CN109977640B - Method and device for recovering, keeping and using admin password - Google Patents
Method and device for recovering, keeping and using admin password Download PDFInfo
- Publication number
- CN109977640B CN109977640B CN201910130687.3A CN201910130687A CN109977640B CN 109977640 B CN109977640 B CN 109977640B CN 201910130687 A CN201910130687 A CN 201910130687A CN 109977640 B CN109977640 B CN 109977640B
- Authority
- CN
- China
- Prior art keywords
- password
- compressed file
- admin
- file
- role
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2131—Lost password, e.g. recovery of lost or forgotten passwords
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a method and a device for recovering, keeping and using an admin password, which are used for separately reading the input and confirmation of an initial password, a first password and a second password and resetting the initial password; respectively and independently storing a first password and a second password to obtain a first password file and a second password file, respectively encrypting and compressing the first password file and the second password file through a third password to obtain a first compressed file and a second compressed file, and separately and independently storing the first compressed file and the second compressed file; when the password is used, the first half password and the second half password are read separately, the admin password is obtained after splicing, the admin password is checked and then logged in for use, the safety mode of recovering the admin password is realized, all the admin passwords are prevented from being known by multiple persons, and it is ensured that no independent individual can obtain the admin password.
Description
Technical Field
The invention relates to the field of information security, in particular to a method and a device for recovering, keeping and using an admin password.
Background
The financial industry is sensitive to data, and the encryption of the data is also very important correspondingly, and setting the password is a way of ensuring that the system is safely used for logging in, so that the data and the information are guaranteed, especially for the admin password in the financial field.
At present, the password is encrypted and stored generally by adopting a key component management mode of a financial encryption machine, but the method is relatively complex in management and is not suitable for storing the admin password.
Disclosure of Invention
Aiming at the defects in the prior art, the invention aims to provide a method and a device for recovering, keeping and using an admin password.
The invention provides a method for recovering and keeping an admin password, which comprises the following steps:
a password resetting step: respectively and independently reading the input and confirmation of an initial password, a first password and a second password, resetting the initial password, and splicing the first password and the second password in front and back to obtain an admin password after password resetting;
password storage step: the method comprises the steps of separately storing a first password and a second password to obtain a first password file and a second password file, respectively encrypting and compressing the first password file and the second password file through a third password to obtain a first compressed file and a second compressed file, and separately and independently storing the first compressed file and the second compressed file.
Preferably, the initial password is input through a first role, the second password is input through a second role, the third password is input through a third role, and the first role, the second role and the third role are independent of each other.
Preferably, the encryption compression by the third password is operated by the first role, the first compressed file is stored by the second role, and the second compressed file is stored by the third role.
According to the method for using the admin password, which is provided by the invention, the admin password, the first compressed file and the second compressed file are used, and the method comprises the following steps of:
applying for using steps: responding to the login application, and opening an admin login interface;
a password entering step: independently reading the first half section of password and the second half section of password;
a login step: and splicing the first half password and the second half password to obtain an admin password, verifying the admin password, discarding the first compressed file and the second compressed file if the verification is successful, reading the first compressed file and the second compressed file if the verification is unsuccessful, decrypting and decompressing the first compressed file and the second compressed file to obtain the first password and the second password, and discarding the first compressed file and the second compressed file.
Preferably, the first half password is input by the second role, the second half password is input by the third role, and the reading of the first compressed file and the reading of the second compressed file are performed by the first role.
The invention provides a device for recovering and keeping an admin password, which comprises the following units:
password resetting unit: respectively and independently reading the input and confirmation of an initial password, a first password and a second password, resetting the initial password, and splicing the first password and the second password in front and back to obtain an admin password after password resetting;
a password saving unit: the method comprises the steps of separately storing a first password and a second password to obtain a first password file and a second password file, respectively encrypting and compressing the first password file and the second password file through a third password to obtain a first compressed file and a second compressed file, and separately and independently storing the first compressed file and the second compressed file.
