CN109117618A - A kind of secure log control method, apparatus and system - Google Patents
A kind of secure log control method, apparatus and system Download PDFInfo
- Publication number
- CN109117618A CN109117618A CN201810922556.4A CN201810922556A CN109117618A CN 109117618 A CN109117618 A CN 109117618A CN 201810922556 A CN201810922556 A CN 201810922556A CN 109117618 A CN109117618 A CN 109117618A
- Authority
- CN
- China
- Prior art keywords
- log
- login
- client
- message
- time
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
- G06F21/46—Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Information Transfer Between Computers (AREA)
Abstract
This application discloses a kind of secure log control methods, apparatus and system.In the technical solution of the application, pass through the comparison of setting preset interval and front and back log-on message twice, control the login of client user, the personal information for avoiding a kind of login mode overlong time and other people being made to steal user, ensure the information security of user to a certain extent, can also be further ensured that the property safety of user.
Description
Technical field
This application involves field of information security technology more particularly to a kind of secure log control methods, apparatus and system.
Background technique
The increasingly raising of people's quality of life promotes many convenient application software to come into being.These softwares can make
The people, which stay indoors, can realize various life requirements, for example, shopping online, Online Payment, online enquiries information etc..But
For these application software while providing convenient for people, there is also the security risks of leakage user information.
Currently, many application software are all made that many safeguard measures for higher safety, wherein be most generally
The login password of user is set.Other than numerical ciphers, user can also set the gesture of oneself in application software in advance
Or fingerprint gesture or fingerprint can be used to carry out verifying login when user logs on application software.This mode can be with
Guarantee that application software is unlocked by the user with password to log in, the user without password can not log in, and then ensure that use
The information security at family.
However, still there is security risks for above situation.For example, user setting it is good oneself gesture login password with
Afterwards, if application software allows user to log in using gesture always, once the gesture information of user is replicated by other people,
Then other people can carry out always register by the gesture, and information of such user in application software still can be let out
Dew, it is serious also to will cause property loss.Therefore, how application software is safely logged in, prevents information leakage from becoming in the industry urgently
Problem to be solved.
Summary of the invention
This application provides a kind of secure log control methods, apparatus and system, can safely log in application software, prevent
Only user information is revealed.
On the one hand, the application provides a kind of secure log control method, comprising:
The logging request of reception client and this login time and this log-on message, the login time include
The year, month, day, hour, min of login and second, the log-on message include IP, equipment unique identification, the device screen point that user logs in
Resolution, equipment brand and device model;
According to the logging request, obtain the client a preceding login time and a preceding log-on message;
Judge the interval between this described login time and a preceding login time whether within preset interval;
If being spaced within preset interval between this login time and a preceding login time, judges that this is stepped on
It records information and whether a preceding log-on message is identical;
If this log-on message is identical as a preceding log-on message, client is allowed to log in;
If this log-on message and a preceding log-on message be not identical, log-on message failure reminds client to use
Password login;
If the interval between this login time and a preceding login time is not within preset interval, log-on message
Failure reminds client to use password login.
Optionally, if this described log-on message is identical as a preceding log-on message, allow the step of client login
Suddenly include:
If this log-on message is identical as a preceding log-on message, the login mode of client is obtained;
Judge that the login mode of the client logs in for gesture or fingerprint logs in;
If the login mode of the client is gesture login, client is allowed to log in using gesture;
If the login mode of the client is fingerprint login, client is allowed to log in using fingerprint.
Optionally, the control method further include:
Obtain the login frequency of client;
If this log-on message is identical as a preceding log-on message, judge whether the login frequency is more than default frequency
Rate;
If the login frequency is less than the predeterminated frequency, client is allowed to log in;
If the login frequency is more than the predeterminated frequency, log-on message failure reminds client to step on using password
Record.
Optionally, the log-on message failure, reminds client to use after password login, further includes:
Obtain password login request and the encrypted message of client;
It is requested according to the password login, obtains client preset password information;
Judge whether the encrypted message is identical as the preset password information;
If the encrypted message is identical as the preset password information, client is allowed to log in;
If the encrypted message and the preset password information be not identical, remind client re-enter password or
Give password for change.
Optionally, after the permission client logs in, further includes:
Timing acquisition login time;
Judge whether the login time is more than preset time;
If the login time is more than the preset time, client is reminded to verify login again.
