CN107864034A - Cipher management method and device - Google Patents
Cipher management method and device Download PDFInfo
- Publication number
- CN107864034A CN107864034A CN201710091767.3A CN201710091767A CN107864034A CN 107864034 A CN107864034 A CN 107864034A CN 201710091767 A CN201710091767 A CN 201710091767A CN 107864034 A CN107864034 A CN 107864034A
- Authority
- CN
- China
- Prior art keywords
- password
- target
- platform
- base
- code
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0822—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of cipher management method, including:The base password of user's input is received in the interface for password input of platform, and obtains and password is distinguished corresponding to the platform;According to the base password and the differentiation password generation target password, the target password is matched with the setting code to prestore;When the target password is consistent with the setting code, corresponding register is performed according to the target password.The invention also discloses a kind of Password Management device.The present invention is by base password and distinguishes the highly complex target password of code building, so that user need to only remember simple base password, and platform can only preserve highly complex target password without preserving base password, and base password counter can not be pushed away by highly complex target password, substantially increase the security of Password Management.
Description
Technical field
The present invention relates to Password Management technical field, more particularly to a kind of cipher management method and device.
Background technology
With the requirement more and more higher of information security, the access of numerous platforms is both provided with password, for example, the platform is with net
Exemplified by standing, almost each website will register account number, the login of the account needs password, and existing code management device can store account
Number password, greater risk be present.Problems be present in management of each platform to password:On the one hand, user remembers for convenience
Password, if user with all accounts of same Password Management, once have an imprudence be cracked be equal to have revealed it is all
The password of account, security be not high.On the other hand, if different accounts use different passwords, and ensure password complexity compared with
It is high, then user would become hard to remember the password, and forgetting Password will make troubles to user;If password complexity is not higher,
Although user easily remembers password, the password is also easily cracked, very dangerous.
The content of the invention
It is a primary object of the present invention to provide a kind of cipher management method and device, it is intended to improve the safety of Password Management
Property.
To achieve the above object, the invention provides a kind of cipher management method, including:
The base password of user's input is received in the interface for password input of platform, and obtains and is distinguished corresponding to the platform
Password;
It is according to the base password and the differentiation password generation target password, the target password and the setting that prestores is close
Code is matched;
When the target password is consistent with the setting code, corresponding log in is performed according to the target password and grasped
Make.
Preferably, the corresponding password of distinguishing of the platform that obtains includes before:
Different code names is respectively configured for different platform, the different code name is respectively set as the different platform pair
The differentiation password answered.
Preferably, it is described according to the base password and it is described differentiation password generation target password, by the target password with
The setting code to prestore includes after being matched:
When the target password and the setting code are inconsistent, corresponding prompt message is exported.
Preferably, it is described according to the base password and it is described differentiation password generation target password include:
Calculating is encrypted to the base password by the related Hash operation message authentication code HAMC AESs of key
The first numerical value is obtained, and the differentiation password is encrypted by the HAMC AESs second value is calculated;
First numerical value and the second value are subjected to computing by the HAMC AESs and generate target password.
Preferably, it is described that first numerical value and the second value are subjected to computing life by the HAMC AESs
Include into target password:
First numerical value and the second value are subjected to computing by the HAMC AESs and generate designated pin,
Judge whether the first of the designated pin is numeral;
If the first place of the designated pin is numeral, letter is revised as in the first place of the designated pin, after modification
The designated pin is set as target password.
In addition, to achieve the above object, present invention also offers a kind of Password Management device, including:
Acquisition module, for receiving the base password of user's input in the interface for password input of platform, and described in acquisition
Password is distinguished corresponding to platform;
Matching module, for generating target password according to the base password and the differentiation password, by the target password
Matched with the setting code to prestore;
Execution module, for when the target password is consistent with the setting code, being performed according to the target password
Corresponding register.
Preferably, the Password Management device also includes:
Setting module, for different code names to be respectively configured for different platform, the different code name is respectively set as
Password is distinguished corresponding to the different platform.
Preferably, the Password Management device also includes:
Output module, for when the target password and the setting code are inconsistent, exporting corresponding prompt message.
Preferably, the matching module includes:
Computing unit, for the Hash operation message authentication code HAMC AESs by key correlation to the base password
It is encrypted and the first numerical value is calculated, and the differentiation password is encrypted by the HAMC AESs and calculated
To second value;
Generation unit, for first numerical value and the second value to be carried out into computing by the HAMC AESs
Generate target password.
Preferably, the generation unit is additionally operable to, and first numerical value and the second value are added by the HAMC
Close algorithm carries out computing generation designated pin, judges whether the first of the designated pin is numeral;
If the first place of the designated pin is numeral, letter is revised as in the first place of the designated pin, after modification
The designated pin is set as target password.
Cipher management method and device provided in an embodiment of the present invention, it is defeated that user is received in the interface for password input of platform
The base password entered, and obtain and password is distinguished corresponding to the platform, target is then generated according to the base password and the differentiation password
Password, and when the target password is consistent with the setting code to prestore, corresponding register is performed according to the target password.
So as to pass through the highly complex target password of base password and differentiation code building so that user need to only remember simple base password i.e.
Can, and platform can only preserve highly complex target password without preserving base password, it is and close by highly complex target
Code counter can not push away base password, substantially increase the security of Password Management.
Brief description of the drawings
Fig. 1 is the schematic flow sheet of cipher management method first embodiment of the present invention;
Fig. 2 is the schematic flow sheet of cipher management method second embodiment of the present invention;
Fig. 3 is the high-level schematic functional block diagram of Password Management device first embodiment of the present invention;
Fig. 4 is the high-level schematic functional block diagram of Password Management device second embodiment of the present invention.
The realization, functional characteristics and advantage of the object of the invention will be described further referring to the drawings in conjunction with the embodiments.
Embodiment
It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, it is not intended to limit the present invention.
As shown in figure 1, show a kind of cipher management method first embodiment of the present invention.The Password Management side of the embodiment
Method includes:
Step S10, the base password of user's input is received in the interface for password input of platform, and obtains the platform pair
The differentiation password answered;
In the present embodiment, cipher management method is applied to mobile terminal, the type of mobile terminal can according to be actually needed into
Row is set, for example, the mobile terminal includes mobile phone, tablet personal computer, notebook computer, desktop computer etc..
The running of mobile terminal has platform, and the type of the platform can be configured according to being actually needed, for example, the platform is not
Only include safety cloud, human resource system etc., in addition to the website such as Taobao, Jingdone district, youku.com.
Base password refers to the password that user inputs in the Password Input text box of mobile terminal, i.e. user needs what is remembered
Simple password, the base password can be configured according to the hobby of user, it may include numeral, letter, and/or character etc..
Differentiation password refers to the code name for distinguishing each platform, i.e., the unique mark of each platform, the differentiation password can
Set as the case may be and flexibly.For example, distinguish the abbreviation that password can be website, the differentiation password of workspace is pws, people
The differentiation password of power resource system is pshr, and the differentiation password of safety cloud is pac, etc..
When running some platform on mobile terminals, need to input password on the platform when being logged in, first, moving
The interface for password input of the platform is shown in the display interface of dynamic terminal, user needs the input base in the interface for password input close
Code.When receiving the base password of user's input in the interface for password input in platform in corresponding Password Input text box, simultaneously
Obtain and password is distinguished corresponding to the platform.
Step S20, according to the base password and the differentiation password generation target password, by the target password with prestoring
Setting code matched;
It should be noted that in order to judge whether the password of input correct, it is mobile when user is configured to base password
The code management device of platform will store setting code in terminal, and the setting code is when setting base password, by the base password
Pass through AES generation with the password of distinguishing of platform.
In order to improve the security of Password Management, obtaining distinguishing password corresponding to the base password and platform of user's input
Afterwards, mobile terminal needs to be handled by AES according to the base password and the differentiation password, to generate target password.Should
The type of AES can be set as the case may be and flexibly, for example, the AES can be HAMC AESs.
The digit of target password and comprising numeral, position where letter etc. can be randomly derived according to AES,
The target password is highly complex password.After target password is obtained, the target password is entered with the setting code prestored
Row matching, judges whether target password is consistent with setting code.
Step S30, when the target password is consistent with the setting code, performed according to the target password corresponding
Register.
When target password is consistent with setting code, illustrate that the base password of user's input is correct, now can be close according to target
Code performs corresponding register.For example, when user applies upper login Alipay account in the Alipay of mobile terminal, user
The base password of input is abc123, and the differentiation password of Alipay application is zfb, then according to base password abc123 and differentiation password
Zfb carries out that the complicated password that target password is 16 is calculated by AES.When the complicated password of 16 is with prestoring
Setting code it is consistent when, illustrate user input base password it is correct, the login of Alipay account can be carried out.
When user remembers password for convenience, during with all accounts in same base Password Management different platform, due to
Mobile terminal storage is only target password, does not store base password, even if password is cracked, obtained decryption
Only target password, base password counter can not be released according to target password, embody the irreversibility of base password, and it is all
The target password of account is simultaneously different, and security is very high.
When user sets different accounts to use different passwords, user need not set so complicated base password, it is only necessary to
Easily remembered simple radical password is set, and what it is due to mobile terminal storage is only target password, even if password is cracked
, obtained decryption is target password, and base password counter can not be released according to target password.Therefore, user only needs to remember
Firmly simple base password easy to remember can think that the account of different web sites distributes the target password of different high intensity.
When target password and setting code are inconsistent, illustrate the base password bad of user's input, now mobile whole
The related prompt message of Password Input mistake can be shown in the display interface at end, or mistake is inputted by voice broadcast output password
Related prompt message by mistake.
The embodiment of the present invention receives the base password of user's input in the interface for password input of platform, and obtains the platform
Corresponding differentiation password, target password is then generated according to the base password and the differentiation password, and when by the target password and in advance
When the setting code deposited is consistent, corresponding register is performed according to the target password.So as to pass through base password and differentiation code
Generate highly complex target password so that user need to only remember that simple base password, and platform can only preserve height
Complicated target password counter can not push away base password without preserving base password by highly complex target password, carry significantly
The high security of Password Management.
Further, as shown in Fig. 2 being based on above-mentioned cipher management method first embodiment, it is proposed that password pipe of the present invention
Reason method second embodiment, include before above-mentioned steps S10 in the embodiment:
Step S40, different code names is respectively configured for different platform, by the different code name be respectively set as it is described not
With distinguishing password corresponding to platform.
Can be that different code names is respectively configured with platform in advance, the code can be the unique of the platform in the present embodiment
Mark, the code can be set as the case may be and flexibly.For example, the code name of human resource system's platform is pshr, safety cloud
The code name of platform is pac.Then it is close that different code names different platform configured are respectively set as differentiation corresponding to different platform
Code.
, can be according to the interface for password input in platform when carrying out Password Input after the differentiation password of platform has been configured
The base password of user's input is inside received, and password generation target password is distinguished corresponding to the platform and carries out register.
It should be noted that the differentiation password of different platform can be that default configuration is good, mobile terminal can also provide
Interface is set, is configured for differentiation password of the user to different platform.It is defeated when receiving user in specified setting interface
During the setting instruction entered, the differentiation password to platform is instructed to be updated according to the setting.
Different code names is respectively configured for different platform in advance in the present embodiment, different code names is respectively set as different flat
Password is distinguished corresponding to platform, improves the convenience that password is distinguished corresponding to configuration platform.
Further, based on above-mentioned cipher management method first embodiment, it is proposed that cipher management method the 3rd of the present invention
Embodiment, include after above-mentioned steps S20 in the embodiment:
When the target password and the setting code are inconsistent, corresponding prompt message is exported.
It is above-mentioned to generate target password in the differentiation password of the base password inputted according to user and platform in the present embodiment, will
During the target password is matched with the setting code to prestore, when the target password and setting code are inconsistent, say
The base password bad of bright user's input, now exports corresponding prompt message.For example, can be in the display interface of mobile terminal
Show " correct password please be input ", " password bad that you input " or " Password Input mistake, you also have 3 inputs close
The related prompt message of the Password Input mistakes such as the chance of code ", or the phase by voice broadcast output password input error
Close prompt message.
It is understood that can set when base Password Input mistake is when now reaching preset times, account can be pinned,
Forbid inputting again in preset time, after more than preset time, base password can be inputted again.
It should be noted that in order to prevent other people by attempting input base password to steal information, when Password Input mistake
When, mobile terminal can also send short messages to the designated mobile phone bound with the platform, or send out what mail was extremely bound with the platform
Mailbox is specified, when not being user's input base password, to know that account there may be in time by third party's channel
Stolen risk.
The present embodiment generates target password in the differentiation password of the base password and platform inputted according to user, and the target is close
During code is matched with the setting code to prestore, when the target password and setting code are inconsistent, output is corresponding
Prompt message.So as to visual cues user cipher input error, Consumer's Experience is improved.
Further, based on the above-mentioned embodiment of cipher management method first, second or third, it is proposed that password pipe of the present invention
Reason method fourth embodiment, above-mentioned steps S20 may include in the embodiment:
Step S21, the base password is carried out by key related Hash operation message authentication code HAMC AESs
Computations obtain the first numerical value, and by the HAMC AESs differentiation password are encrypted and to be calculated the
Two numerical value;
Step S22, first numerical value and the second value are subjected to computing generation by the HAMC AESs
Target password.
In the present embodiment, the base password and the differentiation password generation target of platform that above-mentioned mobile terminal inputs according to user are close
During code, first, base password is encrypted by key related Hash operation message authentication code HAMC AESs
The first numerical value is calculated, first numerical value can be 8 upper and lower case letters, the strong password of numeral mixing.And pass through this
HAMC AESs are encrypted second value are calculated to distinguishing password, the second value can be 8 upper and lower case letters,
The strong password of numeral mixing.Then first numerical value and the second value are subjected to computing life again by HAMC AESs
Into target password, target target password can be 16 upper and lower case letters, the complicated password of numeral mixing.It is close obtaining target
Code, the target password is matched to perform corresponding register with the setting code prestored.
The base password and the differentiation password of platform that the present embodiment inputs according to user are generated by two step HAMC AESs
Target password, so as to calculate different high complexity passwords to different platforms, improve the spirit of target password setting
Activity, and base password counter can not be pushed away by highly complex target password, improve the security of Password Management.
Further, based on above-mentioned cipher management method fourth embodiment, it is proposed that cipher management method the 5th of the present invention
Embodiment, above-mentioned steps S22 may include in the embodiment:
First numerical value and the second value are subjected to computing by the HAMC AESs and generate designated pin,
Judge whether the first of the designated pin is numeral;
If the first place of the designated pin is numeral, letter is revised as in the first place of the designated pin, after modification
The designated pin is set as target password.
In the present embodiment, in order to meet requirement of most of platform to password, for example, the password of some platforms is set necessarily
It is required that first place is letter, and it can not be numeral or symbol etc..For this kind of platform, close to base respectively by HAMC AESs
Calculating is encrypted in code and differentiation password, after respectively obtaining the first numerical value and second value, is counted according to the first numerical value and second
During value carries out computing generation target password again by HAMC AESs, first according to the first numerical value and second value
Computing is carried out by HAMC AESs and generates designated pin, the first place of the designated pin is then extracted, judges the designated pin
It is the first whether be numeral.
When the first place of designated pin is digital, letter is revised as in the first place of the designated pin, can arbitrarily repair
The upper case or lower case or regulation for any letter being changed in 26 letters are arranged to the letter of acquiescence, for example, when specified
It is lowercase k by the first default setting when the first place of password is digital.The specified close of letter will be revised as in first place again
Code is set as target password.When the first place of designated pin be not for numeral when, the designated pin is directly set as target password.
The present embodiment is specified when carrying out computing generation again by HAMC AESs according to the first numerical value and second value
When the first place of password is not numeral, it is set as target password after the first place of the designated pin is revised as into letter, so as to meet
Requirement of the different platform to password, improve flexibility and the reliability of target password setting.
Accordingly, as shown in figure 3, proposing a kind of Password Management device first embodiment of the present invention.The password of the embodiment
Managing device includes:
Acquisition module 100, for receiving the base password of user's input in the interface for password input of platform, and obtain institute
State and password is distinguished corresponding to platform;
In the present embodiment, Password Management device is applied to mobile terminal, the type of mobile terminal can according to be actually needed into
Row is set, for example, the mobile terminal includes mobile phone, tablet personal computer, notebook computer, desktop computer etc..
The running of mobile terminal has platform, and the type of the platform can be configured according to being actually needed, for example, the platform is not
Only include safety cloud, human resource system etc., in addition to the website such as Taobao, Jingdone district, youku.com.
Base password refers to the password that user inputs in the Password Input text box of mobile terminal, i.e. user needs what is remembered
Simple password, the base password can be configured according to the hobby of user, it may include numeral, letter, and/or character etc..
Differentiation password refers to the code name for distinguishing each platform, i.e., the unique mark of each platform, the differentiation password can
Set as the case may be and flexibly.For example, distinguish the abbreviation that password can be website, the differentiation password of workspace is pws, people
The differentiation password of power resource system is pshr, and the differentiation password of safety cloud is pac, etc..
When running some platform on mobile terminals, need to input password on the platform when being logged in, first, moving
The interface for password input of the platform is shown in the display interface of dynamic terminal, user needs the input base in the interface for password input close
Code.When acquisition module 100 receives the base of user's input in the interface for password input of platform in corresponding Password Input text box
During password, while obtain and password is distinguished corresponding to the platform.
Matching module 200, it is for generating target password according to the base password and the differentiation password, the target is close
Code is matched with the setting code to prestore;
It should be noted that in order to judge whether the password of input correct, it is mobile when user is configured to base password
The code management device of platform will store setting code in terminal, and the setting code is when setting base password, by the base password
Pass through AES generation with the password of distinguishing of platform.
In order to improve the security of Password Management, obtaining distinguishing password corresponding to the base password and platform of user's input
Afterwards, matching module 200 needs to be handled by AES according to the base password and the differentiation password, close to generate target
Code.The type of the AES can be set as the case may be and flexibly, for example, the AES can be HAMC AESs.
The digit of target password and comprising numeral, position where letter etc. can be randomly derived according to AES,
The target password is highly complex password.After target password is obtained, matching module 200 is by the target password and prestores
Setting code is matched, and judges whether target password is consistent with setting code.
Execution module 300, for when the target password is consistent with the setting code, being held according to the target password
The corresponding register of row.
When target password is consistent with setting code, illustrate that the base password of user's input is correct, now execution module 300 can
Corresponding register is performed according to target password.For example, when user applies upper login Alipay in the Alipay of mobile terminal
During account, the base password of user's input is abc123, and the differentiation password of Alipay application is zfb, then according to base password abc123
And distinguish password zfb and carry out that the complicated password that target password is 16 is calculated by AES.When the complexity of 16
When password is consistent with the setting code to prestore, illustrates that the base password of user's input is correct, the login of Alipay account can be carried out.
When user remembers password for convenience, during with all accounts in same base Password Management different platform, due to
Mobile terminal storage is only target password, does not store base password, even if password is cracked, obtained decryption
Only target password, base password counter can not be released according to target password, embody the irreversibility of base password, and it is all
The target password of account is simultaneously different, and security is very high.
When user sets different accounts to use different passwords, user need not set so complicated base password, it is only necessary to
Easily remembered simple radical password is set, and what it is due to mobile terminal storage is only target password, even if password is cracked
, obtained decryption is target password, and base password counter can not be released according to target password.Therefore, user only needs to remember
Firmly simple base password easy to remember can think that the account of different web sites distributes the target password of different high intensity.
When target password and setting code are inconsistent, illustrate the base password bad of user's input, now mobile whole
The related prompt message of Password Input mistake can be shown in the display interface at end, or mistake is inputted by voice broadcast output password
Related prompt message by mistake.
The embodiment of the present invention receives the base password of user's input in the interface for password input of platform, and obtains the platform
Corresponding differentiation password, target password is then generated according to the base password and the differentiation password, and when by the target password and in advance
When the setting code deposited is consistent, corresponding register is performed according to the target password.So as to pass through base password and differentiation code
Generate highly complex target password so that user need to only remember that simple base password, and platform can only preserve height
Complicated target password counter can not push away base password without preserving base password by highly complex target password, carry significantly
The high security of Password Management.
Further, as shown in figure 4, being based on above-mentioned Password Management device first embodiment, it is proposed that password pipe of the present invention
Device second embodiment is managed, above-mentioned Password Management device also includes in the embodiment:
Setting module 400, for different code names to be respectively configured for different platform, the different code name is set respectively
To distinguish password corresponding to the different platform.
In the present embodiment, setting module 400 can be that different code names is respectively configured with platform in advance, and the code can be this
The unique mark of platform, the code can be set as the case may be and flexibly.For example, the code name of human resource system's platform is
Pshr, the code name of safety cloud platform is pac.Then different code names different platform configured are respectively set as different platform pair
The differentiation password answered.
, can be according to the interface for password input in platform when carrying out Password Input after the differentiation password of platform has been configured
The base password of user's input is inside received, and password generation target password is distinguished corresponding to the platform and carries out register.
It should be noted that the differentiation password of different platform can be that default configuration is good, mobile terminal can also provide
Interface is set, is configured for differentiation password of the user to different platform.It is defeated when receiving user in specified setting interface
During the setting instruction entered, the differentiation password to platform is instructed to be updated according to the setting.
Different code names is respectively configured for different platform in advance in the present embodiment, different code names is respectively set as different flat
Password is distinguished corresponding to platform, improves the convenience that password is distinguished corresponding to configuration platform.
Further, based on above-mentioned Password Management device first embodiment, it is proposed that Password Management device the 3rd of the present invention
Embodiment, above-mentioned Password Management device also includes in the embodiment:
Output module, for when the target password and the setting code are inconsistent, exporting corresponding prompt message.
It is above-mentioned to generate target password in the differentiation password of the base password inputted according to user and platform in the present embodiment, will
During the target password is matched with the setting code to prestore, when the target password and setting code are inconsistent, say
The base password bad of bright user's input, the corresponding prompt message of now output module output.For example, can be in the aobvious of mobile terminal
Show display " correct password please be input " in interface, " password bad that you input " or " Password Input mistake, you also have 3
The related prompt message of the Password Input mistakes such as the chance of secondary input password ", or inputted by voice broadcast output password
The related prompt message of mistake.
It is understood that can set when base Password Input mistake is when now reaching preset times, account can be pinned,
Forbid inputting again in preset time, after more than preset time, base password can be inputted again.
It should be noted that in order to prevent other people by attempting input base password to steal information, when Password Input mistake
When, mobile terminal can also send short messages to the designated mobile phone bound with the platform, or send out what mail was extremely bound with the platform
Mailbox is specified, when not being user's input base password, to know that account there may be in time by third party's channel
Stolen risk.
The present embodiment generates target password in the differentiation password of the base password and platform inputted according to user, and the target is close
During code is matched with the setting code to prestore, when the target password and setting code are inconsistent, output is corresponding
Prompt message.So as to visual cues user cipher input error, Consumer's Experience is improved.
Further, based on the above-mentioned embodiment of Password Management device first, second or third, it is proposed that password pipe of the present invention
Device fourth embodiment is managed, above-mentioned matching module 200 includes in the embodiment:
Computing unit, for the Hash operation message authentication code HAMC AESs by key correlation to the base password
It is encrypted and the first numerical value is calculated, and the differentiation password is encrypted by the HAMC AESs and calculated
To second value;
Generation unit, for first numerical value and the second value to be carried out into computing by the HAMC AESs
Generate target password.
In the present embodiment, the base password and the differentiation password generation target of platform that above-mentioned mobile terminal inputs according to user are close
It is first, close to base by the related Hash operation message authentication code HAMC AESs of key by computing unit during code
Code, which is encrypted, is calculated the first numerical value, and first numerical value can be 8 upper and lower case letters, the strong password of numeral mixing.
And differentiation password is encrypted by the HAMC AESs by computing unit second value is calculated, the second value
Can be 8 upper and lower case letters, the strong password of numeral mixing.Then by generation unit by first numerical value and the second value
Computing generation target password is carried out again by HAMC AESs, target target password can be 16 upper and lower case letters, numbers
The complicated password of word mixing.Target password is being obtained, the target password is being matched to hold with the setting code prestored
The corresponding register of row.
The base password and the differentiation password of platform that the present embodiment inputs according to user are generated by two step HAMC AESs
Target password, so as to calculate different high complexity passwords to different platforms, improve the spirit of target password setting
Activity, and base password counter can not be pushed away by highly complex target password, improve the security of Password Management.
Further, based on above-mentioned Password Management device fourth embodiment, it is proposed that Password Management device the 5th of the present invention
Embodiment, above-mentioned generation unit is additionally operable in the embodiment, and first numerical value and the second value are passed through into the HAMC
AES carries out computing generation designated pin, judges whether the first of the designated pin is numeral;
If the first place of the designated pin is numeral, letter is revised as in the first place of the designated pin, after modification
The designated pin is set as target password.
In the present embodiment, in order to meet requirement of most of platform to password, for example, the password of some platforms is set necessarily
It is required that first place is letter, and it can not be numeral or symbol etc..For this kind of platform, close to base respectively by HAMC AESs
Calculating is encrypted in code and differentiation password, after respectively obtaining the first numerical value and second value, in generation unit according to the first numerical value
During carrying out computing generation target password again by HAMC AESs with second value, generation unit is first according to the
One numerical value and second value carry out computing by HAMC AESs and generate designated pin, then extract the head of the designated pin
Position, judge whether the first of the designated pin is numeral.
When designated pin first place for it is digital when, letter is revised as in the first place of the designated pin by generation unit, can be with
It is the upper case or lower case for any letter being arbitrarily revised as in 26 letters or regulation is arranged to the letter of acquiescence, example
Such as, it is lowercase k by the first default setting when the first place of designated pin is digital.Word will be revised as in first place again
Female designated pin is set as target password.When the first place of designated pin be not for numeral when, directly the designated pin is set
For target password.
The present embodiment is specified when carrying out computing generation again by HAMC AESs according to the first numerical value and second value
When the first place of password is not numeral, it is set as target password after the first place of the designated pin is revised as into letter, so as to meet
Requirement of the different platform to password, improve flexibility and the reliability of target password setting.
Through the above description of the embodiments, those skilled in the art can be understood that above-described embodiment side
Method can add the mode of required general hardware platform to realize by software, naturally it is also possible to by hardware, but in many cases
The former is more preferably embodiment.Based on such understanding, technical scheme is substantially done to prior art in other words
Going out the part of contribution can be embodied in the form of software product, and the computer software product is stored in a storage medium
In (such as ROM/RAM, magnetic disc, CD), including some instructions to cause a station terminal equipment (can be mobile phone, computer, clothes
Be engaged in device, air conditioner, or network equipment etc.) perform method described in each embodiment of the present invention.
The preferred embodiments of the present invention are these are only, are not intended to limit the scope of the invention, it is every to utilize this hair
The equivalent structure or equivalent flow conversion that bright specification and accompanying drawing content are made, or directly or indirectly it is used in other related skills
Art field, is included within the scope of the present invention.
Claims (10)
1. a kind of cipher management method, it is characterised in that the cipher management method comprises the following steps:
The base password of user's input is received in the interface for password input of platform, and is distinguished corresponding to the acquisition platform close
Code;
According to the base password and the differentiation password generation target password, the target password is entered with the setting code to prestore
Row matching;
When the target password is consistent with the setting code, corresponding register is performed according to the target password.
2. cipher management method as claimed in claim 1, it is characterised in that described obtain distinguishes password corresponding to the platform
Include before:
Different code names is respectively configured for different platform, the different code name is respectively set as corresponding to the different platform
Distinguish password.
3. cipher management method as claimed in claim 1, it is characterised in that it is described according to the base password and it is described distinguish it is close
Code generation target password, includes after the target password is matched with the setting code to prestore:
When the target password and the setting code are inconsistent, corresponding prompt message is exported.
4. the cipher management method as described in any one of claims 1 to 3, it is characterised in that it is described according to the base password and
The differentiation password generation target password includes:
The base password is encrypted by key related Hash operation message authentication code HAMC AESs and is calculated
First numerical value, and the differentiation password is encrypted by the HAMC AESs second value is calculated;
First numerical value and the second value are subjected to computing by the HAMC AESs and generate target password.
5. cipher management method as claimed in claim 4, it is characterised in that described to count first numerical value with described second
Value carries out computing generation target password by the HAMC AESs to be included:
First numerical value and the second value are subjected to computing by the HAMC AESs and generate designated pin, is judged
Whether the first of the designated pin is numeral;
If the first place of the designated pin is numeral, letter is revised as in the first place of the designated pin, will be described after modification
Designated pin is set as target password.
6. a kind of Password Management device, it is characterised in that the Password Management device includes:
Acquisition module, for receiving the base password of user's input in the interface for password input of platform, and obtain the platform
Corresponding differentiation password;
Matching module, for generating target password according to the base password and the differentiation password, by the target password and in advance
The setting code deposited is matched;
Execution module, for when the target password is consistent with the setting code, being performed according to the target password corresponding
Register.
7. Password Management device as claimed in claim 6, it is characterised in that the Password Management device also includes:
Setting module, for different code names to be respectively configured for different platform, the different code name is respectively set as described
Password is distinguished corresponding to different platform.
8. Password Management device as claimed in claim 6, it is characterised in that the Password Management device also includes:
Output module, for when the target password and the setting code are inconsistent, exporting corresponding prompt message.
9. the Password Management device as described in any one of claim 6 to 8, it is characterised in that the matching module includes:
Computing unit, for being carried out by the related Hash operation message authentication code HAMC AESs of key to the base password
Computations obtain the first numerical value, and by the HAMC AESs differentiation password are encrypted and to be calculated the
Two numerical value;
Generation unit, for first numerical value and the second value to be carried out into computing generation by the HAMC AESs
Target password.
10. Password Management device as claimed in claim 9, it is characterised in that the generation unit is additionally operable to, by described first
Numerical value and the second value carry out computing by the HAMC AESs and generate designated pin, judge the designated pin
Whether the first be numeral;
If the first place of the designated pin is numeral, letter is revised as in the first place of the designated pin, will be described after modification
Designated pin is set as target password.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710091767.3A CN107864034A (en) | 2017-02-20 | 2017-02-20 | Cipher management method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710091767.3A CN107864034A (en) | 2017-02-20 | 2017-02-20 | Cipher management method and device |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107864034A true CN107864034A (en) | 2018-03-30 |
Family
ID=61699072
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710091767.3A Pending CN107864034A (en) | 2017-02-20 | 2017-02-20 | Cipher management method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107864034A (en) |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040025026A1 (en) * | 2002-08-02 | 2004-02-05 | Karp Alan H. | System-specific passwords |
CN101383709A (en) * | 2008-10-17 | 2009-03-11 | 阿里巴巴集团控股有限公司 | System and method enhancing safety of network account and cipher |
CN102143190A (en) * | 2011-05-11 | 2011-08-03 | 江汉大学 | Safe login method and device |
CN102170437A (en) * | 2011-04-19 | 2011-08-31 | 上海众人网络安全技术有限公司 | System and method for realizing Phishing identification based on challenge password token |
CN103491062A (en) * | 2012-06-13 | 2014-01-01 | 北京新媒传信科技有限公司 | Method and device for generating password |
CN104091134A (en) * | 2014-07-16 | 2014-10-08 | 谭皓文 | Password inputting method with combination of safety and convenience |
CN104378334A (en) * | 2013-08-15 | 2015-02-25 | 北京大学 | Information processing method and system based on mobile device |
CN104506557A (en) * | 2015-01-07 | 2015-04-08 | 北京深思数盾科技有限公司 | Method and device for managing login information |
CN106257859A (en) * | 2015-06-18 | 2016-12-28 | 黄瑞杰 | A kind of password using method |
-
2017
- 2017-02-20 CN CN201710091767.3A patent/CN107864034A/en active Pending
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040025026A1 (en) * | 2002-08-02 | 2004-02-05 | Karp Alan H. | System-specific passwords |
CN101383709A (en) * | 2008-10-17 | 2009-03-11 | 阿里巴巴集团控股有限公司 | System and method enhancing safety of network account and cipher |
CN102170437A (en) * | 2011-04-19 | 2011-08-31 | 上海众人网络安全技术有限公司 | System and method for realizing Phishing identification based on challenge password token |
CN102143190A (en) * | 2011-05-11 | 2011-08-03 | 江汉大学 | Safe login method and device |
CN103491062A (en) * | 2012-06-13 | 2014-01-01 | 北京新媒传信科技有限公司 | Method and device for generating password |
CN104378334A (en) * | 2013-08-15 | 2015-02-25 | 北京大学 | Information processing method and system based on mobile device |
CN104091134A (en) * | 2014-07-16 | 2014-10-08 | 谭皓文 | Password inputting method with combination of safety and convenience |
CN104506557A (en) * | 2015-01-07 | 2015-04-08 | 北京深思数盾科技有限公司 | Method and device for managing login information |
CN106257859A (en) * | 2015-06-18 | 2016-12-28 | 黄瑞杰 | A kind of password using method |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106161359B (en) | It authenticates the method and device of user, register the method and device of wearable device | |
CN107634832B (en) | Character string encryption, verification method, device, computer readable storage medium | |
CN105307163B (en) | A kind of safety communicating method and device | |
CN105898743B (en) | A kind of method for connecting network, apparatus and system | |
CN101621794A (en) | Method for realizing safe authentication of wireless application service system | |
CN108965222A (en) | Identity identifying method, system and computer readable storage medium | |
CN101291223A (en) | System and method for a third party to provide identity authentication service | |
CN106101064A (en) | Account login method and device | |
CN1894882B (en) | Authentication system | |
WO2016188127A1 (en) | Virtual keyboard-based encryption method and apparatus | |
CN103684758A (en) | User password mixing encryption method and system | |
CN104202163A (en) | Password system based on mobile terminal | |
CN103905188A (en) | Method for generating dynamic password through intelligent secret key device, and intelligent secret key device | |
CN105187382A (en) | Multi-factor identity authentication method for preventing library collision attacks | |
CN106453321A (en) | Authentication server, system and method, and to-be-authenticated terminal | |
JP6636265B2 (en) | Computer application system and method for generating and restoring authentication code | |
CN113709115A (en) | Authentication method and device | |
Singh et al. | A 3-level multifactor Authentication scheme for cloud computing | |
JP2010517121A (en) | User authentication system and method | |
CN110062383A (en) | A kind of authentication method, terminal, certificate server, application server | |
CN105281899A (en) | Apparatus and method for password authentication | |
CN102571341B (en) | A kind of Verification System based on dynamic image and authentication method | |
CN107844290B (en) | Software product design method and device based on data stream security threat analysis | |
CN107864034A (en) | Cipher management method and device | |
EP2940618A1 (en) | Method, system, user equipment and program for authenticating a user |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180330 |