Preferably, the initial password is input through a first role, the second password is input through a second role, the third password is input through a third role, and the first role, the second role and the third role are independent of each other.
Preferably, the encryption compression by the third password is operated by the first role, the first compressed file is stored by the second role, and the second compressed file is stored by the third role.
According to the device for using the admin password, which is provided by the invention, the admin password, the first compressed file and the second compressed file are used, and the device comprises the following units:
applying for a use unit: responding to the login application, and opening an admin login interface;
a password entry unit: independently reading the first half section of password and the second half section of password;
a login step: and splicing the first half password and the second half password to obtain an admin password, verifying the admin password, discarding the first compressed file and the second compressed file if the verification is successful, reading the first compressed file and the second compressed file if the verification is unsuccessful, decrypting and decompressing the first compressed file and the second compressed file to obtain the first password and the second password, and discarding the first compressed file and the second compressed file.
Preferably, the first half password is input by the second role, the second half password is input by the third role, and the reading of the first compressed file and the reading of the second compressed file are performed by the first role.
Compared with the prior art, the invention has the following beneficial effects:
the invention realizes a safety mode of recovering the admin password, avoids all the admin passwords being known by multiple persons, and ensures that no independent individual can obtain the admin password.
Drawings
Other features, objects and advantages of the invention will become more apparent upon reading of the detailed description of non-limiting embodiments with reference to the following drawings:
FIG. 1 is a schematic diagram illustrating a recycling and keeping process of an admin password according to the present invention;
FIG. 2 is a schematic diagram illustrating a usage flow of the admin password of the present invention.
Detailed Description
The present invention will be described in detail with reference to specific examples. The following examples will assist those skilled in the art in further understanding the invention, but are not intended to limit the invention in any way. It should be noted that it would be obvious to those skilled in the art that various changes and modifications can be made without departing from the spirit of the invention. All falling within the scope of the present invention.
The invention provides a method for recovering and keeping an admin password, which comprises the following steps:
a password resetting step: respectively and independently reading the input and confirmation of an initial password, a first password and a second password, resetting the initial password, and splicing the first password and the second password in front and back to obtain an admin password after password resetting;
password storage step: the method comprises the steps of separately storing a first password and a second password to obtain a first password file and a second password file, respectively encrypting and compressing the first password file and the second password file through a third password to obtain a first compressed file and a second compressed file, and separately and independently storing the first compressed file and the second compressed file.
Specifically, the initial password is input through a first role, the second password is input through a second role, the third password is input through a third role, and the first role, the second role and the third role are independent of each other.
Specifically, the encryption compression by the third password is performed by the first role, the first compressed file is stored by the second role, and the second compressed file is stored by the third role.
According to the method for using the admin password, which is provided by the invention, the admin password, the first compressed file and the second compressed file are used, and the method comprises the following steps of:
applying for using steps: responding to the login application, and opening an admin login interface;
a password entering step: independently reading the first half section of password and the second half section of password;
a login step: and splicing the first half password and the second half password to obtain an admin password, verifying the admin password, discarding the first compressed file and the second compressed file if the verification is successful, reading the first compressed file and the second compressed file if the verification is unsuccessful, decrypting and decompressing the first compressed file and the second compressed file to obtain the first password and the second password, and discarding the first compressed file and the second compressed file.
Specifically, the first half password is input by a second role, the second half password is input by a third role, and the reading of the first compressed file and the reading of the second compressed file are performed by the first role.
The invention provides a device for recovering and keeping an admin password, which comprises the following units:
password resetting unit: respectively and independently reading the input and confirmation of an initial password, a first password and a second password, resetting the initial password, and splicing the first password and the second password in front and back to obtain an admin password after password resetting;
a password saving unit: the method comprises the steps of separately storing a first password and a second password to obtain a first password file and a second password file, respectively encrypting and compressing the first password file and the second password file through a third password to obtain a first compressed file and a second compressed file, and separately and independently storing the first compressed file and the second compressed file.
Specifically, the initial password is input through a first role, the second password is input through a second role, the third password is input through a third role, and the first role, the second role and the third role are independent of each other.
Specifically, the encryption compression by the third password is performed by the first role, the first compressed file is stored by the second role, and the second compressed file is stored by the third role.
According to the device for using the admin password, which is provided by the invention, the admin password, the first compressed file and the second compressed file are used, and the device comprises the following units:
applying for a use unit: responding to the login application, and opening an admin login interface;
a password entry unit: independently reading the first half section of password and the second half section of password;
a login step: and splicing the first half password and the second half password to obtain an admin password, verifying the admin password, discarding the first compressed file and the second compressed file if the verification is successful, reading the first compressed file and the second compressed file if the verification is unsuccessful, decrypting and decompressing the first compressed file and the second compressed file to obtain the first password and the second password, and discarding the first compressed file and the second compressed file.
Specifically, the first half password is input by a second role, the second half password is input by a third role, and the reading of the first compressed file and the reading of the second compressed file are performed by the first role.
The invention adopts three-right separation, separates the authority of password input and storage, avoids all passwords of admin being known by multiple persons, and ensures that no independent individual can obtain the admin password. In the process of keeping the password, the first role obtains the password of the password carrier, the second role obtains the password carrier and the first half password, and the third role obtains the password carrier and the second half password.
In specific implementation, 3 roles need to be allocated firstly, as shown in fig. 1, a role a applies for recording an original admin password and leaves the scene; the role B inputs the first half section of the password in the new password column and the new password confirmation column respectively and leaves the scene; the role C inputs the second half section of the password in the new password column and the new password confirmation column respectively and leaves the site; then three people arrive at the scene, press and confirm, if the password is wrong, return to the beginning, carry on the single input of the password again, if after the password is revised successfully, C inputs the password into TXT-B file, keep, leave the scene; b, inputting the password into a TXT-A file, and leaving the scene; a, packaging and compressing 2 TXT files, and adding a password; three people arrive at the scene, A copies the compressed packet, and 2 compressed packets (named compressed packets 1 and 2) are respectively given to B and C. Thus, A obtains a compressed packet cipher; b, obtaining a compressed packet 1 and a first half section password; c, obtaining a compressed packet 2 and a second half password; and the password recovery and the keeping are finished.
When the password needs to be used, as shown in fig. 2, a proposes an application, and opens an admin login interface; b, inputting the first half section of the password; c, inputting the second half section of the password, and pressing down to log in; if the login cannot be performed, A obtains a compressed packet from B and C, inputs a password to obtain an admin password, and discards the compressed packet; if the log-in is normal, abandoning the compressed packet; the password use is ended.
Those skilled in the art will appreciate that, in addition to implementing the systems, apparatus, and various modules thereof provided by the present invention in purely computer readable program code, the same procedures can be implemented entirely by logically programming method steps such that the systems, apparatus, and various modules thereof are provided in the form of logic gates, switches, application specific integrated circuits, programmable logic controllers, embedded microcontrollers and the like. Therefore, the system, the device and the modules thereof provided by the present invention can be considered as a hardware component, and the modules included in the system, the device and the modules thereof for implementing various programs can also be considered as structures in the hardware component; modules for performing various functions may also be considered to be both software programs for performing the methods and structures within hardware components.
The foregoing description of specific embodiments of the present invention has been presented. It is to be understood that the present invention is not limited to the specific embodiments described above, and that various changes or modifications may be made by one skilled in the art within the scope of the appended claims without departing from the spirit of the invention. The embodiments and features of the embodiments of the present application may be combined with each other arbitrarily without conflict.
Claims (10)
1. A method for recovering and keeping an admin password is characterized by comprising the following steps:
a password resetting step: respectively and independently reading the input and confirmation of an initial password, a first password and a second password, resetting the initial password, and splicing the first password and the second password in front and back to obtain an admin password after password resetting;
password storage step: the method comprises the steps of separately storing a first password and a second password to obtain a first password file and a second password file, respectively encrypting and compressing the first password file and the second password file through a third password to obtain a first compressed file and a second compressed file, and separately and independently storing the first compressed file and the second compressed file.
2. The method for recovering and keeping an admin password as recited in claim 1, wherein the initial password is entered by a first role, the first password is entered by a second role, the second password is entered by a third role, and the first role, the second role, and the third role are independent of each other.
3. The method for recovering and keeping an admin password as claimed in claim 2, wherein the encrypted compression by the third password is performed by a first role, the first compressed file is stored by a second role, and the second compressed file is stored by a third role.
4. A method for using the admin password, the first compressed file, and the second compressed file of claim 1, comprising the steps of:
applying for using steps: responding to the login application, and opening an admin login interface;
a password entering step: independently reading the first half section of password and the second half section of password;
a login step: and splicing the first half password and the second half password to obtain an admin password, verifying the admin password, discarding the first compressed file and the second compressed file if the verification is successful, reading the first compressed file and the second compressed file if the verification is unsuccessful, decrypting and decompressing the first compressed file and the second compressed file to obtain the first password and the second password, and discarding the first compressed file and the second compressed file.
5. The method for using admin password of claim 4, wherein the first half password is entered by the second persona, the second half password is entered by the third persona, and the reading of the first compressed file and the reading of the second compressed file are performed by the first persona.
6. A device for recovering and keeping admin passwords is characterized by comprising the following units:
password resetting unit: respectively and independently reading the input and confirmation of an initial password, a first password and a second password, resetting the initial password, and splicing the first password and the second password in front and back to obtain an admin password after password resetting;
a password saving unit: the method comprises the steps of separately storing a first password and a second password to obtain a first password file and a second password file, respectively encrypting and compressing the first password file and the second password file through a third password to obtain a first compressed file and a second compressed file, and separately and independently storing the first compressed file and the second compressed file.
7. The apparatus for recovering and keeping the admin password as defined in claim 6, wherein the initial password is inputted by a first character, the first password is inputted by a second character, the second password is inputted by a third character, and the first character, the second character and the third character are independent of each other.
8. The apparatus for recycling and keeping an admin password as recited in claim 7, wherein said encrypted compression by the third password is performed by a first role, the first compressed file is stored by a second role, and the second compressed file is stored by a third role.
9. An apparatus for using the admin password of claim 6, wherein the admin password, the first compressed file, and the second compressed file comprise the following units:
applying for a use unit: responding to the login application, and opening an admin login interface;
a password entry unit: independently reading the first half section of password and the second half section of password;
a login step: and splicing the first half password and the second half password to obtain an admin password, verifying the admin password, discarding the first compressed file and the second compressed file if the verification is successful, reading the first compressed file and the second compressed file if the verification is unsuccessful, decrypting and decompressing the first compressed file and the second compressed file to obtain the first password and the second password, and discarding the first compressed file and the second compressed file.
10. The apparatus for using admin password of claim 9, wherein the first half password is entered by the second persona, the second half password is entered by the third persona, and the reading of the first compressed file and the reading of the second compressed file are performed by the first persona.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910130687.3A CN109977640B (en) | 2019-02-21 | 2019-02-21 | Method and device for recovering, keeping and using admin password |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910130687.3A CN109977640B (en) | 2019-02-21 | 2019-02-21 | Method and device for recovering, keeping and using admin password |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109977640A CN109977640A (en) | 2019-07-05 |
| CN109977640B true CN109977640B (en) | 2020-12-25 |
Family
ID=67077197
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910130687.3A Active CN109977640B (en) | 2019-02-21 | 2019-02-21 | Method and device for recovering, keeping and using admin password |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109977640B (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101840478A (en) * | 2010-03-24 | 2010-09-22 | 深圳市德卡科技有限公司 | Password management method |
| CN107291525A (en) * | 2016-04-01 | 2017-10-24 | 华为技术有限公司 | A kind of method, host and system for disposing virtual machine |
Family Cites Families (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8880895B2 (en) * | 2009-10-29 | 2014-11-04 | At&T Intellectual Property I, L.P. | Methods, systems, and computer program products for recovering a password using user-selected third party authorization |
| CN103368928B (en) * | 2012-04-11 | 2018-04-27 | 富泰华工业(深圳)有限公司 | Account number cipher reset system and method |
| CN104167030A (en) * | 2013-12-19 | 2014-11-26 | 陈桂强 | Electronic cipher shared lock based on (t,n) threshold |
| CN103763369B (en) * | 2014-01-20 | 2017-12-19 | 浪潮电子信息产业股份有限公司 | A kind of multiple authority distributing method based on SAN storage system |
| CN105656621A (en) * | 2014-11-12 | 2016-06-08 | 江苏威盾网络科技有限公司 | Safety management method for cryptographic device |
| CN106874743B (en) * | 2016-12-29 | 2020-07-10 | 上海雷塔智能科技有限公司 | Method and system for storing and extracting smart card password |
| CN109252789B (en) * | 2018-09-20 | 2020-07-24 | 佘丽娟 | Intelligent safety control system |
-
2019
- 2019-02-21 CN CN201910130687.3A patent/CN109977640B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101840478A (en) * | 2010-03-24 | 2010-09-22 | 深圳市德卡科技有限公司 | Password management method |
| CN107291525A (en) * | 2016-04-01 | 2017-10-24 | 华为技术有限公司 | A kind of method, host and system for disposing virtual machine |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109977640A (en) | 2019-07-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3373510A1 (en) | Method and device for realizing session identifier synchronization | |
| US20170063827A1 (en) | Data obfuscation method and service using unique seeds | |
| TW200534660A (en) | Method for encryption backup and method for decryption restoration | |
| CN112528257B (en) | Secure debugging method and device, electronic equipment and storage medium | |
| US10361867B2 (en) | Verification of authenticity of a maintenance means connected to a controller of a passenger transportation/access device of a building and provision and obtainment of a license key for use therein | |
| US10069820B2 (en) | Linked registration | |
| CN108540457B (en) | Safety equipment and biological authentication control method and device thereof | |
| US20120246483A1 (en) | Authentication System With Time Attributes | |
| CN109462572B (en) | Multi-factor authentication method, system, storage medium and security gateway based on encryption card and UsbKey | |
| CN111859415A (en) | Neural network model encryption system and method | |
| US9721122B2 (en) | Method and system for performing secure I/O operation in a pluggable flash storage device | |
| US20150012968A1 (en) | Information processing system | |
| CN109407663B (en) | Unmanned information safety guarantee method and system based on block chain | |
| CN105247833A (en) | Self-authentication device and method | |
| CN113704718A (en) | Computer data protection system based on identity authentication | |
| CN103119559B (en) | Information generating system and its method | |
| CN104239762A (en) | Method for realizing secure login in Windows system | |
| CN109977640B (en) | Method and device for recovering, keeping and using admin password | |
| CN106295384B (en) | Big data platform access control method and device and authentication server | |
| CN109684802A (en) | A kind of method and system providing a user artificial intelligence platform | |
| CN116260652A (en) | Authorization method, system, computing device and readable storage medium | |
| EP1722336A2 (en) | Data generating device and method for initialising security data carriers | |
| CN111179522A (en) | Self-service equipment program installation method, device and system | |
| CN114900342B (en) | Distribution machine authentication method based on key distribution system | |
| CN110704827B (en) | Authority management method and related device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |