CN108965330A - A kind of account number safety guard method and system - Google Patents

A kind of account number safety guard method and system Download PDF

Info

Publication number
CN108965330A
CN108965330A CN201810980465.6A CN201810980465A CN108965330A CN 108965330 A CN108965330 A CN 108965330A CN 201810980465 A CN201810980465 A CN 201810980465A CN 108965330 A CN108965330 A CN 108965330A
Authority
CN
China
Prior art keywords
password
address
login
input
guard method
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201810980465.6A
Other languages
Chinese (zh)
Inventor
朱进强
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhengzhou Yunhai Information Technology Co Ltd
Original Assignee
Zhengzhou Yunhai Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhengzhou Yunhai Information Technology Co Ltd filed Critical Zhengzhou Yunhai Information Technology Co Ltd
Priority to CN201810980465.6A priority Critical patent/CN108965330A/en
Publication of CN108965330A publication Critical patent/CN108965330A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0838Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords

Abstract

The present invention relates to a kind of account number safety guard method and systems, which comprises the following steps: S1: whether verifying input password is correct, goes to step S2 if correct;Step S3 is gone to if incorrect;S2: login system;And terminate guard method;S3: continuing to show Password Input, and count the number of Password Input mistake in one minute, if Password Input errors number is more than three times, to go to step S4 in one minute;If Password Input is correct during being somebody's turn to do, step S2 is gone to;S4: increase the input mode of picture validation code, and send short message to user and remind.

