CN107864034A - Cipher management method and device - Google Patents

Cipher management method and device Download PDF

Info

Publication number
CN107864034A
CN107864034A CN201710091767.3A CN201710091767A CN107864034A CN 107864034 A CN107864034 A CN 107864034A CN 201710091767 A CN201710091767 A CN 201710091767A CN 107864034 A CN107864034 A CN 107864034A
Authority
CN
China
Prior art keywords
password
target
platform
base
code
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710091767.3A
Other languages
Chinese (zh)
Inventor
彭瑶
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ping An Technology Shenzhen Co Ltd
Original Assignee
Ping An Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ping An Technology Shenzhen Co Ltd filed Critical Ping An Technology Shenzhen Co Ltd
Priority to CN201710091767.3A priority Critical patent/CN107864034A/en
Publication of CN107864034A publication Critical patent/CN107864034A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a kind of cipher management method, including:The base password of user's input is received in the interface for password input of platform, and obtains and password is distinguished corresponding to the platform;According to the base password and the differentiation password generation target password, the target password is matched with the setting code to prestore;When the target password is consistent with the setting code, corresponding register is performed according to the target password.The invention also discloses a kind of Password Management device.The present invention is by base password and distinguishes the highly complex target password of code building, so that user need to only remember simple base password, and platform can only preserve highly complex target password without preserving base password, and base password counter can not be pushed away by highly complex target password, substantially increase the security of Password Management.

Description

Cipher management method and device
Technical field
The present invention relates to Password Management technical field, more particularly to a kind of cipher management method and device.
Background technology
With the requirement more and more higher of information security, the access of numerous platforms is both provided with password, for example, the platform is with net Exemplified by standing, almost each website will register account number, the login of the account needs password, and existing code management device can store account Number password, greater risk be present.Problems be present in management of each platform to password:On the one hand, user remembers for convenience Password, if user with all accounts of same Password Management, once have an imprudence be cracked be equal to have revealed it is all The password of account, security be not high.On the other hand, if different accounts use different passwords, and ensure password complexity compared with It is high, then user would become hard to remember the password, and forgetting Password will make troubles to user;If password complexity is not higher, Although user easily remembers password, the password is also easily cracked, very dangerous.
The content of the invention
It is a primary object of the present invention to provide a kind of cipher management method and device, it is intended to improve the safety of Password Management Property.
To achieve the above object, the invention provides a kind of cipher management method, including:
The base password of user's input is received in the interface for password input of platform, and obtains and is distinguished corresponding to the platform Password;
It is according to the base password and the differentiation password generation target password, the target password and the setting that prestores is close Code is matched;
When the target password is consistent with the setting code, corresponding log in is performed according to the target password and grasped Make.
Preferably, the corresponding password of distinguishing of the platform that obtains includes before:
Different code names is respectively configured for different platform, the different code name is respectively set as the different platform pair The differentiation password answered.
Preferably, it is described according to the base password and it is described differentiation password generation target password, by the target password with The setting code to prestore includes after being matched:
When the target password and the setting code are inconsistent, corresponding prompt message is exported.
Preferably, it is described according to the base password and it is described differentiation password generation target password include:
Calculating is encrypted to the base password by the related Hash operation message authentication code HAMC AESs of key The first numerical value is obtained, and the differentiation password is encrypted by the HAMC AESs second value is calculated;
First numerical value and the second value are subjected to computing by the HAMC AESs and generate target password.
Preferably, it is described that first numerical value and the second value are subjected to computing life by the HAMC AESs Include into target password:
First numerical value and the second value are subjected to computing by the HAMC AESs and generate designated pin, Judge whether the first of the designated pin is numeral;
If the first place of the designated pin is numeral, letter is revised as in the first place of the designated pin, after modification The designated pin is set as target password.
In addition, to achieve the above object, present invention also offers a kind of Password Management device, including:
Acquisition module, for receiving the base password of user's input in the interface for password input of platform, and described in acquisition Password is distinguished corresponding to platform;
Matching module, for generating target password according to the base password and the differentiation password, by the target password Matched with the setting code to prestore;
Execution module, for when the target password is consistent with the setting code, being performed according to the target password Corresponding register.
Preferably, the Password Management device also includes:
Setting module, for different code names to be respectively configured for different platform, the different code name is respectively set as Password is distinguished corresponding to the different platform.
Preferably, the Password Management device also includes:
Output module, for when the target password and the setting code are inconsistent, exporting corresponding prompt message.
Preferably, the matching module includes:
Computing unit, for the Hash operation message authentication code HAMC AESs by key correlation to the base password It is encrypted and the first numerical value is calculated, and the differentiation password is encrypted by the HAMC AESs and calculated To second value;
Generation unit, for first numerical value and the second value to be carried out into computing by the HAMC AESs Generate target password.
Preferably, the generation unit is additionally operable to, and first numerical value and the second value are added by the HAMC Close algorithm carries out computing generation designated pin, judges whether the first of the designated pin is numeral;
If the first place of the designated pin is numeral, letter is revised as in the first place of the designated pin, after modification The designated pin is set as target password.
Cipher management method and device provided in an embodiment of the present invention, it is defeated that user is received in the interface for password input of platform The base password entered, and obtain and password is distinguished corresponding to the platform, target is then generated according to the base password and the differentiation password Password, and when the target password is consistent with the setting code to prestore, corresponding register is performed according to the target password. So as to pass through the highly complex target password of base password and differentiation code building so that user need to only remember simple base password i.e. Can, and platform can only preserve highly complex target password without preserving base password, it is and close by highly complex target Code counter can not push away base password, substantially increase the security of Password Management.
Brief description of the drawings
Fig. 1 is the schematic flow sheet of cipher management method first embodiment of the present invention;
Fig. 2 is the schematic flow sheet of cipher management method second embodiment of the present invention;
Fig. 3 is the high-level schematic functional block diagram of Password Management device first embodiment of the present invention;
Fig. 4 is the high-level schematic functional block diagram of Password Management device second embodiment of the present invention.
The realization, functional characteristics and advantage of the object of the invention will be described further referring to the drawings in conjunction with the embodiments.
Embodiment
It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, it is not intended to limit the present invention.
As shown in figure 1, show a kind of cipher management method first embodiment of the present invention.The Password Management side of the embodiment Method includes:
Step S10, the base password of user's input is received in the interface for password input of platform, and obtains the platform pair The differentiation password answered;
In the present embodiment, cipher management method is applied to mobile terminal, the type of mobile terminal can according to be actually needed into Row is set, for example, the mobile terminal includes mobile phone, tablet personal computer, notebook computer, desktop computer etc..
The running of mobile terminal has platform, and the type of the platform can be configured according to being actually needed, for example, the platform is not Only include safety cloud, human resource system etc., in addition to the website such as Taobao, Jingdone district, youku.com.
Base password refers to the password that user inputs in the Password Input text box of mobile terminal, i.e. user needs what is remembered Simple password, the base password can be configured according to the hobby of user, it may include numeral, letter, and/or character etc..
Differentiation password refers to the code name for distinguishing each platform, i.e., the unique mark of each platform, the differentiation password can Set as the case may be and flexibly.For example, distinguish the abbreviation that password can be website, the differentiation password of workspace is pws, people The differentiation password of power resource system is pshr, and the differentiation password of safety cloud is pac, etc..
When running some platform on mobile terminals, need to input password on the platform when being logged in, first, moving The interface for password input of the platform is shown in the display interface of dynamic terminal, user needs the input base in the interface for password input close Code.When receiving the base password of user's input in the interface for password input in platform in corresponding Password Input text box, simultaneously Obtain and password is distinguished corresponding to the platform.
Step S20, according to the base password and the differentiation password generation target password, by the target password with prestoring Setting code matched;
It should be noted that in order to judge whether the password of input correct, it is mobile when user is configured to base password The code management device of platform will store setting code in terminal, and the setting code is when setting base password, by the base password Pass through AES generation with the password of distinguishing of platform.
In order to improve the security of Password Management, obtaining distinguishing password corresponding to the base password and platform of user's input Afterwards, mobile terminal needs to be handled by AES according to the base password and the differentiation password, to generate target password.Should The type of AES can be set as the case may be and flexibly, for example, the AES can be HAMC AESs.
The digit of target password and comprising numeral, position where letter etc. can be randomly derived according to AES, The target password is highly complex password.After target password is obtained, the target password is entered with the setting code prestored Row matching, judges whether target password is consistent with setting code.
Step S30, when the target password is consistent with the setting code, performed according to the target password corresponding Register.
When target password is consistent with setting code, illustrate that the base password of user's input is correct, now can be close according to target Code performs corresponding register.For example, when user applies upper login Alipay account in the Alipay of mobile terminal, user The base password of input is abc123, and the differentiation password of Alipay application is zfb, then according to base password abc123 and differentiation password Zfb carries out that the complicated password that target password is 16 is calculated by AES.When the complicated password of 16 is with prestoring Setting code it is consistent when, illustrate user input base password it is correct, the login of Alipay account can be carried out.
When user remembers password for convenience, during with all accounts in same base Password Management different platform, due to Mobile terminal storage is only target password, does not store base password, even if password is cracked, obtained decryption Only target password, base password counter can not be released according to target password, embody the irreversibility of base password, and it is all The target password of account is simultaneously different, and security is very high.
When user sets different accounts to use different passwords, user need not set so complicated base password, it is only necessary to Easily remembered simple radical password is set, and what it is due to mobile terminal storage is only target password, even if password is cracked , obtained decryption is target password, and base password counter can not be released according to target password.Therefore, user only needs to remember Firmly simple base password easy to remember can think that the account of different web sites distributes the target password of different high intensity.
When target password and setting code are inconsistent, illustrate the base password bad of user's input, now mobile whole The related prompt message of Password Input mistake can be shown in the display interface at end, or mistake is inputted by voice broadcast output password Related prompt message by mistake.
The embodiment of the present invention receives the base password of user's input in the interface for password input of platform, and obtains the platform Corresponding differentiation password, target password is then generated according to the base password and the differentiation password, and when by the target password and in advance When the setting code deposited is consistent, corresponding register is performed according to the target password.So as to pass through base password and differentiation code Generate highly complex target password so that user need to only remember that simple base password, and platform can only preserve height Complicated target password counter can not push away base password without preserving base password by highly complex target password, carry significantly The high security of Password Management.
Further, as shown in Fig. 2 being based on above-mentioned cipher management method first embodiment, it is proposed that password pipe of the present invention Reason method second embodiment, include before above-mentioned steps S10 in the embodiment:
Step S40, different code names is respectively configured for different platform, by the different code name be respectively set as it is described not With distinguishing password corresponding to platform.
Can be that different code names is respectively configured with platform in advance, the code can be the unique of the platform in the present embodiment Mark, the code can be set as the case may be and flexibly.For example, the code name of human resource system's platform is pshr, safety cloud The code name of platform is pac.Then it is close that different code names different platform configured are respectively set as differentiation corresponding to different platform Code.
, can be according to the interface for password input in platform when carrying out Password Input after the differentiation password of platform has been configured The base password of user's input is inside received, and password generation target password is distinguished corresponding to the platform and carries out register.
It should be noted that the differentiation password of different platform can be that default configuration is good, mobile terminal can also provide Interface is set, is configured for differentiation password of the user to different platform.It is defeated when receiving user in specified setting interface During the setting instruction entered, the differentiation password to platform is instructed to be updated according to the setting.
Different code names is respectively configured for different platform in advance in the present embodiment, different code names is respectively set as different flat Password is distinguished corresponding to platform, improves the convenience that password is distinguished corresponding to configuration platform.
Further, based on above-mentioned cipher management method first embodiment, it is proposed that cipher management method the 3rd of the present invention Embodiment, include after above-mentioned steps S20 in the embodiment:
When the target password and the setting code are inconsistent, corresponding prompt message is exported.
It is above-mentioned to generate target password in the differentiation password of the base password inputted according to user and platform in the present embodiment, will During the target password is matched with the setting code to prestore, when the target password and setting code are inconsistent, say The base password bad of bright user's input, now exports corresponding prompt message.For example, can be in the display interface of mobile terminal Show " correct password please be input ", " password bad that you input " or " Password Input mistake, you also have 3 inputs close The related prompt message of the Password Input mistakes such as the chance of code ", or the phase by voice broadcast output password input error Close prompt message.
It is understood that can set when base Password Input mistake is when now reaching preset times, account can be pinned, Forbid inputting again in preset time, after more than preset time, base password can be inputted again.
It should be noted that in order to prevent other people by attempting input base password to steal information, when Password Input mistake When, mobile terminal can also send short messages to the designated mobile phone bound with the platform, or send out what mail was extremely bound with the platform Mailbox is specified, when not being user's input base password, to know that account there may be in time by third party's channel Stolen risk.
The present embodiment generates target password in the differentiation password of the base password and platform inputted according to user, and the target is close During code is matched with the setting code to prestore, when the target password and setting code are inconsistent, output is corresponding Prompt message.So as to visual cues user cipher input error, Consumer's Experience is improved.
Further, based on the above-mentioned embodiment of cipher management method first, second or third, it is proposed that password pipe of the present invention Reason method fourth embodiment, above-mentioned steps S20 may include in the embodiment:
Step S21, the base password is carried out by key related Hash operation message authentication code HAMC AESs Computations obtain the first numerical value, and by the HAMC AESs differentiation password are encrypted and to be calculated the Two numerical value;
Step S22, first numerical value and the second value are subjected to computing generation by the HAMC AESs Target password.
In the present embodiment, the base password and the differentiation password generation target of platform that above-mentioned mobile terminal inputs according to user are close During code, first, base password is encrypted by key related Hash operation message authentication code HAMC AESs The first numerical value is calculated, first numerical value can be 8 upper and lower case letters, the strong password of numeral mixing.And pass through this HAMC AESs are encrypted second value are calculated to distinguishing password, the second value can be 8 upper and lower case letters, The strong password of numeral mixing.Then first numerical value and the second value are subjected to computing life again by HAMC AESs Into target password, target target password can be 16 upper and lower case letters, the complicated password of numeral mixing.It is close obtaining target Code, the target password is matched to perform corresponding register with the setting code prestored.
The base password and the differentiation password of platform that the present embodiment inputs according to user are generated by two step HAMC AESs Target password, so as to calculate different high complexity passwords to different platforms, improve the spirit of target password setting Activity, and base password counter can not be pushed away by highly complex target password, improve the security of Password Management.
Further, based on above-mentioned cipher management method fourth embodiment, it is proposed that cipher management method the 5th of the present invention Embodiment, above-mentioned steps S22 may include in the embodiment:
First numerical value and the second value are subjected to computing by the HAMC AESs and generate designated pin, Judge whether the first of the designated pin is numeral;
If the first place of the designated pin is numeral, letter is revised as in the first place of the designated pin, after modification The designated pin is set as target password.
In the present embodiment, in order to meet requirement of most of platform to password, for example, the password of some platforms is set necessarily It is required that first place is letter, and it can not be numeral or symbol etc..For this kind of platform, close to base respectively by HAMC AESs Calculating is encrypted in code and differentiation password, after respectively obtaining the first numerical value and second value, is counted according to the first numerical value and second During value carries out computing generation target password again by HAMC AESs, first according to the first numerical value and second value Computing is carried out by HAMC AESs and generates designated pin, the first place of the designated pin is then extracted, judges the designated pin It is the first whether be numeral.
When the first place of designated pin is digital, letter is revised as in the first place of the designated pin, can arbitrarily repair The upper case or lower case or regulation for any letter being changed in 26 letters are arranged to the letter of acquiescence, for example, when specified It is lowercase k by the first default setting when the first place of password is digital.The specified close of letter will be revised as in first place again Code is set as target password.When the first place of designated pin be not for numeral when, the designated pin is directly set as target password.
The present embodiment is specified when carrying out computing generation again by HAMC AESs according to the first numerical value and second value When the first place of password is not numeral, it is set as target password after the first place of the designated pin is revised as into letter, so as to meet Requirement of the different platform to password, improve flexibility and the reliability of target password setting.
Accordingly, as shown in figure 3, proposing a kind of Password Management device first embodiment of the present invention.The password of the embodiment Managing device includes:
Acquisition module 100, for receiving the base password of user's input in the interface for password input of platform, and obtain institute State and password is distinguished corresponding to platform;
In the present embodiment, Password Management device is applied to mobile terminal, the type of mobile terminal can according to be actually needed into Row is set, for example, the mobile terminal includes mobile phone, tablet personal computer, notebook computer, desktop computer etc..
The running of mobile terminal has platform, and the type of the platform can be configured according to being actually needed, for example, the platform is not Only include safety cloud, human resource system etc., in addition to the website such as Taobao, Jingdone district, youku.com.
Base password refers to the password that user inputs in the Password Input text box of mobile terminal, i.e. user needs what is remembered Simple password, the base password can be configured according to the hobby of user, it may include numeral, letter, and/or character etc..
Differentiation password refers to the code name for distinguishing each platform, i.e., the unique mark of each platform, the differentiation password can Set as the case may be and flexibly.For example, distinguish the abbreviation that password can be website, the differentiation password of workspace is pws, people The differentiation password of power resource system is pshr, and the differentiation password of safety cloud is pac, etc..
When running some platform on mobile terminals, need to input password on the platform when being logged in, first, moving The interface for password input of the platform is shown in the display interface of dynamic terminal, user needs the input base in the interface for password input close Code.When acquisition module 100 receives the base of user's input in the interface for password input of platform in corresponding Password Input text box During password, while obtain and password is distinguished corresponding to the platform.
Matching module 200, it is for generating target password according to the base password and the differentiation password, the target is close Code is matched with the setting code to prestore;
It should be noted that in order to judge whether the password of input correct, it is mobile when user is configured to base password The code management device of platform will store setting code in terminal, and the setting code is when setting base password, by the base password Pass through AES generation with the password of distinguishing of platform.
In order to improve the security of Password Management, obtaining distinguishing password corresponding to the base password and platform of user's input Afterwards, matching module 200 needs to be handled by AES according to the base password and the differentiation password, close to generate target Code.The type of the AES can be set as the case may be and flexibly, for example, the AES can be HAMC AESs.
The digit of target password and comprising numeral, position where letter etc. can be randomly derived according to AES, The target password is highly complex password.After target password is obtained, matching module 200 is by the target password and prestores Setting code is matched, and judges whether target password is consistent with setting code.
Execution module 300, for when the target password is consistent with the setting code, being held according to the target password The corresponding register of row.
When target password is consistent with setting code, illustrate that the base password of user's input is correct, now execution module 300 can Corresponding register is performed according to target password.For example, when user applies upper login Alipay in the Alipay of mobile terminal During account, the base password of user's input is abc123, and the differentiation password of Alipay application is zfb, then according to base password abc123 And distinguish password zfb and carry out that the complicated password that target password is 16 is calculated by AES.When the complexity of 16 When password is consistent with the setting code to prestore, illustrates that the base password of user's input is correct, the login of Alipay account can be carried out.
When user remembers password for convenience, during with all accounts in same base Password Management different platform, due to Mobile terminal storage is only target password, does not store base password, even if password is cracked, obtained decryption Only target password, base password counter can not be released according to target password, embody the irreversibility of base password, and it is all The target password of account is simultaneously different, and security is very high.
When user sets different accounts to use different passwords, user need not set so complicated base password, it is only necessary to Easily remembered simple radical password is set, and what it is due to mobile terminal storage is only target password, even if password is cracked , obtained decryption is target password, and base password counter can not be released according to target password.Therefore, user only needs to remember Firmly simple base password easy to remember can think that the account of different web sites distributes the target password of different high intensity.
When target password and setting code are inconsistent, illustrate the base password bad of user's input, now mobile whole The related prompt message of Password Input mistake can be shown in the display interface at end, or mistake is inputted by voice broadcast output password Related prompt message by mistake.
The embodiment of the present invention receives the base password of user's input in the interface for password input of platform, and obtains the platform Corresponding differentiation password, target password is then generated according to the base password and the differentiation password, and when by the target password and in advance When the setting code deposited is consistent, corresponding register is performed according to the target password.So as to pass through base password and differentiation code Generate highly complex target password so that user need to only remember that simple base password, and platform can only preserve height Complicated target password counter can not push away base password without preserving base password by highly complex target password, carry significantly The high security of Password Management.
Further, as shown in figure 4, being based on above-mentioned Password Management device first embodiment, it is proposed that password pipe of the present invention Device second embodiment is managed, above-mentioned Password Management device also includes in the embodiment:
Setting module 400, for different code names to be respectively configured for different platform, the different code name is set respectively To distinguish password corresponding to the different platform.
In the present embodiment, setting module 400 can be that different code names is respectively configured with platform in advance, and the code can be this The unique mark of platform, the code can be set as the case may be and flexibly.For example, the code name of human resource system's platform is Pshr, the code name of safety cloud platform is pac.Then different code names different platform configured are respectively set as different platform pair The differentiation password answered.
, can be according to the interface for password input in platform when carrying out Password Input after the differentiation password of platform has been configured The base password of user's input is inside received, and password generation target password is distinguished corresponding to the platform and carries out register.
It should be noted that the differentiation password of different platform can be that default configuration is good, mobile terminal can also provide Interface is set, is configured for differentiation password of the user to different platform.It is defeated when receiving user in specified setting interface During the setting instruction entered, the differentiation password to platform is instructed to be updated according to the setting.
Different code names is respectively configured for different platform in advance in the present embodiment, different code names is respectively set as different flat Password is distinguished corresponding to platform, improves the convenience that password is distinguished corresponding to configuration platform.
Further, based on above-mentioned Password Management device first embodiment, it is proposed that Password Management device the 3rd of the present invention Embodiment, above-mentioned Password Management device also includes in the embodiment:
Output module, for when the target password and the setting code are inconsistent, exporting corresponding prompt message.
It is above-mentioned to generate target password in the differentiation password of the base password inputted according to user and platform in the present embodiment, will During the target password is matched with the setting code to prestore, when the target password and setting code are inconsistent, say The base password bad of bright user's input, the corresponding prompt message of now output module output.For example, can be in the aobvious of mobile terminal Show display " correct password please be input " in interface, " password bad that you input " or " Password Input mistake, you also have 3 The related prompt message of the Password Input mistakes such as the chance of secondary input password ", or inputted by voice broadcast output password The related prompt message of mistake.
It is understood that can set when base Password Input mistake is when now reaching preset times, account can be pinned, Forbid inputting again in preset time, after more than preset time, base password can be inputted again.
It should be noted that in order to prevent other people by attempting input base password to steal information, when Password Input mistake When, mobile terminal can also send short messages to the designated mobile phone bound with the platform, or send out what mail was extremely bound with the platform Mailbox is specified, when not being user's input base password, to know that account there may be in time by third party's channel Stolen risk.
The present embodiment generates target password in the differentiation password of the base password and platform inputted according to user, and the target is close During code is matched with the setting code to prestore, when the target password and setting code are inconsistent, output is corresponding Prompt message.So as to visual cues user cipher input error, Consumer's Experience is improved.
Further, based on the above-mentioned embodiment of Password Management device first, second or third, it is proposed that password pipe of the present invention Device fourth embodiment is managed, above-mentioned matching module 200 includes in the embodiment:
Computing unit, for the Hash operation message authentication code HAMC AESs by key correlation to the base password It is encrypted and the first numerical value is calculated, and the differentiation password is encrypted by the HAMC AESs and calculated To second value;
Generation unit, for first numerical value and the second value to be carried out into computing by the HAMC AESs Generate target password.
In the present embodiment, the base password and the differentiation password generation target of platform that above-mentioned mobile terminal inputs according to user are close It is first, close to base by the related Hash operation message authentication code HAMC AESs of key by computing unit during code Code, which is encrypted, is calculated the first numerical value, and first numerical value can be 8 upper and lower case letters, the strong password of numeral mixing. And differentiation password is encrypted by the HAMC AESs by computing unit second value is calculated, the second value Can be 8 upper and lower case letters, the strong password of numeral mixing.Then by generation unit by first numerical value and the second value Computing generation target password is carried out again by HAMC AESs, target target password can be 16 upper and lower case letters, numbers The complicated password of word mixing.Target password is being obtained, the target password is being matched to hold with the setting code prestored The corresponding register of row.
The base password and the differentiation password of platform that the present embodiment inputs according to user are generated by two step HAMC AESs Target password, so as to calculate different high complexity passwords to different platforms, improve the spirit of target password setting Activity, and base password counter can not be pushed away by highly complex target password, improve the security of Password Management.
Further, based on above-mentioned Password Management device fourth embodiment, it is proposed that Password Management device the 5th of the present invention Embodiment, above-mentioned generation unit is additionally operable in the embodiment, and first numerical value and the second value are passed through into the HAMC AES carries out computing generation designated pin, judges whether the first of the designated pin is numeral;
If the first place of the designated pin is numeral, letter is revised as in the first place of the designated pin, after modification The designated pin is set as target password.
In the present embodiment, in order to meet requirement of most of platform to password, for example, the password of some platforms is set necessarily It is required that first place is letter, and it can not be numeral or symbol etc..For this kind of platform, close to base respectively by HAMC AESs Calculating is encrypted in code and differentiation password, after respectively obtaining the first numerical value and second value, in generation unit according to the first numerical value During carrying out computing generation target password again by HAMC AESs with second value, generation unit is first according to the One numerical value and second value carry out computing by HAMC AESs and generate designated pin, then extract the head of the designated pin Position, judge whether the first of the designated pin is numeral.
When designated pin first place for it is digital when, letter is revised as in the first place of the designated pin by generation unit, can be with It is the upper case or lower case for any letter being arbitrarily revised as in 26 letters or regulation is arranged to the letter of acquiescence, example Such as, it is lowercase k by the first default setting when the first place of designated pin is digital.Word will be revised as in first place again Female designated pin is set as target password.When the first place of designated pin be not for numeral when, directly the designated pin is set For target password.
The present embodiment is specified when carrying out computing generation again by HAMC AESs according to the first numerical value and second value When the first place of password is not numeral, it is set as target password after the first place of the designated pin is revised as into letter, so as to meet Requirement of the different platform to password, improve flexibility and the reliability of target password setting.
Through the above description of the embodiments, those skilled in the art can be understood that above-described embodiment side Method can add the mode of required general hardware platform to realize by software, naturally it is also possible to by hardware, but in many cases The former is more preferably embodiment.Based on such understanding, technical scheme is substantially done to prior art in other words Going out the part of contribution can be embodied in the form of software product, and the computer software product is stored in a storage medium In (such as ROM/RAM, magnetic disc, CD), including some instructions to cause a station terminal equipment (can be mobile phone, computer, clothes Be engaged in device, air conditioner, or network equipment etc.) perform method described in each embodiment of the present invention.
The preferred embodiments of the present invention are these are only, are not intended to limit the scope of the invention, it is every to utilize this hair The equivalent structure or equivalent flow conversion that bright specification and accompanying drawing content are made, or directly or indirectly it is used in other related skills Art field, is included within the scope of the present invention.

Claims (10)

1. a kind of cipher management method, it is characterised in that the cipher management method comprises the following steps:
The base password of user's input is received in the interface for password input of platform, and is distinguished corresponding to the acquisition platform close Code;
According to the base password and the differentiation password generation target password, the target password is entered with the setting code to prestore Row matching;
When the target password is consistent with the setting code, corresponding register is performed according to the target password.
2. cipher management method as claimed in claim 1, it is characterised in that described obtain distinguishes password corresponding to the platform Include before:
Different code names is respectively configured for different platform, the different code name is respectively set as corresponding to the different platform Distinguish password.
3. cipher management method as claimed in claim 1, it is characterised in that it is described according to the base password and it is described distinguish it is close Code generation target password, includes after the target password is matched with the setting code to prestore:
When the target password and the setting code are inconsistent, corresponding prompt message is exported.
4. the cipher management method as described in any one of claims 1 to 3, it is characterised in that it is described according to the base password and The differentiation password generation target password includes:
The base password is encrypted by key related Hash operation message authentication code HAMC AESs and is calculated First numerical value, and the differentiation password is encrypted by the HAMC AESs second value is calculated;
First numerical value and the second value are subjected to computing by the HAMC AESs and generate target password.
5. cipher management method as claimed in claim 4, it is characterised in that described to count first numerical value with described second Value carries out computing generation target password by the HAMC AESs to be included:
First numerical value and the second value are subjected to computing by the HAMC AESs and generate designated pin, is judged Whether the first of the designated pin is numeral;
If the first place of the designated pin is numeral, letter is revised as in the first place of the designated pin, will be described after modification Designated pin is set as target password.
6. a kind of Password Management device, it is characterised in that the Password Management device includes:
Acquisition module, for receiving the base password of user's input in the interface for password input of platform, and obtain the platform Corresponding differentiation password;
Matching module, for generating target password according to the base password and the differentiation password, by the target password and in advance The setting code deposited is matched;
Execution module, for when the target password is consistent with the setting code, being performed according to the target password corresponding Register.
7. Password Management device as claimed in claim 6, it is characterised in that the Password Management device also includes:
Setting module, for different code names to be respectively configured for different platform, the different code name is respectively set as described Password is distinguished corresponding to different platform.
8. Password Management device as claimed in claim 6, it is characterised in that the Password Management device also includes:
Output module, for when the target password and the setting code are inconsistent, exporting corresponding prompt message.
9. the Password Management device as described in any one of claim 6 to 8, it is characterised in that the matching module includes:
Computing unit, for being carried out by the related Hash operation message authentication code HAMC AESs of key to the base password Computations obtain the first numerical value, and by the HAMC AESs differentiation password are encrypted and to be calculated the Two numerical value;
Generation unit, for first numerical value and the second value to be carried out into computing generation by the HAMC AESs Target password.
10. Password Management device as claimed in claim 9, it is characterised in that the generation unit is additionally operable to, by described first Numerical value and the second value carry out computing by the HAMC AESs and generate designated pin, judge the designated pin Whether the first be numeral;
If the first place of the designated pin is numeral, letter is revised as in the first place of the designated pin, will be described after modification Designated pin is set as target password.
CN201710091767.3A 2017-02-20 2017-02-20 Cipher management method and device Pending CN107864034A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710091767.3A CN107864034A (en) 2017-02-20 2017-02-20 Cipher management method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710091767.3A CN107864034A (en) 2017-02-20 2017-02-20 Cipher management method and device

Publications (1)

Publication Number Publication Date
CN107864034A true CN107864034A (en) 2018-03-30

Family

ID=61699072

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710091767.3A Pending CN107864034A (en) 2017-02-20 2017-02-20 Cipher management method and device

Country Status (1)

Country Link
CN (1) CN107864034A (en)

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040025026A1 (en) * 2002-08-02 2004-02-05 Karp Alan H. System-specific passwords
CN101383709A (en) * 2008-10-17 2009-03-11 阿里巴巴集团控股有限公司 System and method enhancing safety of network account and cipher
CN102143190A (en) * 2011-05-11 2011-08-03 江汉大学 Safe login method and device
CN102170437A (en) * 2011-04-19 2011-08-31 上海众人网络安全技术有限公司 System and method for realizing Phishing identification based on challenge password token
CN103491062A (en) * 2012-06-13 2014-01-01 北京新媒传信科技有限公司 Method and device for generating password
CN104091134A (en) * 2014-07-16 2014-10-08 谭皓文 Password inputting method with combination of safety and convenience
CN104378334A (en) * 2013-08-15 2015-02-25 北京大学 Information processing method and system based on mobile device
CN104506557A (en) * 2015-01-07 2015-04-08 北京深思数盾科技有限公司 Method and device for managing login information
CN106257859A (en) * 2015-06-18 2016-12-28 黄瑞杰 A kind of password using method

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040025026A1 (en) * 2002-08-02 2004-02-05 Karp Alan H. System-specific passwords
CN101383709A (en) * 2008-10-17 2009-03-11 阿里巴巴集团控股有限公司 System and method enhancing safety of network account and cipher
CN102170437A (en) * 2011-04-19 2011-08-31 上海众人网络安全技术有限公司 System and method for realizing Phishing identification based on challenge password token
CN102143190A (en) * 2011-05-11 2011-08-03 江汉大学 Safe login method and device
CN103491062A (en) * 2012-06-13 2014-01-01 北京新媒传信科技有限公司 Method and device for generating password
CN104378334A (en) * 2013-08-15 2015-02-25 北京大学 Information processing method and system based on mobile device
CN104091134A (en) * 2014-07-16 2014-10-08 谭皓文 Password inputting method with combination of safety and convenience
CN104506557A (en) * 2015-01-07 2015-04-08 北京深思数盾科技有限公司 Method and device for managing login information
CN106257859A (en) * 2015-06-18 2016-12-28 黄瑞杰 A kind of password using method

Similar Documents

Publication Publication Date Title
CN106161359B (en) It authenticates the method and device of user, register the method and device of wearable device
CN107634832B (en) Character string encryption, verification method, device, computer readable storage medium
CN105307163B (en) A kind of safety communicating method and device
CN105898743B (en) A kind of method for connecting network, apparatus and system
CN101621794A (en) Method for realizing safe authentication of wireless application service system
CN108965222A (en) Identity identifying method, system and computer readable storage medium
CN101291223A (en) System and method for a third party to provide identity authentication service
CN106101064A (en) Account login method and device
CN1894882B (en) Authentication system
WO2016188127A1 (en) Virtual keyboard-based encryption method and apparatus
CN103684758A (en) User password mixing encryption method and system
CN104202163A (en) Password system based on mobile terminal
CN103905188A (en) Method for generating dynamic password through intelligent secret key device, and intelligent secret key device
CN105187382A (en) Multi-factor identity authentication method for preventing library collision attacks
CN106453321A (en) Authentication server, system and method, and to-be-authenticated terminal
JP6636265B2 (en) Computer application system and method for generating and restoring authentication code
CN113709115A (en) Authentication method and device
Singh et al. A 3-level multifactor Authentication scheme for cloud computing
JP2010517121A (en) User authentication system and method
CN110062383A (en) A kind of authentication method, terminal, certificate server, application server
CN105281899A (en) Apparatus and method for password authentication
CN102571341B (en) A kind of Verification System based on dynamic image and authentication method
CN107844290B (en) Software product design method and device based on data stream security threat analysis
CN107864034A (en) Cipher management method and device
EP2940618A1 (en) Method, system, user equipment and program for authenticating a user

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20180330