carry out authentication, therefore when user posts,
Validation problem can be sent to terminal used in user, user needs to enter after answering the validation problem
Row is posted, therefore the authentication request that is sent by second terminal of user can only include described verify and ask
The answer of topic.
The mark of second terminal offer can be provided in the request, such as login account, user mark, used
Name in an account book etc., is not limited specifically herein.
105th, the server enters according to the validation problem and first answer to the second terminal
Row authentication.
After server receives the authentication request of second terminal transmission, second terminal can be extracted and carried
The mark of confession, if the mark that the mark provides with first terminal matches, server is then asked according to checking
Topic and the first answer carry out authentication to second terminal.It should be noted that first terminal and second
Terminal can be same equipment, or distinct device, carry out authentication to second terminal, be
To carrying out authentication using the user of second terminal.
In the embodiment of the present invention, server independently obtains the input habit of user, further according to the input of user
Validation problem and answer of the custom generation for authentication, therefore, in validation problem and the generation of answer
During, user does not know that what specific validation problem and answer be, and is tested carrying out identity
During card, because validation problem and answer are set according to the input habit of user, server informs user
Validation problem, user can know corresponding answer according to personal input habit, and input habit is to use
Family individual's, other people are difficult to learn.Therefore, by scheme of the embodiment of the present invention, identity is substantially increased
The security of checking.
Shown in reference picture 2, another embodiment of the method for authentication includes in the embodiment of the present invention:
201st, server obtains abbreviation information from the input method database of first terminal and believed with corresponding implication
Breath, the abbreviation information are input habit institute of the first terminal according to user with corresponding implication information
Record;
Optionally, abbreviation information can be acronym, and corresponding implication information can be Chinese.One
In the possible implementation of kind, if user often uses spelling input method, then the abbreviation information is that phonetic is first
Letter abbreviations, the corresponding implication information are that the corresponding first choice of first letter of pinyin abbreviation is Chinese,
Preferred Chinese is arranged in i.e. after user presses first letter of pinyin abbreviation from keyboard in input method choice box
The Chinese of first.
In alternatively possible implementation, if user often uses five-stroke input method, then the abbreviation information
For five acronyms, the corresponding implication information is the head corresponding to five acronyms
Choose text.
It should be noted that the abbreviation information is first letter of pinyin abbreviation or five acronyms
It is two kinds of implementations in the embodiment of the present invention, in actual applications, abbreviation information can also include the
One word is spelling, and second word is abbreviation, or first character is that second word of abbreviation is the feelings such as spelling
Condition.Such as " zsan " or " zhangs " this fall within the abbreviation of " Zhang San ".Information of abridging can be with
For the abbreviation of English or other language, corresponding implication information can be then corresponding language content, specifically
Do not repeat.
In the embodiment of the present invention, server obtains abbreviation information from the input method database in first terminal
And the trigger condition of corresponding implication information can be user's triggering, such as, server receives the
The validation problem generation request that one terminal is sent;And in another implementation, server can also basis
Predetermined period obtains abbreviation information and corresponding implication information, and generates validation problem and answer, such as,
Server obtains once abridge information and corresponding implication for every seven days from the input method database of first terminal
Information, and validation problem and answer are generated, so, validation problem can often change with answer, improve
The security of authentication.
202nd, the server is obtained from the input method database belonging to the corresponding implication information
Classification information;
In input method database, typically can all classification packet be carried out to many phrases or individual character, it is optional
, the packet of classification can be stored in terminal local, can also be stored in the input method server of distal end.
Such as including automotive-type, stars, place name class etc., then phrase as " Cayenne " then belongs to automobile
Class, phrase as " Fan Bingbing " then belong to stars, and phrase then belongs to place name class as " Changsha ".
Such classification information has indicative effect to abbreviation information, so server is getting abbreviation information
And after corresponding implication information, can according to the classification described in the implication acquisition of information implication information, than
If the implication information is " Changsha ", then the classification that server can also obtain " Changsha " is place name.
, can also be by server come to the class belonging to the corresponding implication information in another implementation
Other information is grouped.For example it is " Changsha " that server, which gets implication information corresponding to " cs ", so
The classification information according to belonging to " Changsha " in " Changsha " search server database itself is place name afterwards.
It should be noted that step 202 is optional step.
203rd, the server is according to the abbreviation information generation validation problem;
Specifically, server can be according to abbreviation information generation validation problem:Server is believed according to abbreviation
Breath generation prompting, the prompting are used to prompt implication information corresponding to user's input abbreviation information.Such as
If information of abridging is " cs ", then the validation problem generated can be that " please input corresponding to " cs "
Chinese ".Prompt message can be set more specifically, such as " " cs " please is inputted on keyboard, and root
Preferred Chinese is inputted according to choice box ".
Optionally, if server also obtains the classification belonging to implication information, then what server was generated
Validation problem can also include the classification, for example validation problem is " please input place name corresponding to " cs " ".
So, it provide the user corresponding prompt message so that user inputs more accurate during answer.
204th, the server generates the first of the validation problem according to the corresponding implication information and answered
Case;
Detailed content is with reference to described in step 103.
205th, the server receives the authentication request that second terminal is sent;
Detailed content is with reference to described in step 104.
206th, the validation problem is sent to second terminal by the server;
Because validation problem and the first answer all preserve in the server, so working as needs to enter second terminal
During row authentication, server can identify according to second terminal entrained in authentication request, from
Validation problem corresponding to being retrieved in memory and corresponding first answer, and validation problem will be sent to
Second terminal.
Optionally, because server is to obtain abbreviation information from the input method database of terminal with implication to believe
Breath be autonomously generated validation problem and answer, and so, user is not know that specific checking is asked
Topic and answer, it may so cause user can not guess correct option according to validation problem for the moment,
Cause authentication failed;So in embodiments of the present invention, server is carrying out authentication to second terminal
When, multiple validation problems can be sent to second terminal, second terminal is enumerated these validation problems,
Independently select one of them to answer by user, answer questions can authentication pass through.So, use is improved
Experience at family.
Or when validation problem is Universal Problems, such as " place name corresponding to " cs " please be input ",
Appropriator may guess correct option, and be assumed another's name to be verified caused by possibility.So in the present invention
In embodiment, server can be sent multiple when carrying out authentication to second terminal to second terminal
Validation problem, and require that user answers questions wherein whole issue or most of problem just judges that user identity is tested
Card passes through.Such as server send five validation problems, it is desirable to user answer questions wherein three be just able to verify that it is logical
Cross.So, the security of authentication is improved.
207th, the server receives the second answer that the second terminal is sent;
When second terminal receives the validation problem of server transmission, the validation problem can be shown, user
When seeing the validation problem shown by second terminal, then can be inputted in input frame corresponding to the second answer,
Second user answer is then sent to server by second terminal, and judge user's input by server second is answered
Whether case is correct.
208th, the server judges whether first answer and second answer are consistent, if unanimously,
Then determine that the second terminal authentication passes through;It is if inconsistent, it is determined that the second terminal identity is tested
Card does not pass through;
When server receives the second answer of second terminal transmission, then the second answer is somebody's turn to do with what is preserved
The first answer corresponding to validation problem is compared, and the second answer of institute is consistent with the first answer, it is determined that
Second terminal authentication is by if inconsistent, it is determined that second terminal authentication does not pass through.
For ease of understanding, auth method is described in detail with a specific application scenarios below:
User A carries out word input using QQ input methods on computers, through use after a while,
QQ input methods meeting counting user A use habit, the result of statistics can be:User A inputs " cs "
The probability for having 93% when being abridged as first letter of pinyin can select in candidate word " Changsha " to be tied as input
Fruit, the probability for having 5% can select in candidate word " parameter " to be used as input results, the probability meeting for having 2%
" transmission " in selection candidate word is used as input results, then QQ input methods can believe " cs " as abbreviation
Breath, and Chinese implication " Changsha " corresponding to it is subjected to binding record as implication information.
User A often logs in QQ mailbox receiving and dispatching mails, to improve the security of mailbox, facilitating user
A gives password or more new password for change in time after mailbox is maliciously usurped, and QQ mailbox servers provide close guarantor
Service, that is, the higher close guarantor's problem of privacy and Mi Bao answers are set.
Close guarantor's problem and Mi Bao answers can voluntarily be set by user A, can also be by QQ mailbox services
Device is set automatically, and when being set automatically by QQ mailbox servers, QQ mailbox servers can be every seven days
The computer used to user A sends information acquisition request, and the computer can extract currently from QQ input methods
The binding of information of abridging and corresponding implication information (such as " cs " and " Changsha ") records, and is sent to
QQ mailbox servers.