Second aspect, the application provide a kind of secure log control device, comprising:
Receiving unit, it is described for receiving the logging request and this login time and this log-on message of client
Login time includes the year, month, day, hour, min logged in and second, the log-on message include user log in IP, equipment uniquely marks
Knowledge, device screen resolution ratio, equipment brand and device model;
Acquiring unit, for according to the logging request, obtaining the preceding login time of the client and preceding primary
Log-on message;
Judging unit, for judging the interval between this described login time and a preceding login time whether default
Within interval;
If being spaced within preset interval between this login time and a preceding login time, judges that this is stepped on
It records information and whether a preceding log-on message is identical;
If this log-on message is identical as a preceding log-on message, client is allowed to log in;
If this log-on message and a preceding log-on message be not identical, log-on message failure reminds client to use
Password login;
If the interval between this login time and a preceding login time is not within preset interval, log-on message
Failure reminds client to use password login.
Optionally, the judging unit is also used to,
If this log-on message is identical as a preceding log-on message, the login mode of client is obtained;
Judge that the login mode of the client logs in for gesture or fingerprint logs in;
If the login mode of the client is gesture login, client is allowed to log in using gesture;
If the login mode of the client is fingerprint login, client is allowed to log in using fingerprint.
Optionally, the control device further include:
Frequency acquisition unit is logged in, for obtaining the login frequency of client;
If this log-on message is identical as a preceding log-on message, judge whether the login frequency is more than default frequency
Rate;
If the login frequency is less than the predeterminated frequency, client is allowed to log in;
If the login frequency is more than the predeterminated frequency, log-on message failure reminds client to step on using password
Record.
Optionally, the control device further include:
Password login request unit, the password login for obtaining client is requested and encrypted message;
It is requested according to the password login, obtains client preset password information;
Judge whether the encrypted message is identical as the preset password information;
If the encrypted message is identical as the preset password information, client is allowed to log in;
If the encrypted message and the preset password information be not identical, remind client re-enter password or
Give password for change.
Optionally, the control device further include:
Time acquisition unit is used for timing acquisition login time;
Judge whether the login time is more than preset time;
If the login time is more than the preset time, client is reminded to verify login again.
The third aspect, the application also provide a kind of secure log control system, including client and logical with the client
Believe the server of connection;
The client, for sending logging request and this login time and this login letter to the server
Breath, the login time include the year, month, day, hour, min logged in and second, and the log-on message includes IP, the equipment that user logs in
Unique identification, device screen resolution ratio, equipment brand and device model;
The server, for receiving the logging request and this login time and this log-on message of client;
According to the logging request, obtain the client a preceding login time and a preceding log-on message;
Judge the interval between this described login time and a preceding login time whether within preset interval;
If being spaced within preset interval between this login time and a preceding login time, judges that this is stepped on
It records information and whether a preceding log-on message is identical;
If this log-on message is identical as a preceding log-on message, client is allowed to log in;
If this log-on message and a preceding log-on message be not identical, log-on message failure reminds client to use
Password login;
If the interval between this login time and a preceding login time is not within preset interval, log-on message
Failure reminds client to use password login.
From the above technical scheme, the technical solution of the application is by being arranged preset interval and front and back log-on message twice
Comparison, control the login of client user, avoid a kind of login mode overlong time and the individual that makes other people steal user
Information ensures the information security of user to a certain extent, can also be further ensured that the property safety of user.
Detailed description of the invention
In order to illustrate more clearly of the technical solution of the application, attached drawing needed in case study on implementation will be made below
Simply introduce, it should be apparent that, for those of ordinary skills, in the premise of not making the creative labor property
Under, it is also possible to obtain other drawings based on these drawings.
Fig. 1 is a kind of flow chart of the first embodiment of secure log control method provided by the embodiments of the present application;
Fig. 2 is a kind of flow chart of the second embodiment of secure log control method provided by the embodiments of the present application;
Fig. 3 is a kind of flow chart of the 3rd embodiment of secure log control method provided by the embodiments of the present application;
Fig. 4 is a kind of flow chart of the fourth embodiment of secure log control method provided by the embodiments of the present application;
Fig. 5 is a kind of flow chart of 5th embodiment of secure log control method provided by the embodiments of the present application;
Fig. 6 is a kind of structural block diagram of secure log control device provided by the embodiments of the present application;
Fig. 7 is a kind of schematic diagram of secure log control system provided by the embodiments of the present application.
Specific embodiment
In order to make those skilled in the art better understand the technical solutions in the application, below in conjunction with attached drawing, it is right
Technical solution in the embodiment of the present application is clearly and completely described.
Referring to Fig. 1, the embodiment of the present application provides a kind of first embodiment of secure log control method, the control method
Include:
Step 101, the logging request and this login time and this log-on message of client, the login are received
Time includes the year, month, day, hour, min logged in and second, and the log-on message includes the IP of user's login, equipment unique identification, sets
Standby screen resolution, equipment brand and device model.XX divides XX seconds when login time can recorde as XX XX month XX day XX, if
Standby unique identification is used to marking arrangement, and the specific uniquely tagged of each equipment oneself, to distinguish, specifically, equipment can
Think any mobile phone that can install client, tablet computer or computer etc..
Step 102, according to the logging request, the preceding login time and preceding primary login letter of the client are obtained
Breath.The login each time of client can all record in the server, login letter including login time each time and each time
Breath can obtain previous login time and log-on message and be compared with this, to be stepped on when this login
Record control.
Step 103, judge the interval between this described login time and a preceding login time whether in preset interval
Within.Preset interval can usually use the set of frequency of client according to user, can also preset a fixed interval, such as
Preset interval can be set to 1 day, 1 week or 1 year, can will be pre- if user is excessively high using the frequency of client
If it is spaced shorter, such as 1 day or 2 days, if user uses the underfrequency of client, between can presetting
Every the longer of setting, such as 1 week, or it is arranged according to the use habit of user and is spaced.Preset interval can also be at any time
Adjustment, such as current preset interval are 1 day, when detecting that the frequency of use after user is too low, then between can presetting
It was 1 week every readjusting.Preset interval is adjusted, and then controls user and is logged in different login modes, avoids it
The login mode and log-on message that other people obtain user log in client, guarantee information and assets peace of the user in client
Entirely.
Step 104, if being spaced within preset interval between this login time and a preceding login time, sentences
Whether this log-on message of breaking and a preceding log-on message are identical.The purpose that preset interval is arranged in the application is to control user
Login mode, so the login time that will obtain a preceding user is compared when user logs in each time, judgement is twice
Whether the time interval of login is between preset interval, for example, a preceding login time is on August 1st, 2018, when this is logged in
Between be on August 7th, 2018, then the time interval logged in twice be 6 days, if preset interval be 1 week, user this login
With the preceding time interval once logged within preset interval, if preset interval is 3 days, user this log in it is preceding primary
The time interval of login is not between preset interval, further, when login time can also be got, point and the second, such as
30 divide 15 seconds on August 1,9 2018, and judgment mode is as before.
Step 105, if this log-on message is identical as a preceding log-on message, client is allowed to log in.At this
Log in the preceding time interval once logged in meet condition, i.e., within preset interval when, need further to compare stepping on for this
Information and previous log-on message are recorded, since log-on message is the important information for judging user, so when information is inconsistent,
Server will not allow user to log in, avoid other users malice log in the case where, in addition, if user using other equipment into
Row logs in, and server is also not allow, and avoids the information of other equipment record user, user information is made to be easy leakage.So only
Have and is spaced within preset interval with a preceding login time and this log-on message and previous log-on message at this
When identical, server can just allow client to log in.
Step 106, if this log-on message and a preceding log-on message be not identical, visitor is reminded in log-on message failure
Family end uses password login.This log-on message and a preceding log-on message be not identical, it may be possible to which this user logged in logs in
IP, equipment unique identification, device screen resolution ratio, one therein or several of equipment brand and device model with it is previous
Secondary is not identical, for example, this is logged in and the preceding user's login IP once logged in is not identical, but other information is identical, service
Device will not allow client to log in.When log-on message twice is not identical, it is believed that this log-on message failure, Yong Huxu
Again it to log in, also, be logged in using password preset before client, to be ensured of the register of user.
Step 107, if the interval between this login time and a preceding login time is not within preset interval,
Log-on message failure, reminds client to use password login.If the time interval logged in twice is more than preset interval, directly
It can be determined that this log-on message fails, user needs to log in again using password.
It is worth noting that after user is logged in again using password, server can when server determines log-on message failure
To reset the preset interval of client, or the log-on message of user is updated, so that the login mode of client is changeable, protected
Demonstrate,prove the safety of user information.
Secure log control method provided by the embodiments of the present application, by the way that preset interval and front and back log-on message twice is arranged
Comparison, control the login of client user, avoid a kind of login mode overlong time and the individual that makes other people steal user
Information ensures the information security of user to a certain extent, can also be further ensured that the property safety of user.
Referring to fig. 2, the embodiment of the present application provides a kind of second embodiment of secure log control method, the second embodiment
It is different from the first embodiment in, if this described log-on message is identical as a preceding log-on message, allows client
End log in the step of include:
Step 201, if this log-on message is identical as a preceding log-on message, the login mode of client is obtained.
User logs in the mode of client, further includes that gesture logs in and fingerprint login other than password login.Gesture refers in screen
Upper corresponding position sliding finger draws fixed shape, and gesture logs in the shape and preset shape that this draws by comparing user
Whether shape is identical, if identical, user is allowed to log in;Fingerprint, which logs in, refers to that this fingerprint of input is by comparing user
It is no identical as preset fingerprint, if identical, user is allowed to log in.In addition, preset shape can may be for one
It is multiple, preset fingerprint can for a specified finger may be multiple fingers fingerprint, when comparing, if gesture or
Fingerprint and preset gesture or fingerprint have one it is identical, so that it may allow user to log in.
Step 202, judge that the login mode of the client logs in for gesture or fingerprint logs in.When user carries out gesture
When login, the sliding finger on the login interface of client is needed to draw shape;When user carries out fingerprint login, need in visitor
Fingerprint is inputted on the login interface at family end.
Step 203, if the login mode of the client is gesture login, client is allowed to log in using gesture;
Step 204, if the login mode of the client is fingerprint login, client is allowed to log in using fingerprint.
Secure log control method provided by the embodiments of the present application can carry out phase according to user in the selection of client
The login of mode is answered, including gesture logs in and fingerprint logs in, and guarantees the safety that user logs in, and guarantees user information in client
Safety.
Referring to Fig. 3, the embodiment of the present application provides a kind of 3rd embodiment of secure log control method, the 3rd embodiment
On the basis of first embodiment, further includes:
Step 301, the login frequency of client is obtained.In the 3rd embodiment of the application, logging in frequency is also to influence visitor
One of the reason of family end subscriber secure log.
Step 302, if this log-on message is identical as a preceding log-on message, judge whether the login frequency surpasses
Cross predeterminated frequency.It is spaced within preset interval in this and the previous time login, this log-on message and a preceding log-on message
In identical situation, the login frequency that can also obtain user further judges, logging in frequency can be using user at one section
In login times indicate that a period of time here can be 1 day, 2 days or 1 week etc..Predeterminated frequency be in order to
The number for controlling the login of user, avoids frequently logging on, causes information leakage, the predeterminated frequency in the embodiment of the present application can be set
Be set to three times a day, week 50 times etc., in addition, a period of time described in the embodiment of the present application should be opened from this login
Begin this login pervious a period of time calculated, for example, this is logged in pervious 3 days, this logs in pervious 1 week
It is interior etc..
Step 303, if the login frequency is less than the predeterminated frequency, client is allowed to log in.If user
Login frequency be not above preset frequency, illustrate user log in it is not frequent, can permit user log in.
Step 304, if the login frequency is more than the predeterminated frequency, log-on message failure reminds client to make
Use password login.If client logs in excessively frequent, however not excluded that there is the case where other people maliciously obtain user information, so,
When client login is excessively frequent, it is believed that log-on message failure, this login failure remind the user of operation client
It is logged in using password.
It is worth noting that in the application 3rd embodiment, if log-on message fails, after user uses password login,
Server needs to reset the preset interval of client, or resets the predeterminated frequency of client, can be also to adopt again
Collect the gesture and fingerprint of user, update log-on message, prevent other than actual user other people maliciously obtain the information of user.
The secure log control method provided in the application 3rd embodiment is comparing this between a preceding login time
Every on the basis of log-on message, the login frequency and predeterminated frequency of user are also compared, is less than predeterminated frequency logging in frequency
In the case of, just client user is allowed to log in, in this way, can further control login, more guarantees the peace that user logs in
Quan Xing.
Referring to fig. 4, the embodiment of the present application provides a kind of fourth embodiment of secure log control method, the fourth embodiment
On the basis of first embodiment, further includes:
Step 401, password login request and the encrypted message of client are obtained.When server reminds client user
After password login, the login password of user's input is obtained.
Step 402, it is requested according to the password login, obtains client preset password information.Obtain the close of user's input
After code, the preset password of client is also obtained again, by comparison preset password and input password, further determine whether to permit
Perhaps client user logs in.
Step 403, judge whether the encrypted message is identical as the preset password information.
Step 404, if the encrypted message is identical as the preset password information, client is allowed to log in.User
The encrypted message of input is identical as preset password information, illustrates that user's input password is correct, server allows client user to step on
Record.
Step 405, if the encrypted message and the preset password information be not identical, client is reminded to re-enter
Password gives password for change.If user inputs password mistake, need that user is reminded to re-enter password, if user forgets
Password can also give password for change using password retrieval function, log in again.
It is worth noting that the password in the embodiment of the present application is more than or equal to 6 numbers, English alphabet and set of symbols
At digit is more, and safety is higher, is less susceptible to be obtained by other people.
The application fourth embodiment provide secure log control method, remind client user use password login with
Afterwards, the password and preset password that also obtain user's input compare, if the password of input is identical as preset password, allow visitor
Family end subscriber logs in, and otherwise provides user and re-enters or give for change password, is conducive to log in user the multiple guarantor of progress in this way
Barrier, ensures information security.
Referring to Fig. 5, the embodiment of the present application provides a kind of the 5th embodiment of secure log control method, the 5th embodiment
On the basis of first embodiment, comprising:
Step 501, timing acquisition login time.The 5th embodiment of the application also provides a kind of login time protection mechanism,
After user successfully logs in client, the login time of timing acquisition user, the time of timing can be 1 hour, 2 hours etc.
Deng, if login time is less than timing, may determine that for login time it is reasonable, it is not necessary to carry out overtime login process.
Step 502, judge whether the login time is more than preset time.When user is when logging in, when the login of acquisition
Between when being less than preset time, also may determine that for login time it is reasonable, it is not necessary to carry out overtime login process, preset time is pre-
The control time for the overtime login process being first arranged, preset time can be 1 hour, 30 minutes etc..
Step 503, if the login time is more than the preset time, client is reminded to verify login again.Such as
The login time of fruit user is more than preset time, then carries out overtime login process to user, can be and force under client user
Line reminds client to verify identity etc. again, if user's checking success, can continue to use client.
The method for the secure log that the 5th embodiment of the application provides can be with after user successfully logs in client
The login time of user is supervised, if user's login time is too long, user's checking identity again can be reminded, so as to
It continues to use, is conducive to the multiple protective logged in user in this way, in addition, the method that user verifies identity again can be input
Password, input gesture or input fingerprint are one such.
Referring to Fig. 6, the embodiment of the present application provides a kind of structural block diagram of secure log control device, comprising:
Receiving unit 61, for receiving the logging request and this login time and this log-on message of client, institute
State login time include log in year, month, day, hour, min and the second, the log-on message include user log in IP, equipment it is unique
Mark, device screen resolution ratio, equipment brand and device model;
Acquiring unit 62, for according to the logging request, obtaining the preceding login time of the client and previous
Secondary log-on message;
Judging unit 63, for judging the interval between this described login time and a preceding login time whether pre-
If within interval;
If being spaced within preset interval between this login time and a preceding login time, judges that this is stepped on
It records information and whether a preceding log-on message is identical;
If this log-on message is identical as a preceding log-on message, client is allowed to log in;
If this log-on message and a preceding log-on message be not identical, log-on message failure reminds client to use
Password login;
If the interval between this login time and a preceding login time is not within preset interval, log-on message
Failure reminds client to use password login.
Optionally, the judging unit 63 is also used to,
If this log-on message is identical as a preceding log-on message, the login mode of client is obtained;
Judge that the login mode of the client logs in for gesture or fingerprint logs in;
If the login mode of the client is gesture login, client is allowed to log in using gesture;
If the login mode of the client is fingerprint login, client is allowed to log in using fingerprint.
Optionally, the control device further include:
Frequency acquisition unit is logged in, for obtaining the login frequency of client;
If this log-on message is identical as a preceding log-on message, judge whether the login frequency is more than default frequency
Rate;
If the login frequency is less than the predeterminated frequency, client is allowed to log in;
If the login frequency is more than the predeterminated frequency, log-on message failure reminds client to step on using password
Record.
Optionally, the control device further include:
Password login request unit, the password login for obtaining client is requested and encrypted message;
It is requested according to the password login, obtains client preset password information;
Judge whether the encrypted message is identical as the preset password information;
If the encrypted message is identical as the preset password information, client is allowed to log in;
If the encrypted message and the preset password information be not identical, remind client re-enter password or
Give password for change.
Optionally, the control device further include:
Time acquisition unit is used for timing acquisition login time;
Judge whether the login time is more than preset time;
If the login time is more than the preset time, client is reminded to verify login again.
Referring to Fig. 7, the embodiment of the present application provides a kind of secure log control system, including client 71 and with the client
The server 72 of 71 communication connection of end;
The client 71 is stepped on for sending logging request and this login time to the server 72 with this
Record information, the login time include log in year, month, day, hour, min and the second, the log-on message include user log in IP,
Equipment unique identification, device screen resolution ratio, equipment brand and device model;
The server 72, for receiving the logging request and this login time and this log-on message of client;
According to the logging request, obtain the client a preceding login time and a preceding log-on message;
Judge the interval between this described login time and a preceding login time whether within preset interval;
If being spaced within preset interval between this login time and a preceding login time, judges that this is stepped on
It records information and whether a preceding log-on message is identical;
If this log-on message is identical as a preceding log-on message, client is allowed to log in;
If this log-on message and a preceding log-on message be not identical, log-on message failure reminds client to use
Password login;
If the interval between this login time and a preceding login time is not within preset interval, log-on message
Failure reminds client to use password login.
From the above technical scheme, the application provides a kind of secure log control method, apparatus and system, and server connects
The logging request of receipts client and this login time and this log-on message;According to logging request, before obtaining client
Login time and a preceding log-on message;Judge interval between this login time and a preceding login time whether
Within preset interval;If being spaced within preset interval between this login time and a preceding login time, judges
Whether this log-on message and a preceding log-on message are identical;If this log-on message is identical as a preceding log-on message,
Client is allowed to log in;If this log-on message and a preceding log-on message be not identical, client is reminded in log-on message failure
End uses password login;If the interval between this login time and a preceding login time not within preset interval,
Log-on message failure, reminds client to use password login.In the technical solution of the application, pass through setting preset interval and front and back
The comparison of log-on message twice controls the login of client user, avoids a kind of login mode overlong time and steals other people
The personal information at family is taken, ensures the information security of user to a certain extent, can also be further ensured that the property safety of user.
The application can be used in numerous general or special purpose computing system environments or configuration.Such as: personal computer, service
Device computer, handheld device or portable device, laptop device, multicomputer system, microprocessor-based system, top set
Box, programmable consumer-elcetronics devices, network PC, minicomputer, mainframe computer, including any of the above system or equipment
Distributed computing environment etc..
The application can describe in the general context of computer-executable instructions executed by a computer, such as program
Module.Generally, program module includes routines performing specific tasks or implementing specific abstract data types, programs, objects, group
Part, data structure etc..The application can also be practiced in a distributed computing environment, in these distributed computing environments, by
Task is executed by the connected remote processing devices of communication network.In a distributed computing environment, program module can be with
In the local and remote computer storage media including storage equipment.
Those skilled in the art will readily occur to its of the application after considering specification and practicing application disclosed herein
Its embodiment.This application is intended to cover any variations, uses, or adaptations of the application, these modifications, purposes or
Person's adaptive change follows the general principle of the application and including the undocumented common knowledge in the art of the application
Or conventional techniques.The description and examples are only to be considered as illustrative, and the true scope and spirit of the application are by following
Claim is pointed out.
It should be understood that the application is not limited to the precise structure that has been described above and shown in the drawings, and
And various modifications and changes may be made without departing from the scope thereof.Scope of the present application is only limited by the accompanying claims.
Claims (11)
1. a kind of secure log control method characterized by comprising
The logging request of reception client and this login time and this log-on message, the login time include logging in
Year, month, day, hour, min and the second, the log-on message include user log in IP, equipment unique identification, device screen differentiate
Rate, equipment brand and device model;
According to the logging request, obtain the client a preceding login time and a preceding log-on message;
Judge the interval between this described login time and a preceding login time whether within preset interval;
If being spaced within preset interval between this login time and a preceding login time, judge that this logs in letter
Whether breath and a preceding log-on message are identical;
If this log-on message is identical as a preceding log-on message, client is allowed to log in;
If this log-on message and a preceding log-on message be not identical, log-on message failure reminds client to use password
It logs in;
If the interval between this login time and a preceding login time, not within preset interval, log-on message is lost
Effect reminds client to use password login.
2. control method according to claim 1, which is characterized in that if this described log-on message and preceding primary login
The step of information is identical, then allows client to log in include:
If this log-on message is identical as a preceding log-on message, the login mode of client is obtained;
Judge that the login mode of the client logs in for gesture or fingerprint logs in;
If the login mode of the client is gesture login, client is allowed to log in using gesture;
If the login mode of the client is fingerprint login, client is allowed to log in using fingerprint.
3. control method according to claim 1, which is characterized in that the control method further include:
Obtain the login frequency of client;
If this log-on message is identical as a preceding log-on message, judge whether the login frequency is more than predeterminated frequency;
If the login frequency is less than the predeterminated frequency, client is allowed to log in;
If the login frequency is more than the predeterminated frequency, log-on message failure reminds client to use password login.
4. control method according to claim 1, which is characterized in that the log-on message failure reminds client to use
After password login, further includes:
Obtain password login request and the encrypted message of client;
It is requested according to the password login, obtains client preset password information;
Judge whether the encrypted message is identical as the preset password information;
If the encrypted message is identical as the preset password information, client is allowed to log in;
If the encrypted message and the preset password information be not identical, client is reminded to re-enter password or give for change
Password.
5. control method according to claim 1, which is characterized in that after the permission client logs in, further includes:
Timing acquisition login time;
Judge whether the login time is more than preset time;
If the login time is more than the preset time, client is reminded to verify login again.
6. a kind of secure log control device characterized by comprising
Receiving unit, for receiving the logging request and this login time and this log-on message of client, the login
Time includes the year, month, day, hour, min logged in and second, and the log-on message includes the IP of user's login, equipment unique identification, sets
Standby screen resolution, equipment brand and device model;
Acquiring unit, for according to the logging request, obtain the client a preceding login time and preceding primary login
Information;
Judging unit, for judging the interval between this described login time and a preceding login time whether in preset interval
Within;
If being spaced within preset interval between this login time and a preceding login time, judge that this logs in letter
Whether breath and a preceding log-on message are identical;
If this log-on message is identical as a preceding log-on message, client is allowed to log in;
If this log-on message and a preceding log-on message be not identical, log-on message failure reminds client to use password
It logs in;
If the interval between this login time and a preceding login time, not within preset interval, log-on message is lost
Effect reminds client to use password login.
7. control device according to claim 6, which is characterized in that the judging unit is also used to,
If this log-on message is identical as a preceding log-on message, the login mode of client is obtained;
Judge that the login mode of the client logs in for gesture or fingerprint logs in;
If the login mode of the client is gesture login, client is allowed to log in using gesture;
If the login mode of the client is fingerprint login, client is allowed to log in using fingerprint.
8. control device according to claim 6, which is characterized in that the control device further include:
Frequency acquisition unit is logged in, for obtaining the login frequency of client;
If this log-on message is identical as a preceding log-on message, judge whether the login frequency is more than predeterminated frequency;
If the login frequency is less than the predeterminated frequency, client is allowed to log in;
If the login frequency is more than the predeterminated frequency, log-on message failure reminds client to use password login.
9. control device according to claim 6, which is characterized in that the control device further include:
Password login request unit, the password login for obtaining client is requested and encrypted message;
It is requested according to the password login, obtains client preset password information;
Judge whether the encrypted message is identical as the preset password information;
If the encrypted message is identical as the preset password information, client is allowed to log in;
If the encrypted message and the preset password information be not identical, client is reminded to re-enter password or give for change
Password.
10. control device according to claim 6, which is characterized in that the control device further include:
Time acquisition unit is used for timing acquisition login time;
Judge whether the login time is more than preset time;
If the login time is more than the preset time, client is reminded to verify login again.
11. a kind of secure log control system, which is characterized in that including client and the service being connect with the client communication
Device;
The client, for sending logging request and this login time and this log-on message, institute to the server
State login time include log in year, month, day, hour, min and the second, the log-on message include user log in IP, equipment it is unique
Mark, device screen resolution ratio, equipment brand and device model;
The server, for receiving the logging request and this login time and this log-on message of client;
According to the logging request, obtain the client a preceding login time and a preceding log-on message;
Judge the interval between this described login time and a preceding login time whether within preset interval;
If being spaced within preset interval between this login time and a preceding login time, judge that this logs in letter
Whether breath and a preceding log-on message are identical;
If this log-on message is identical as a preceding log-on message, client is allowed to log in;
If this log-on message and a preceding log-on message be not identical, log-on message failure reminds client to use password
It logs in;
If the interval between this login time and a preceding login time, not within preset interval, log-on message is lost
Effect reminds client to use password login.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810922556.4A CN109117618A (en) | 2018-08-14 | 2018-08-14 | A kind of secure log control method, apparatus and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810922556.4A CN109117618A (en) | 2018-08-14 | 2018-08-14 | A kind of secure log control method, apparatus and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109117618A true CN109117618A (en) | 2019-01-01 |
Family
ID=64852405
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810922556.4A Pending CN109117618A (en) | 2018-08-14 | 2018-08-14 | A kind of secure log control method, apparatus and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109117618A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109815687A (en) * | 2019-03-18 | 2019-05-28 | 北京智明星通科技股份有限公司 | Account management method and device |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130326607A1 (en) * | 2012-06-05 | 2013-12-05 | Alibaba Group Holding Limited | Method, Apparatus and System of Controlling Remote Login |
| CN104125267A (en) * | 2014-06-25 | 2014-10-29 | 小米科技有限责任公司 | Account protection method, device and terminal equipment |
| CN104468589A (en) * | 2014-12-12 | 2015-03-25 | 上海斐讯数据通信技术有限公司 | Method and system for achieving lightweight-level conversation |
| CN105099676A (en) * | 2014-04-18 | 2015-11-25 | 阿里巴巴集团控股有限公司 | User login method, user terminal and server |
| CN106372470A (en) * | 2016-08-30 | 2017-02-01 | 维沃移动通信有限公司 | Method for reminding of inputting password and mobile terminal |
| CN106878335A (en) * | 2017-03-28 | 2017-06-20 | 武汉斗鱼网络科技有限公司 | A kind of method and system for login authentication |
-
2018
- 2018-08-14 CN CN201810922556.4A patent/CN109117618A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130326607A1 (en) * | 2012-06-05 | 2013-12-05 | Alibaba Group Holding Limited | Method, Apparatus and System of Controlling Remote Login |
| CN105099676A (en) * | 2014-04-18 | 2015-11-25 | 阿里巴巴集团控股有限公司 | User login method, user terminal and server |
| CN104125267A (en) * | 2014-06-25 | 2014-10-29 | 小米科技有限责任公司 | Account protection method, device and terminal equipment |
| CN104468589A (en) * | 2014-12-12 | 2015-03-25 | 上海斐讯数据通信技术有限公司 | Method and system for achieving lightweight-level conversation |
| CN106372470A (en) * | 2016-08-30 | 2017-02-01 | 维沃移动通信有限公司 | Method for reminding of inputting password and mobile terminal |
| CN106878335A (en) * | 2017-03-28 | 2017-06-20 | 武汉斗鱼网络科技有限公司 | A kind of method and system for login authentication |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109815687A (en) * | 2019-03-18 | 2019-05-28 | 北京智明星通科技股份有限公司 | Account management method and device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20230156000A1 (en) | Screen-analysis based device security | |
| US10755507B2 (en) | Systems and methods for multifactor physical authentication | |
| EP3245806B1 (en) | Automatic intelligent local device fraud detection | |
| CN103077356B (en) | Protecting and tracking method for primary information of mobile terminal based on user behavior pattern | |
| EP2836957B1 (en) | Location-based access control for portable electronic device | |
| US10754962B2 (en) | System for secure context-aware password management | |
| CN106887064B (en) | Access controller based on dynamic password and access control system | |
| CN106161397A (en) | There is the electronic installation of Anti-addiction function, Anti-addiction management system and method | |
| CN108377241A (en) | Monitoring method, device, equipment based on access frequency and computer storage media | |
| CN108053532B (en) | Unlocking time limit setting method and system based on intelligent cloud lock | |
| CN107862194B (en) | A kind of method, device and mobile terminal of safety verification | |
| KR20140043041A (en) | Method for integrating account management function in input method software | |
| CN106209901A (en) | A kind of intelligent computer remote interactive system | |
| CN109871673B (en) | Continuous identity authentication method and system based on different context environments | |
| JPWO2018225642A1 (en) | Face authentication system, face authentication method, biometric authentication system, biometric authentication method and recording medium | |
| CN103116923A (en) | Security and protection method based on images and mobile communication network | |
| US11763605B2 (en) | Synchronized online/offline clock in management | |
| CN103116924A (en) | Electronic lock system based on images and mobile communication network | |
| CN106161710A (en) | A kind of user account safety management system based on smart mobile phone | |
| US8112631B2 (en) | Password input device, computer security system using the same and method thereof | |
| CN109117618A (en) | A kind of secure log control method, apparatus and system | |
| CN109461237A (en) | Intelligent door lock device and method for reminding message thereof | |
| CN107294981A (en) | A kind of method and apparatus of certification | |
| CN107197075B (en) | Clean boot means of defence, device and computer readable storage medium | |
| Indico et al. | Mobile monitoring and inquiry system using fingerprint biometrics and SMS technology |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190101 |