Description

A kind of account number safety guard method and system
Technical field
The invention belongs to software testing technology fields, and in particular to a kind of account number safety guard method and system.
Background technique
Internet industry account number safety system is mostly and increases login authentication when there is abnormal behaviour to be protected at present, this Class verifying is general relatively simple, and it is most not will do it promptings, it is late when account holder has found, account already by It steals, account holder can not be given and reminded in time.This is in place of the deficiencies in the prior art.
Therefore, in view of the above-mentioned drawbacks in the prior art, provide and design a kind of account number safety guard method and system;With solution Drawbacks described above certainly in the prior art, is necessary.
Summary of the invention
It is an object of the present invention to design a kind of account number safety protection in view of the above-mentioned drawbacks of the prior art, providing Method and system, to solve the above technical problems.
To achieve the above object, the present invention provides following technical scheme:
A kind of account number safety guard method, which comprises the following steps:
S1: whether verifying input password is correct, goes to step S2 if correct;Step S3 is gone to if incorrect;
S2: login system;And terminate guard method;
S3: continue to show Password Input, and count the number of Password Input mistake in one minute, if Password Input in one minute Errors number is more than three times, then to go to step S4;If Password Input is correct during being somebody's turn to do, step S2 is gone to;
S4: increase the input mode of picture validation code, and send short message to user and remind.
Preferably, account method for security protection is further comprising the steps of:
S5: counting login times of the same IP address within the unit time, if the login times of the unit time interior IP address Beyond default login times, and login failure rate exceeds default login failure rate value, then assert the operation of the IP address for malice Operation sends short message to the whole accounts logged in by the IP address and reminds.
Preferably, the unit time is set as a hour in the step S5.
Preferably, default login times are set as 100 times in the step S5.
Preferably, default login failure rate value is set as 60% in the step S5.
The present invention should provide a kind of account number safety protection system characterized by comprising
The password of input is compared by password judgment module with the proper password in database, if input password is correct, It is normal to log in, otherwise issue logon error information;
Password Input errors number statistical module, the logon error information that statistics password judgment module is issued, record password are defeated Enter the number of mistake;
Timing module records the time;
Picture authentication module generates picture validation code, increases verifying login mode;
SMS transmission module sends short message to account user and reminds.
Preferably, account safety system further includes, the IP address statistical module of Password Input mistake, statistics is together Login times of one IP address within the unit time, if the login times of the IP address are beyond default login time in the unit time Number, and login failure rate exceeds default login failure rate value, then assert that the operation of the IP address is malicious operation, to passing through the IP Whole accounts of address registration send short message and remind.
The beneficial effects of the present invention are can remind, and can remind for batch account for single account.
Steal-number person hits library operation General System almost without defense, this system when targeted website occurs being hit library, can and When remind user, avoid losing.
In addition, design principle of the present invention is reliable, structure is simple, has very extensive application prospect.
It can be seen that compared with prior art, the present invention have substantive distinguishing features outstanding and it is significant ground it is progressive, implementation Beneficial effect be also obvious.
Detailed description of the invention
Fig. 1 is a kind of flow chart of account number safety guard method provided by the invention.
Specific embodiment
The present invention will be described in detail with reference to the accompanying drawing and by specific embodiment, and following embodiment is to the present invention Explanation, and the invention is not limited to following implementation.
Embodiment 1:
As shown in Figure 1, a kind of account number safety guard method provided by the invention, which comprises the following steps:
S1: whether verifying input password is correct, goes to step S2 if correct;Step S3 is gone to if incorrect;
S2: login system;And terminate guard method;
S3: continue to show Password Input, and count the number of Password Input mistake in one minute, if Password Input in one minute Errors number is more than three times, then to go to step S4;If Password Input is correct during being somebody's turn to do, step S2 is gone to;
S4: increase the input mode of picture validation code, and send short message to user and remind.
Preferably, account method for security protection is further comprising the steps of:
S5: counting login times of the same IP address within the unit time, if the login times of the unit time interior IP address Beyond default login times, and login failure rate exceeds default login failure rate value, then assert the operation of the IP address for malice Operation sends short message to the whole accounts logged in by the IP address and reminds.
In the present embodiment, in the step S5, the unit time is set as a hour.
In the present embodiment, in the step S5, default login times are set as 100 times.
In the present embodiment, in the step S5, default login failure rate value is set as 60%.
Embodiment 2:
A kind of account number safety provided by the invention protects system characterized by comprising
The password of input is compared by password judgment module with the proper password in database, if input password is correct, It is normal to log in, otherwise issue logon error information;
Password Input errors number statistical module, the logon error information that statistics password judgment module is issued, record password are defeated Enter the number of mistake;
Timing module records the time;
Picture authentication module generates picture validation code, increases verifying login mode;
SMS transmission module sends short message to account user and reminds.
In the present embodiment, account safety system further includes the IP address statistical module of Password Input mistake, statistics Login times of the same IP address within the unit time, if the login times of the IP address are logged in beyond default in the unit time Number, and login failure rate exceeds default login failure rate value, then assert that the operation of the IP address is malicious operation, to by being somebody's turn to do Whole accounts that IP address logs in send short message and remind.
Disclosed above is only the preferred embodiment of the present invention, but the present invention is not limited to this, any this field What technical staff can think does not have creative variation, and without departing from the principles of the present invention made by several improvement and Retouching, should all be within the scope of the present invention.

Claims (7)

1. a kind of account number safety guard method, which comprises the following steps:
S1: whether verifying input password is correct, goes to step S2 if correct;Step S3 is gone to if incorrect;
S2: login system;And terminate guard method;
S3: continue to show Password Input, and count the number of Password Input mistake in one minute, if Password Input in one minute Errors number is more than three times, then to go to step S4;If Password Input is correct during being somebody's turn to do, step S2 is gone to;
S4: increase the input mode of picture validation code, and send short message to user and remind.
2. a kind of according to claim 1, account number safety guard method, which is characterized in that account method for security protection It is further comprising the steps of:
S5: counting login times of the same IP address within the unit time, if the login times of the unit time interior IP address Beyond default login times, and login failure rate exceeds default login failure rate value, then assert the operation of the IP address for malice Operation sends short message to the whole accounts logged in by the IP address and reminds.
3. a kind of according to claim 2, account number safety guard method, which is characterized in that in the step S5, when unit Between be set as a hour.
4. a kind of according to claim 2 or 3, account number safety guard method, which is characterized in that in the step S5, in advance If login times are set as 100 times.
5. a kind of according to claim 4, account number safety guard method, which is characterized in that default to step in the step S5 Record failure rate value is set as 60%.
6. a kind of account number safety protects system characterized by comprising
The password of input is compared by password judgment module with the proper password in database, if input password is correct, It is normal to log in, otherwise issue logon error information;
Password Input errors number statistical module, the logon error information that statistics password judgment module is issued, record password are defeated Enter the number of mistake;
Timing module records the time;
Picture authentication module generates picture validation code, increases verifying login mode;
SMS transmission module sends short message to account user and reminds.
7. a kind of account number safety according to claim 6 protects system, which is characterized in that account safety system is also Including the IP address statistical module of Password Input mistake counts login times of the same IP address within the unit time, if single The login times of the IP address exceed default login times in the time of position, and login failure rate exceeds default login failure rate value, The operation for then assert the IP address is malicious operation, sends short message to the whole accounts logged in by the IP address and reminds.
CN201810980465.6A 2018-08-27 2018-08-27 A kind of account number safety guard method and system Pending CN108965330A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810980465.6A CN108965330A (en) 2018-08-27 2018-08-27 A kind of account number safety guard method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810980465.6A CN108965330A (en) 2018-08-27 2018-08-27 A kind of account number safety guard method and system

Publications (1)

Publication Number Publication Date
CN108965330A true CN108965330A (en) 2018-12-07

Family

ID=64474489

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810980465.6A Pending CN108965330A (en) 2018-08-27 2018-08-27 A kind of account number safety guard method and system

Country Status (1)

Country Link
CN (1) CN108965330A (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109922067A (en) * 2019-03-12 2019-06-21 深圳华盟工程再担保有限公司 A kind of big data Intelligent processing system based on guarantee circle
CN110955884A (en) * 2019-12-04 2020-04-03 中国银行股份有限公司 Method and device for determining upper limit times of password trial and error
CN111490973A (en) * 2020-03-08 2020-08-04 苏州浪潮智能科技有限公司 Network account security protection method and device
CN112685782A (en) * 2021-01-04 2021-04-20 浪潮云信息技术股份公司 Distributed login control method and system realized based on cache database
CN114205119A (en) * 2021-11-17 2022-03-18 南方电网数字电网研究院有限公司 Data security protection abnormal login corresponding method for power grid control platform
TWI774963B (en) * 2019-06-12 2022-08-21 遊戲橘子數位科技股份有限公司 How to force a password change

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090199272A1 (en) * 2008-02-06 2009-08-06 Arcot Systems, Inc. Authentication using a turing test to block automated attacks
CN102325062A (en) * 2011-09-20 2012-01-18 北京神州绿盟信息安全科技股份有限公司 Abnormal login detecting method and device
CN104468249A (en) * 2013-09-17 2015-03-25 深圳市腾讯计算机系统有限公司 Method and device for detecting abnormal account number
CN104796263A (en) * 2015-04-29 2015-07-22 百度在线网络技术(北京)有限公司 User identity authentication method and device
CN104811304A (en) * 2014-01-27 2015-07-29 腾讯科技(深圳)有限公司 Identity authentication method and device
CN106209862A (en) * 2016-07-14 2016-12-07 微梦创科网络科技(中国)有限公司 A kind of steal-number defence implementation method and device
CN106534214A (en) * 2016-12-29 2017-03-22 郑州云海信息技术有限公司 Router security authentication method, device and system
CN107040494A (en) * 2015-07-29 2017-08-11 深圳市腾讯计算机系统有限公司 User account exception prevention method and system
CN107911395A (en) * 2017-12-30 2018-04-13 世纪龙信息网络有限责任公司 Login validation method and system, computer-readable storage medium and equipment
CN107911396A (en) * 2017-12-30 2018-04-13 世纪龙信息网络有限责任公司 Log in method for detecting abnormality and system

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090199272A1 (en) * 2008-02-06 2009-08-06 Arcot Systems, Inc. Authentication using a turing test to block automated attacks
CN102325062A (en) * 2011-09-20 2012-01-18 北京神州绿盟信息安全科技股份有限公司 Abnormal login detecting method and device
CN104468249A (en) * 2013-09-17 2015-03-25 深圳市腾讯计算机系统有限公司 Method and device for detecting abnormal account number
CN104811304A (en) * 2014-01-27 2015-07-29 腾讯科技(深圳)有限公司 Identity authentication method and device
CN104796263A (en) * 2015-04-29 2015-07-22 百度在线网络技术(北京)有限公司 User identity authentication method and device
CN107040494A (en) * 2015-07-29 2017-08-11 深圳市腾讯计算机系统有限公司 User account exception prevention method and system
CN106209862A (en) * 2016-07-14 2016-12-07 微梦创科网络科技(中国)有限公司 A kind of steal-number defence implementation method and device
CN106534214A (en) * 2016-12-29 2017-03-22 郑州云海信息技术有限公司 Router security authentication method, device and system
CN107911395A (en) * 2017-12-30 2018-04-13 世纪龙信息网络有限责任公司 Login validation method and system, computer-readable storage medium and equipment
CN107911396A (en) * 2017-12-30 2018-04-13 世纪龙信息网络有限责任公司 Log in method for detecting abnormality and system

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109922067A (en) * 2019-03-12 2019-06-21 深圳华盟工程再担保有限公司 A kind of big data Intelligent processing system based on guarantee circle
TWI774963B (en) * 2019-06-12 2022-08-21 遊戲橘子數位科技股份有限公司 How to force a password change
CN110955884A (en) * 2019-12-04 2020-04-03 中国银行股份有限公司 Method and device for determining upper limit times of password trial and error
CN110955884B (en) * 2019-12-04 2022-02-08 中国银行股份有限公司 Method and device for determining upper limit times of password trial and error
CN111490973A (en) * 2020-03-08 2020-08-04 苏州浪潮智能科技有限公司 Network account security protection method and device
CN112685782A (en) * 2021-01-04 2021-04-20 浪潮云信息技术股份公司 Distributed login control method and system realized based on cache database
CN114205119A (en) * 2021-11-17 2022-03-18 南方电网数字电网研究院有限公司 Data security protection abnormal login corresponding method for power grid control platform
CN114205119B (en) * 2021-11-17 2023-11-21 南方电网数字电网研究院有限公司 Data security protection abnormal login corresponding method for power grid control platform

Similar Documents

Publication Publication Date Title
CN108965330A (en) A kind of account number safety guard method and system
WO2015043491A1 (en) Method and system for performing security verification on login of internet account
CN109802941A (en) A kind of login validation method, device, storage medium and server
CN104811449B (en) Storehouse attack method and system are hit in detection
US8863260B2 (en) Enhancing password protection
CN101207487B (en) User authentication system and method for detecting and controlling fraudulent login behavior
Hao et al. Understanding the domain registration behavior of spammers
US8572736B2 (en) System and method for detecting behavior anomaly in information access
US8788419B2 (en) Method and system for mitigating risk of fraud in internet banking
CN105913257A (en) System And Method For Detecting Fraudulent Online Transactions
CN105528535A (en) Log information based user behavior analysis method and apparatus
US8793778B2 (en) System for providing trusted user access of computer systems
CN110519208B (en) Anomaly detection method, device and computer readable medium
US20170134362A1 (en) Detection of anomalous authentication attempts in a client-server architecture
CN106603555A (en) Method and device for preventing library-hit attacks
CN108259497B (en) System and method for fuel dispenser security
CN108629206B (en) Secure encryption method, encryption machine and terminal equipment
CN108989118A (en) A kind of privately owned block chain deployment tool of enterprise-level based on GO language
WO2020000744A1 (en) Deduplication traffic prompting method and apparatus, and server and storage medium
CN110417747A (en) A kind of detection method and device of Brute Force behavior
CN111131221A (en) Interface checking device, method and storage medium
CN109409113A (en) A kind of electric network data safety protecting method and distributed power grid data safety guard system
US7036148B2 (en) Method of operating an intrusion detection system according to a set of business rules
CN111490973A (en) Network account security protection method and device
CN106027564A (en) Method and device for detecting security of anti-crawler strategy

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20181207