After QQ mailbox servers receive the abbreviation information " cs " and corresponding implication information " Changsha ",
The classification information belonging to implication information " Changsha " can be determined from input method database locally or remotely
" place name ".
Then, QQ mailbox servers selection validation problem masterplate, the form of validation problem, the checking are determined
The form of problem can be multiple-choice question, or True-False, can also be gap-filling questions, it is necessary to explanation
That different validation problem masterplates goes for different security level requireds, security level required compared with
Under low scene, multiple-choice question masterplate can be used, under security level required in general scene, can select
True-False masterplate, under the higher scene of security level required, gap-filling questions masterplate can be selected.
Fig. 3 to Fig. 5 is referred to, Fig. 3 is multiple-choice question interface schematic diagram, and Fig. 4 is True-False interface schematic diagram,
Fig. 5 is gap-filling questions interface schematic diagram.
In the present embodiment, the level of security of QQ mailbox servers requirement is higher, therefore uses gap-filling questions masterplate,
The validation problem of generation is " please input place name corresponding to cs ".
QQ mailbox servers also need to the standard according to corresponding to implication information " Changsha " generates the validation problem
Answer, i.e. " Changsha ", meanwhile, QQ mailbox servers can also read user A and currently log in QQ mailboxes
QQ number 12345, and QQ number, validation problem and model answer are associated preservation.
When user A has forgotten the QQ mailbox passwords of oneself, then more new password can be protected by close, now
User A can send password update to QQ mailbox servers by computer or other-end and ask, the password
User A QQ number 12345 is carried in renewal request, QQ mailbox servers receive the password update
After request, validation problem " place name corresponding to please inputting cs " is extracted according to QQ number.
When user A directly inputs first letter of pinyin " cs " using QQ input methods, according to QQ input methods
The use habit recorded, the phrases such as " Changsha ", " parameter " " transmission " can be shown, in the word of display
In group result, rational phrase is independently selected by user, and as shielding in answer, QQ mailbox servers receive
This is answered after answer, can determine that the answer of answering is consistent with model answer by comparing, you can confirms logical
Authentication is crossed, subsequent operation can be carried out.
And if user B has illegally known user A QQ number, and attempt to steal user A QQ mailboxes
When, user B can send password update to QQ mailbox servers by computer or other-end and ask, should
User A QQ number 12345 is carried in password update request, QQ mailbox servers receive the password
After renewal request, validation problem " place name corresponding to please inputting cs " is extracted according to QQ number.
Although existing certain prompting in validation problem, i.e., " place name ", because user B and user A make
Might not be identical with the use habit of input method, when user's B input Pinyins acronym " cs ",
Due to user B and user A input habit is unaware of, is shielded so user B can be selected as in answer
Chinese implication is probably " Changshu ", " Chaozhou-Shantou region " etc., and when the answer of answering of these Chinese implications is sent out
Deliver to after QQ mailbox servers, because the answer of answering is inconsistent with model answer, then QQ mailboxes take
Business device can refuse user B password update request.
Shown in reference picture 6, one embodiment of server includes in the embodiment of the present invention:
Acquiring unit 601, abbreviation information contains with corresponding in the input method database for obtaining first terminal
Adopted information, the abbreviation information are that the first terminal is practised according to the input of user with corresponding implication information
It is used to what is recorded;
Detailed content is with reference to described in step 101.
Generation unit 602, for according to the abbreviation information generation validation problem;
Detailed content is with reference to described in step 102.
The generation unit 602 is additionally operable to, and the validation problem is generated according to the corresponding implication information
The first answer;
Detailed content is with reference to described in step 103.
First receiving unit 603, for receiving the authentication request of second terminal transmission;
Detailed content is with reference to described in step 104.
Authentication unit 604, the second terminal is carried out for the validation problem and first answer
Authentication;
Detailed content is with reference to described in step 105.
Shown in reference picture 7, another embodiment of server includes in the embodiment of the present invention:
Acquiring unit 701, abbreviation information contains with corresponding in the input method database for obtaining first terminal
Adopted information, the abbreviation information are that the first terminal is practised according to the input of user with corresponding implication information
It is used to what is recorded;
Detailed content is with reference to described in step 201.
The acquiring unit 701 is additionally operable to:The corresponding implication is obtained from the input method database
Classification information belonging to information;
Detailed content is with reference to described in step 202.
Generation unit 702, for according to the abbreviation information generation validation problem;
Detailed content is with reference to described in step 203.
The generation unit 702 is additionally operable to, and the validation problem is generated according to the corresponding implication information
The first answer;
Detailed content is with reference to described in step 204.
First receiving unit 703, for receiving the authentication request of second terminal transmission;
Detailed content is with reference to described in step 205.
Authentication unit 704 specifically includes:Transmitting element 7041, for the validation problem to be sent into
Two terminals;
Detailed content is with reference to described in step 206.
Second receiving unit 7042, the second answer sent for receiving the second terminal;
Detailed content is with reference to described in step 207.
Judging unit 7043, for judging whether first answer and second answer are consistent;
Determining unit 7044, for judging first answer and second answer when the judging unit
When consistent, determine that the second terminal authentication passes through;
The determining unit 7044 is additionally operable to, when the judging unit judges first answer and described the
When two answers are inconsistent, it is determined that the second terminal authentication does not pass through.
Detailed content is with reference to described in step 208.
It should be noted that acquiring unit, generation unit list in the embodiment of the present invention described in server
Member, judging unit and determining unit can be integrated and realized on a processor, the first receiving unit, second
Receiving unit and transmitting element can integrate to be realized on the transceiver, wherein, processor includes centre
Manage device (Central Processing Unit, CPU), application specific integrated circuit (Application Specific
Integrated Circuit, referred to as:ASIC), field programmable gate array (Field-Programmable
Gate Array, referred to as:) or other PLDs etc. FPGA.
Fig. 8 is a kind of server architecture schematic diagram provided in an embodiment of the present invention, and the server 800 can be because
Configuration or performance are different and produce bigger difference, can include one or more central processing units
(central processing units, CPU) 822 (for example, one or more processors) and storage
Device 832, one or more storage application programs 842 or data 844 storage medium 830 (such as
One or more mass memory units).Wherein, memory 832 and storage medium 830 can be short
Temporary storage or persistently storage.One or more moulds can be included by being stored in the program of storage medium 830
Block (diagram does not mark), each module can include operating the series of instructions in server.More enter one
Step ground, central processing unit 822 could be arranged to communicate with storage medium 830, held on server 800
Series of instructions operation in row storage medium 830.
Server 800 can also include one or more power supplys 826, one or more it is wired or
Radio network interface 850, one or more input/output interfaces 858, and/or, one or one with
Upper operating system 841, such as Windows ServerTM, Mac OS XTM, UnixTM, LinuxTM,
FreeBSDTM etc..
Can be based on the server architecture shown in the Fig. 8 as the step performed by server in above-described embodiment.
It is apparent to those skilled in the art that for convenience and simplicity of description, it is above-mentioned to retouch
The specific work process for the system, apparatus, and unit stated, it may be referred to the correspondence in preceding method embodiment
Process, it will not be repeated here.
In several embodiments provided herein, it should be understood that disclosed system, device and
Method, it can realize by another way.For example, device embodiment described above is only to show
Meaning property, for example, the division of the unit, only a kind of division of logic function can when actually realizing
To there is other dividing mode, such as multiple units or component can combine or be desirably integrated into another
System, or some features can be ignored, or not perform.Another, shown or discussed is mutual
Coupling or direct-coupling or communication connection can be INDIRECT COUPLING by some interfaces, device or unit
Or communication connection, can be electrical, mechanical or other forms.
The unit illustrated as separating component can be or may not be it is physically separate, make
It can be for the part that unit is shown or may not be physical location, you can with positioned at a place,
Or it can also be distributed on multiple NEs.Can select according to the actual needs part therein or
Person's whole unit realizes the purpose of this embodiment scheme.
In addition, each functional unit in each embodiment of the present invention can be integrated in a processing unit
In or unit be individually physically present, can also two or more units be integrated in one
In individual unit.Above-mentioned integrated unit can both be realized in the form of hardware, can also use software work(
The form of energy unit is realized.
If the integrated unit is realized in the form of SFU software functional unit and is used as independent production marketing
Or in use, it can be stored in a computer read/write memory medium.Based on such understanding, sheet
Part that the technical scheme of invention substantially contributes to prior art in other words or the technical scheme
It can completely or partially be embodied in the form of software product, the computer software product is stored in one
In storage medium, including some instructions to cause a computer equipment (can be personal computer,
Server, or network equipment etc.) perform all or part of step of each embodiment methods described of the present invention
Suddenly.And foregoing storage medium includes:USB flash disk, mobile hard disk, read-only storage (ROM,
Read-Only Memory), random access memory (RAM, Random Access Memory),
Magnetic disc or CD etc. are various can be with the medium of store program codes.
Described above, the above embodiments are merely illustrative of the technical solutions of the present invention, rather than its limitations;
Although the present invention is described in detail with reference to the foregoing embodiments, one of ordinary skill in the art should
Work as understanding:It can still modify to the technical scheme described in foregoing embodiments, or to it
Middle some technical characteristics carry out equivalent substitution;And these modifications or replacement, do not make appropriate technical solution
Essence depart from various embodiments of the present invention technical scheme spirit and scope.
Claims (10)
- A kind of 1. method of authentication, it is characterised in that methods described includes:Obtain abridged in the input method database of first terminal information and corresponding implication information, the abbreviation Information is that the first terminal is recorded according to the input habit of user with corresponding implication information;According to the abbreviation information generation validation problem;The first answer of the validation problem is generated according to the corresponding implication information;Receive the authentication request that second terminal is sent;Authentication is carried out to the second terminal according to the validation problem and first answer.
- 2. according to the method for claim 1, it is characterised in that the abbreviation information is phonetic lead-in Mother's abbreviation, the corresponding implication information are that the corresponding first choice of first letter of pinyin abbreviation is Chinese;Or Person,The abbreviation information is five acronyms, and the corresponding implication information is five lead-ins The corresponding first choice Chinese of mother's abbreviation.
- 3. according to the method for claim 1, it is characterised in that the validation problem includes:Prompting The prompting of implication information corresponding to user's input abbreviation information.
- 4. according to the method for claim 1, it is characterised in that methods described also includes:The classification information belonging to the corresponding implication information is obtained from the input method database;Included according to the abbreviation information generation validation problem:It is to carry according to the abbreviation information and classification information generation validation problem, the validation problem Show the prompting of user's implication information according to corresponding to the classification information input abbreviation information.
- 5. according to the method described in Claims 1-4 wherein any one, it is characterised in that described Authentication is carried out according to the validation problem and first answer to the second terminal to specifically include:The validation problem is sent to second terminal;Receive the second answer that the second terminal is sent;Judge whether first answer and second answer are consistent, if unanimously, it is determined that described second Terminal identity is verified;It is if inconsistent, it is determined that the second terminal authentication does not pass through.
- 6. a kind of server, it is characterised in that the server includes:Acquiring unit, abridge in the input method database for obtaining first terminal information and corresponding implication Information, the abbreviation information are input habit of the first terminal according to user with corresponding implication information Recorded;Generation unit, for according to the abbreviation information generation validation problem;The generation unit is additionally operable to, and the of the validation problem is generated according to the corresponding implication information One answer;First receiving unit, for receiving the authentication request of second terminal transmission;Authentication unit, body is carried out to the second terminal for the validation problem and first answer Part checking.
- 7. server according to claim 6, it is characterised in that the abbreviation information is that phonetic is first Letter abbreviations, the corresponding implication information are that the corresponding first choice of first letter of pinyin abbreviation is Chinese; OrThe abbreviation information is five acronyms, and the corresponding implication information is five lead-ins The corresponding first choice Chinese of mother's abbreviation.
- 8. server according to claim 6, it is characterised in that the validation problem includes:Carry Show the prompting of implication information corresponding to user's input abbreviation information.
- 9. server according to claim 6, it is characterised in that the acquiring unit is additionally operable to:The classification information belonging to the corresponding implication information is obtained from the input method database;The generation unit is specifically used for:It is to carry according to the abbreviation information and classification information generation validation problem, the validation problem Show the prompting of user's implication information according to corresponding to the classification information input abbreviation information.
- 10. according to the server described in claim 6 to 9 wherein any one, it is characterised in that institute Authentication unit is stated to specifically include:Transmitting element, for the validation problem to be sent into second terminal;Second receiving unit, the second answer sent for receiving the second terminal;Judging unit, for judging whether first answer and second answer are consistent;Determining unit, for judging that first answer is consistent with second answer when the judging unit When, determine that the second terminal authentication passes through;The determining unit is additionally operable to, when the judging unit judges that first answer is answered with described second When case is inconsistent, it is determined that the second terminal authentication does not pass through.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610322308.7A CN107370603B (en) | 2016-05-13 | 2016-05-13 | Identity authentication method, server and computer readable storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610322308.7A CN107370603B (en) | 2016-05-13 | 2016-05-13 | Identity authentication method, server and computer readable storage medium |
Publications (2)
Publication Number | Publication Date |
---|---|
CN107370603A true CN107370603A (en) | 2017-11-21 |
CN107370603B CN107370603B (en) | 2020-05-05 |
Family
ID=60304227
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610322308.7A Active CN107370603B (en) | 2016-05-13 | 2016-05-13 | Identity authentication method, server and computer readable storage medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107370603B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108090373A (en) * | 2017-12-26 | 2018-05-29 | 赤脊山科技(广州)有限公司 | A kind of data processing and exploitation total management system |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2006107134A (en) * | 2004-10-05 | 2006-04-20 | Japan Science & Technology Agency | Health information providing system, and method thereof |
CN101414905A (en) * | 2007-10-17 | 2009-04-22 | 谢丹 | Various selectivity cipher safety authentication system and method |
CN102063452A (en) * | 2010-05-31 | 2011-05-18 | 百度在线网络技术(北京)有限公司 | Method, equipment, server and system for inputting characters by user |
CN102075507A (en) * | 2010-07-30 | 2011-05-25 | 百度在线网络技术(北京)有限公司 | User verification method and equipment based on word-sentence verification diagram |
CN104917612A (en) * | 2014-03-14 | 2015-09-16 | 腾讯科技(深圳)有限公司 | Identity verification method and device |
-
2016
- 2016-05-13 CN CN201610322308.7A patent/CN107370603B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2006107134A (en) * | 2004-10-05 | 2006-04-20 | Japan Science & Technology Agency | Health information providing system, and method thereof |
CN101414905A (en) * | 2007-10-17 | 2009-04-22 | 谢丹 | Various selectivity cipher safety authentication system and method |
CN102063452A (en) * | 2010-05-31 | 2011-05-18 | 百度在线网络技术(北京)有限公司 | Method, equipment, server and system for inputting characters by user |
CN102075507A (en) * | 2010-07-30 | 2011-05-25 | 百度在线网络技术(北京)有限公司 | User verification method and equipment based on word-sentence verification diagram |
CN104917612A (en) * | 2014-03-14 | 2015-09-16 | 腾讯科技(深圳)有限公司 | Identity verification method and device |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108090373A (en) * | 2017-12-26 | 2018-05-29 | 赤脊山科技(广州)有限公司 | A kind of data processing and exploitation total management system |
Also Published As
Publication number | Publication date |
---|---|
CN107370603B (en) | 2020-05-05 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8881251B1 (en) | Electronic authentication using pictures and images | |
TWI592820B (en) | Man-machine recognition method and system | |
CN106161392B (en) | A kind of auth method and equipment | |
KR102125348B1 (en) | Auto-reply methods, devices, equipment, and computer-readable storage media | |
CN104135365B (en) | Method, server and the client that access request is verified | |
CN105376287B (en) | Account data processing method, system and server | |
US20170300676A1 (en) | Method and device for realizing verification code | |
CN107800672A (en) | A kind of Information Authentication method, electronic equipment, server and information authentication system | |
JP2007522551A (en) | Multi-select challenge-response user authentication system and method | |
CN103546877A (en) | Method and system for obtaining and inputting content code and mobile terminal | |
WO2014108003A1 (en) | Method for verifying sensitive operations, terminal device, server, and verification system | |
CN109194689B (en) | Abnormal behavior recognition method, device, server and storage medium | |
US20170017782A1 (en) | Access Code Obfuscation Using Speech Input | |
CN109902459A (en) | Man-machine identification verification method, system, equipment and the storage medium of WEB page | |
CN110990811A (en) | Identity authentication method and device | |
CN107517180A (en) | Login method and device | |
CN109460653A (en) | Verification method, verifying equipment, storage medium and the device of rule-based engine | |
CN108111533A (en) | The registration login method and system of APP | |
CN107196889A (en) | The detection method and device of corpse account | |
US20050114679A1 (en) | Method and apparatus for extracting authentication information from a user | |
CN107612915A (en) | The method and apparatus of the anti-password cracking of double secure forms based on checking code conversion | |
CN107231358B (en) | Questionnaire data acquisition method, server and mobile terminal | |
KR101182629B1 (en) | Learning services providing method and system | |
CN107370603A (en) | The method and server of a kind of authentication | |
CN107172088A (en) | A kind of data processing method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |