CN109981626A - A kind of account authentication method and device - Google Patents

A kind of account authentication method and device Download PDF

Info

Publication number
CN109981626A
CN109981626A CN201910202483.6A CN201910202483A CN109981626A CN 109981626 A CN109981626 A CN 109981626A CN 201910202483 A CN201910202483 A CN 201910202483A CN 109981626 A CN109981626 A CN 109981626A
Authority
CN
China
Prior art keywords
account
certified
identifying code
authentification failure
user terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910202483.6A
Other languages
Chinese (zh)
Inventor
杨洪起
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
New H3C Security Technologies Co Ltd
Original Assignee
New H3C Security Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by New H3C Security Technologies Co Ltd filed Critical New H3C Security Technologies Co Ltd
Priority to CN201910202483.6A priority Critical patent/CN109981626A/en
Publication of CN109981626A publication Critical patent/CN109981626A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The embodiment of the present application provides a kind of account authentication method and device, is related to field of information security technology.This method comprises: obtaining the number of the corresponding continuous authentification failure of account to be certified after the certification request of the account information for the carrying account to be certified for receiving user terminal transmission;When the number of continuous authentification failure is greater than or equal to preset verification threshold, instruction information is sent to user terminal, instruction information is used to indicate input identifying code;If receiving the identifying code of user terminal transmission, and determine that the identifying code received by verifying, then authenticates account to be certified according to account information;If not receiving the identifying code of user terminal transmission, or determine that the identifying code received is unverified, then abandons certification request.Using the application, user experience can be improved.

Description

A kind of account authentication method and device
Technical field
This application involves field of information security technology, more particularly to a kind of account authentication method and device.
Background technique
In the related technology, user recognizes usually using the account information (such as username and password) of account to be certified Card, after the authentication has been successful, to obtain preset network legal power.But there are safety issues for such authentication mode, obtain in attacker In the case where the user name for taking account to be certified, attacker can be with the corresponding password of the Brute Force user name, that is, attacker's root According to the user name of acquisition, different passwords is inputted one by one by automation crack tool, is authenticated, until the password of input is just Until really.
The Brute Force of attacker in order to prevent, in the prior art server would generally detection service device to account to be certified The number of continuous authentification failure when being authenticated.If the number of continuous authentification failure reaches preset lock threshold, take Business device locks the account to be certified, and stopping authenticates the account to be certified.After administrator unlocks the account to be certified, clothes Business device can just authenticate the account to be certified.
Based on the above-mentioned technical proposal, if attacker carries out Brute Force to a certain account, the account will be locked. At this point, the legitimate user of the account can not also authenticate the account, only request administrator's unlock should be in legitimate user It after authenticating account, can just be authenticated, additional unlock operation is brought for legitimate user, influences user experience.
Summary of the invention
The embodiment of the present application is designed to provide a kind of account authentication method and device, and user experience can be improved.Tool Body technique scheme is as follows:
In a first aspect, providing a kind of account authentication method, the method is applied to server, which comprises
After the certification request of the account information for the carrying account to be certified for receiving user terminal transmission, obtain it is described to Authenticate the number of the corresponding continuous authentification failure of account;
When the number of the continuous authentification failure is greater than or equal to preset verification threshold, Xiang Suoshu user terminal is sent Indicate that information, the instruction information are used to indicate input identifying code;
If receiving the identifying code that the user terminal is sent, and determine that the identifying code received passes through verifying, then basis The account information authenticates the account to be certified;
If not receiving the identifying code that the user terminal is sent, or determine that the identifying code received is unverified, Then abandon the certification request.
Optionally, it is described the account to be certified is authenticated according to the account information after, the method is also Include:
If determining that the account authentication to be certified fails according to the account information, the account to be certified that adds up is corresponding Continuous authentification failure number;
It is if determining the account authentication success to be certified according to the account information, the account to be certified is corresponding The number of continuous authentification failure is set to initial value.
Optionally, the method also includes:
When the number of the continuous authentification failure is greater than or equal to preset lock threshold, the account to be certified is locked Family, the lock threshold are greater than the verification threshold.
Optionally, the method also includes:
If receiving the unlock instruction of the account to be certified, then to described wait recognize after locking the account to be certified Demonstrate,prove account unlock;
And/or
Start timing after locking the account to be certified, when reaching preset duration, the account to be certified is unlocked.
Optionally, before the number for obtaining the corresponding continuous authentification failure of the account to be certified, the method Further include:
Judge whether the account to be certified is locked;
If the account to be certified is not locked out, executes and obtain the corresponding continuous authentification failure of the account to be certified Number the step of.
Second aspect provides a kind of account authentication device, and described device is applied to server, and described device includes:
Module is obtained, the certification request for the account information in the carrying account to be certified for receiving user terminal transmission Afterwards, the number of the corresponding continuous authentification failure of the account to be certified is obtained;
Sending module, for when the number of the continuous authentification failure be greater than or equal to preset verification threshold when, to institute It states user terminal and sends instruction information, the instruction information is used to indicate input identifying code;
Authentication module, if the identifying code sent for receiving the user terminal, and determine that the identifying code received is logical Verifying is crossed, then the account to be certified is authenticated according to the account information;
Discard module, if the identifying code sent for not receiving the user terminal, or determine the verifying received Code is unverified, then abandons the certification request.
Optionally, described device further includes statistical module, and the statistical module is specifically used for:
If determining that the account authentication to be certified fails according to the account information, the account to be certified that adds up is corresponding Continuous authentification failure number;
It is if determining the account authentication success to be certified according to the account information, the account to be certified is corresponding The number of continuous authentification failure is set to initial value.
Optionally, described device further includes locking module, and the locking module is specifically used for:
When the number of the continuous authentification failure is greater than or equal to preset lock threshold, the account to be certified is locked Family, the lock threshold are greater than the verification threshold.
Optionally, described device further includes unlocked state, and the unlocked state is specifically used for:
If receiving the unlock instruction of the account to be certified, then to described wait recognize after locking the account to be certified Demonstrate,prove account unlock;
And/or
Start timing after locking the account to be certified, when reaching preset duration, the account to be certified is unlocked.
Optionally, described device further includes judgment module, and the judgment module is specifically used for:
Judge whether the account to be certified is locked;
If the account to be certified is not locked out, triggers the acquisition module and execute the acquisition account pair to be certified The step of number for the continuous authentification failure answered.
The third aspect provides a kind of electronic equipment, including processor and machine readable storage medium, described machine readable Storage medium is stored with the machine-executable instruction that can be executed by the processor, and the processor can be performed by the machine Instruction promotes: realizing method and step described in first aspect.
Fourth aspect provides a kind of computer readable storage medium, which is characterized in that the computer-readable storage medium It is stored with computer program in matter, method and step described in first aspect is realized when the computer program is executed by processor.
5th aspect, provides a kind of computer program product comprising instruction, when run on a computer, so that Computer executes method described in above-mentioned first aspect.
A kind of account authentication method and device provided by the embodiments of the present application, can be applied to server.The application is implemented In the scheme that example provides, after the certification request of the account information for the carrying account to be certified for receiving user terminal transmission, obtain Take the number of the corresponding continuous authentification failure of account to be certified;When the number of continuous authentification failure is greater than or equal to verification threshold When, server can send instruction information to user terminal, and instruction information is used to indicate input identifying code.If receiving user terminal The identifying code of transmission, and determine the identifying code that receives by verifying, then explanation is that legitimate user is treated by user terminal and recognizes Card account is authenticated, and server can authenticate account to be certified according to account information;If not receiving user terminal hair The identifying code sent, or determine that the identifying code received is unverified, then explanation is that attacker is carried out cruelly by user terminal Power cracks, and server can abandon the certification request, but server and unlocked account to be certified, legitimate user still can pass through Its terminal authenticates account to be certified.In this way, legitimate user can be allowed to recognize while preventing Brute Force Card, legitimate user are not necessarily to carry out additional unlock operation, improve user experience.
Certainly, implement the application any product or method it is not absolutely required to and meanwhile reach all the above excellent Point.
Detailed description of the invention
In order to illustrate the technical solutions in the embodiments of the present application or in the prior art more clearly, to embodiment or will show below There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this Some embodiments of application for those of ordinary skill in the art without creative efforts, can be with It obtains other drawings based on these drawings.
Fig. 1 is a kind of account authentication method flow diagram provided by the embodiments of the present application;
Fig. 2 is another account authentication method flow diagram provided by the embodiments of the present application;
Fig. 3 is a kind of account authentication apparatus structure schematic diagram provided by the embodiments of the present application;
Fig. 4 is the structural schematic diagram of a kind of electronic equipment provided by the embodiments of the present application.
Specific embodiment
Below in conjunction with the attached drawing in the embodiment of the present application, technical solutions in the embodiments of the present application carries out clear, complete Site preparation description, it is clear that described embodiments are only a part of embodiments of the present application, instead of all the embodiments.It is based on Embodiment in the application, it is obtained by those of ordinary skill in the art without making creative efforts every other Embodiment shall fall in the protection scope of this application.
A kind of account authentication method and device provided by the embodiments of the present application is applied to server, can receive use After the certification request of the account information for the carrying account to be certified that family terminal is sent, the corresponding continuous certification of account to be certified is obtained The number of failure;When the number of continuous authentification failure is greater than or equal to preset verification threshold, sends and indicate to user terminal Information, instruction information are used to indicate input identifying code;If receiving the identifying code of user terminal transmission, and determine that is received tests Code is demonstrate,proved by verifying, then account to be certified is authenticated according to account information;If not receiving the verifying of user terminal transmission Code, or determine that the identifying code received is unverified, then abandon certification request.
In scheme provided by the embodiments of the present application, server identifies legitimate user's certification or attack by identifying code Person is authenticated using Brute Force mode, if server receives the identifying code of user terminal transmission, and is determined and is received Identifying code is by verifying, then explanation is that legitimate user authenticates account to be certified by user terminal, and server can basis Account information authenticates account to be certified;If not receiving the identifying code of user terminal transmission, or determines and receive Identifying code is unverified, then explanation is attacker by user terminal progress Brute Force, and server can abandon the certification and ask It asks, but server and unlocked account to be certified, legitimate user still can recognize account to be certified by its terminal Card.In this way, legitimate user can be allowed to authenticate while preventing Brute Force, legitimate user is without carrying out additionally Unlock operation, improves user experience.
It is detailed to a kind of account authentication method progress provided by the embodiments of the present application below in conjunction with specific embodiment Illustrate, as shown in Figure 1, the specific steps are as follows:
Step 101, it after the certification request of the account information for the carrying account to be certified for receiving user terminal transmission, obtains Take the number of the corresponding continuous authentification failure of account to be certified.
Wherein, account information may include username and password.
In the embodiment of the present application, server can count the number of the corresponding continuous authentification failure of account to be certified, and will The storage corresponding with the user name of account to be certified of the number of the corresponding continuous authentification failure of account to be certified.Receiving user's end After the certification request of the account information for the carrying account to be certified that end is sent, the user of the available account to be certified of user terminal Name, and according to the user name of account to be certified, determine the number of the corresponding continuous authentification failure of account to be certified.
Wherein, the treatment process for counting the number of the corresponding continuous authentification failure of account to be certified can be with are as follows: in server When being authenticated to the certification request for the account information for carrying account to be certified that user terminal is sent, if it is determined that certification is lost It loses, then by the number cumulative 1 of the corresponding continuous authentification failure of the account to be certified;If it is determined that authenticating successfully, then this is waited recognizing The number of the corresponding continuous authentification failure of card account is set to 0.
Step 102, it when the number of continuous authentification failure is greater than or equal to preset verification threshold, is sent to user terminal Indicate information.
Wherein, instruction information can serve to indicate that input identifying code.
In the embodiment of the present application, when the number of continuous authentification failure is greater than or equal to preset verification threshold, server Identifying code can be generated, and send the instruction information for being used to indicate user and inputting the identifying code to user terminal.Wherein, threshold is verified Value can be 3.Correspondingly, the verifying frame of identifying code can be shown after user terminal receives instruction information, it is defeated to obtain user The identifying code entered.After user terminal gets identifying code, identifying code can be sent to server.
For example, word can be generated in server when the number of continuous authentification failure is greater than or equal to preset verification threshold Identifying code is accorded with, and sends the instruction information for being used to indicate user and inputting the identifying code to user terminal.Correspondingly, user terminal connects After receiving instruction information, the input frame of character identifying code can be shown, to obtain the character identifying code of user's input.User terminal After the character identifying code for getting user's input, the character identifying code that user inputs can be sent to server.
Alternatively, cunning can be generated in server when the number of continuous authentification failure is greater than or equal to preset verification threshold Dynamic picture mosaic identifying code, and the instruction information for being used to indicate user and inputting the identifying code is sent to user terminal.Correspondingly, user is whole After termination receives instruction information, the input instruction information of the identifying code can be shown, to obtain the motion track letter of user's input Breath.After user terminal gets the motion track information of user's input, the motion track that user inputs can be sent to server Information.
Step 103, if receiving the identifying code of user terminal transmission, and determine that the identifying code received passes through verifying, then Account to be certified is authenticated according to account information.
In the embodiment of the present application, if server receives the identifying code of user terminal transmission, server may determine that user Whether the identifying code that terminal is sent meets preset matching condition.If meeting preset matching condition, decision verification code is logical Cross verifying;If being unsatisfactory for preset matching condition, decision verification code is unverified.For example, receiving use in server Family terminal send character identifying code after, server may determine that user terminal send character identifying code whether be stored in advance Character identifying code it is identical.If identical, decision verification code passes through verifying;If it is not the same, then decision verification code does not pass through Verifying.Alternatively, server may determine that user terminal is sent out after the motion track information that server receives user terminal transmission Whether the motion track information sent matches with pre-stored motion track information.If matched, decision verification code is logical Cross verifying;If they do not match then decision verification code is unverified.Server passes through verifying in the determining identifying code received Afterwards, account to be certified can be authenticated according to account information.
Optionally, after being authenticated according to account information to account to be certified, server can also continue to statistics to The number for authenticating the corresponding continuous authentification failure of account, the specific process is as follows: if determining account to be certified according to account information Authentification failure, the then number of the corresponding continuous authentification failure of the account to be certified that adds up;If determining account to be certified according to account information Family authenticates successfully, then the number of the corresponding continuous authentification failure of account to be certified is set to initial value.
In the embodiment of the present application, if determining that account authentication to be certified fails according to account information, server can will be to Authenticate the number cumulative 1 of the corresponding continuous authentification failure of account.If determining account authentication success to be certified according to account information, The number of the corresponding continuous authentification failure of account to be certified can be set to 0 by server.
Step 104, it if not receiving the identifying code of user terminal transmission, or determines that the identifying code received does not pass through and tests Card, then abandon certification request.
In the embodiment of the present application, if server does not receive use in the preset duration after server sends instruction information The identifying code that family terminal is sent, then server can abandon the certification request of user terminal transmission (that is, server is not to user's end The certification request that end is sent is authenticated).Alternatively, server can be with if server receives the identifying code of user terminal transmission The identifying code received is verified, if identifying code is unverified, server can abandon recognizing for user terminal transmission Card request.
In scheme provided by the embodiments of the present application, server identifies legitimate user's certification or attack by identifying code Person is authenticated using Brute Force mode, if server receives the identifying code of user terminal transmission, and is determined and is received Identifying code is by verifying, then explanation is that legitimate user authenticates account to be certified by user terminal, and server can basis Account information authenticates account to be certified;If not receiving the identifying code of user terminal transmission, or determines and receive Identifying code is unverified, then explanation is attacker by user terminal progress Brute Force, and server can abandon the certification and ask It asks, but server and unlocked account to be certified, legitimate user still can recognize account to be certified by its terminal Card.In this way, legitimate user can be allowed to authenticate while preventing Brute Force, legitimate user is without carrying out additionally Unlock operation, improves user experience.
Optionally, after determining identifying code by verifying, server can be carried out account to be certified according to account information Certification, server can continue to count the number of the corresponding continuous authentification failure of account to be certified, and in continuous authentification failure When number is greater than or equal to preset lock threshold, account to be certified, detailed process are locked are as follows: when the corresponding company of account to be certified When the number of continuous authentification failure is greater than or equal to preset lock threshold, account to be certified is locked.
In the embodiment of the present application, when the number of the corresponding continuous authentification failure of account to be certified is greater than or equal to preset lock When determining threshold value, server can lock account to be certified.Wherein, lock threshold is greater than verification threshold, and lock threshold can be 6.
Information is indicated in this way, can effectively avoid sending in server to user terminal, when carrying out identifying code verifying, is attacked The person of hitting is manually entered identifying code and is verified, and after identifying code is by verifying, continues to be authenticated using Brute Force mode, Cause attacker to account authentication to be certified success this case, protects the safety of account to be certified.
Optionally, before the number for obtaining the corresponding continuous authentification failure of account to be certified, server may determine that Whether certification account is locked, if account to be certified is not locked out, executes the corresponding continuous certification of acquisition certification account and loses The step of number lost, detailed process are as follows: judge whether account to be certified is locked;If account to be certified is not locked out, The step of executing the number for obtaining the corresponding continuous authentification failure of account to be certified.
In the embodiment of the present application, server is receiving the account information for carrying account to be certified of user terminal transmission After certification request, the account information for the account to be certified that the available certification request carries, for example obtain account to be certified User name.Server can be checked in pre-stored locking user name with the presence or absence of the user name obtained, if it is present really Fixed account to be certified is locked, if do not existed, it is determined that family to be certified is not locked out.Determining that account to be certified is locked When, server abandons the certification request, and the locked information of account to be certified can be fed back to user terminal.It is determining wait recognize The step of card family is when being not locked out, and server can execute the number for obtaining the corresponding continuous authentification failure of account to be certified.
Optionally, after locking account to be certified, the embodiment of the present application also provides following two unlocking manners.
Mode one: if after locking account to be certified, the unlock instruction of account to be certified is received, then to account to be certified Unlock.
In the embodiment of the present application, after locking account to be certified, legitimate user sends to server at the terminal in its institute When carrying the certification request of the account information of account to be certified, after server receives the certification request, it can be determined that be certified Whether account is locked.If account to be certified is locked, it is locked that server can feed back account to be certified to user terminal Information.Legitimate user can unlock the account to be certified to administrator request, and administrator can trigger the unlock of account to be certified Instruction, server can unlock account to be certified after the unlock instruction for receiving account to be certified.
Mode two: starting timing after locking account to be certified, when reaching preset duration, unlocks to account to be certified.
In the embodiment of the present application, server can start timing after locking account to be certified, when reaching preset duration, Account to be certified is unlocked.
Wherein, mode one and mode two can be individually performed or mode one and mode two execute side by side.
The embodiment of the present application also provides a kind of account authentication method examples, as shown in Figure 2, the specific steps are as follows:
Step 201, it after the certification request of the account information for the carrying account to be certified for receiving user terminal transmission, obtains Take the number of the corresponding continuous authentification failure of account to be certified.
Step 202, judge whether the number of continuous authentification failure is greater than or equal to preset verification threshold.
If the number of continuous authentification failure is greater than or equal to preset verification threshold, 203 are thened follow the steps;If continuous The number of authentification failure is less than preset verification threshold, thens follow the steps 207.
Step 203, instruction information is sent to user terminal.
Step 204, the identifying code that user terminal is sent is received, and is verified according to identifying code.
Step 205, judge whether identifying code passes through verifying.
If unverified, 206 are thened follow the steps;If thening follow the steps 207 by verifying.
Step 206, certification request is abandoned.
Step 207, account to be certified is authenticated according to account information.
If account authentication success to be certified, it is determined that Account Logon success to be certified, and execute step 208;Otherwise, to The number cumulative 1 of the corresponding continuous authentification failure of account is authenticated, and executes step 209;
Step 208, the number of the corresponding continuous authentification failure of account to be certified is set to initial value.
Step 209, judge whether the number of continuous authentification failure is greater than or equal to preset lock threshold.
If the number of continuous authentification failure is less than preset lock threshold, 201 are thened follow the steps;If continuous certification When the number of failure is greater than or equal to preset lock threshold, 210 are thened follow the steps.
Step 210, account to be certified is locked.
Step 211, start timing after locking account to be certified, when reaching preset duration, account to be certified is unlocked.
Step 212, if receiving the unlock instruction of account to be certified, then to account to be certified after locking account to be certified Family unlock.
Certainly, in the embodiment of the present application, after determining account to be certified unlock, can continuously recognize account to be certified is corresponding The number of card failure is set to initial value.
Wherein, step 211 and step 212 can execute side by side, and step 201~step 212 concrete processing procedure can be with With reference to step 101~step 104, this will not be repeated here for the embodiment of the present application.
Based on the same technical idea, as shown in figure 3, being answered the embodiment of the present application also provides a kind of account authentication device For server, described device includes:
Module 301 is obtained, the certification for the account information in the carrying account to be certified for receiving user terminal transmission After request, the number of the corresponding continuous authentification failure of the account to be certified is obtained;
Sending module 302, for when the number of the continuous authentification failure be greater than or equal to preset verification threshold when, to The user terminal sends instruction information, and the instruction information is used to indicate input identifying code;
Authentication module 303, if the identifying code sent for receiving the user terminal, and determine the identifying code received By verifying, then the account to be certified is authenticated according to the account information;
Discard module 304, if the identifying code sent for not receiving the user terminal, or determine that is received tests It is unverified to demonstrate,prove code, then abandons the certification request.
Optionally, described device further includes statistical module, and the statistical module is specifically used for:
If determining that the account authentication to be certified fails according to the account information, the account to be certified that adds up is corresponding Continuous authentification failure number;
It is if determining the account authentication success to be certified according to the account information, the account to be certified is corresponding The number of continuous authentification failure is set to initial value.
Optionally, described device further includes locking module, and the locking module is specifically used for:
When the number of the continuous authentification failure is greater than or equal to preset lock threshold, the account to be certified is locked Family, the lock threshold are greater than the verification threshold.
Optionally, described device further includes unlocked state, and the unlocked state is specifically used for:
If receiving the unlock instruction of the account to be certified, then to described wait recognize after locking the account to be certified Demonstrate,prove account unlock;
And/or
Start timing after locking the account to be certified, when reaching preset duration, the account to be certified is unlocked.
Optionally, described device further includes judgment module, and the judgment module is specifically used for:
Judge whether the account to be certified is locked;
If the account to be certified is not locked out, triggers the acquisition module 301 and execute the acquisition account to be certified The step of number of the corresponding continuous authentification failure in family.
The embodiment of the present application also provides a kind of electronic equipment, as shown in figure 4, include processor 401, communication interface 402, Memory 403 and communication bus 404, wherein processor 401, communication interface 402, memory 403 are complete by communication bus 404 At mutual communication,
Memory 403, for storing computer program;
Processor 401 when for executing the program stored on memory 403, realizes following steps:
After the certification request of the account information for the carrying account to be certified for receiving user terminal transmission, obtain it is described to Authenticate the number of the corresponding continuous authentification failure of account;
When the number of the continuous authentification failure is greater than or equal to preset verification threshold, Xiang Suoshu user terminal is sent Indicate that information, the instruction information are used to indicate input identifying code;
If receiving the identifying code that the user terminal is sent, and determine that the identifying code received passes through verifying, then basis The account information authenticates the account to be certified;
If not receiving the identifying code that the user terminal is sent, or determine that the identifying code received is unverified, Then abandon the certification request.
Optionally, it is described the account to be certified is authenticated according to the account information after, the method is also Include:
If determining that the account authentication to be certified fails according to the account information, the account to be certified that adds up is corresponding Continuous authentification failure number;
It is if determining the account authentication success to be certified according to the account information, the account to be certified is corresponding The number of continuous authentification failure is set to initial value.
Optionally, the method also includes:
When the number of the continuous authentification failure is greater than or equal to preset lock threshold, the account to be certified is locked Family, the lock threshold are greater than the verification threshold.
Optionally, the method also includes:
If receiving the unlock instruction of the account to be certified, then to described wait recognize after locking the account to be certified Demonstrate,prove account unlock;
And/or
Start timing after locking the account to be certified, when reaching preset duration, the account to be certified is unlocked.
Optionally, before the number for obtaining the corresponding continuous authentification failure of the account to be certified, the method Further include:
Judge whether the account to be certified is locked;
If the account to be certified is not locked out, executes and obtain the corresponding continuous authentification failure of the account to be certified Number the step of.
The communication bus that above-mentioned electronic equipment is mentioned can be Peripheral Component Interconnect standard (Peripheral Component Interconnect, PCI) bus or expanding the industrial standard structure (Extended Industry Standard Architecture, EISA) bus etc..The communication bus can be divided into address bus, data/address bus, control bus etc..For just It is only indicated with a thick line in expression, figure, it is not intended that an only bus or a type of bus.
Communication interface is for the communication between above-mentioned electronic equipment and other equipment.
Memory may include random access memory (Random Access Memory, RAM), also may include non-easy The property lost memory (Non-Volatile Memory, NVM), for example, at least a magnetic disk storage.Optionally, memory may be used also To be storage device that at least one is located remotely from aforementioned processor.
Above-mentioned processor can be general processor, including central processing unit (Central Processing Unit, CPU), network processing unit (Network Processor, NP) etc.;It can also be digital signal processor (Digital Signal Processing, DSP), it is specific integrated circuit (Application Specific Integrated Circuit, ASIC), existing It is field programmable gate array (Field-Programmable Gate Array, FPGA) or other programmable logic device, discrete Door or transistor logic, discrete hardware components.
In another embodiment provided by the present application, a kind of computer readable storage medium is additionally provided, which can It reads to be stored with computer program in storage medium, the computer program realizes any of the above-described account authentication when being executed by processor The step of method.
In another embodiment provided by the present application, a kind of computer program product comprising instruction is additionally provided, when it When running on computers, so that computer executes any account authentication method in above-described embodiment.
In the above-described embodiments, can come wholly or partly by software, hardware, firmware or any combination thereof real It is existing.When implemented in software, it can entirely or partly realize in the form of a computer program product.The computer program Product includes one or more computer instructions.When loading on computers and executing the computer program instructions, all or It partly generates according to process or function described in the embodiment of the present application.The computer can be general purpose computer, dedicated meter Calculation machine, computer network or other programmable devices.The computer instruction can store in computer readable storage medium In, or from a computer readable storage medium to the transmission of another computer readable storage medium, for example, the computer Instruction can pass through wired (such as coaxial cable, optical fiber, number from a web-site, computer, server or data center User's line (DSL)) or wireless (such as infrared, wireless, microwave etc.) mode to another web-site, computer, server or Data center is transmitted.The computer readable storage medium can be any usable medium that computer can access or It is comprising data storage devices such as one or more usable mediums integrated server, data centers.The usable medium can be with It is magnetic medium, (for example, floppy disk, hard disk, tape), optical medium (for example, DVD) or semiconductor medium (such as solid state hard disk Solid State Disk (SSD)) etc..
It should be noted that, in this document, relational terms such as first and second and the like are used merely to a reality Body or operation are distinguished with another entity or operation, are deposited without necessarily requiring or implying between these entities or operation In any actual relationship or order or sequence.Moreover, the terms "include", "comprise" or its any other variant are intended to Non-exclusive inclusion, so that the process, method, article or equipment including a series of elements is not only wanted including those Element, but also including other elements that are not explicitly listed, or further include for this process, method, article or equipment Intrinsic element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that There is also other identical elements in process, method, article or equipment including the element.
Each embodiment in this specification is all made of relevant mode and describes, same and similar portion between each embodiment Dividing may refer to each other, and each embodiment focuses on the differences from other embodiments.Especially for device, For electronic equipment, computer readable storage medium, computer program product embodiments, implement since it is substantially similar to method Example, so being described relatively simple, the relevent part can refer to the partial explaination of embodiments of method.
The foregoing is merely the preferred embodiments of the application, are not intended to limit the protection scope of the application.It is all Any modification, equivalent replacement, improvement and so within spirit herein and principle are all contained in the protection scope of the application It is interior.

Claims (10)

1. a kind of account authentication method, which is characterized in that the method is applied to server, which comprises
After the certification request of the account information for the carrying account to be certified for receiving user terminal transmission, obtain described to be certified The number of the corresponding continuous authentification failure of account;
When the number of the continuous authentification failure is greater than or equal to preset verification threshold, Xiang Suoshu user terminal sends instruction Information, the instruction information are used to indicate input identifying code;
If receiving the identifying code that the user terminal is sent, and the identifying code received is determined through verifying, then according to Account information authenticates the account to be certified;
If not receiving the identifying code that the user terminal is sent, or determine that the identifying code received is unverified, then loses Abandon the certification request.
2. the method according to claim 1, wherein it is described according to the account information to the account to be certified After family is authenticated, the method also includes:
If determining that the account authentication to be certified fails according to the account information, the corresponding company of the account to be certified that adds up The number of continuous authentification failure;
It is if determining the account authentication success to be certified according to the account information, the account to be certified is corresponding continuous The number of authentification failure is set to initial value.
3. method according to claim 1 or 2, which is characterized in that the method also includes:
When the number of the continuous authentification failure is greater than or equal to preset lock threshold, the account to be certified, institute are locked Lock threshold is stated greater than the verification threshold.
4. according to the method described in claim 3, it is characterized in that, the method also includes:
If receiving the unlock instruction of the account to be certified, then to the account to be certified after locking the account to be certified Family unlock;
And/or
Start timing after locking the account to be certified, when reaching preset duration, the account to be certified is unlocked.
5. according to the method described in claim 3, it is characterized in that, obtaining that the account to be certified is corresponding continuously to recognize described Before the number for demonstrate,proving failure, the method also includes:
Judge whether the account to be certified is locked;
If the account to be certified is not locked out, time for obtaining the corresponding continuous authentification failure of the account to be certified is executed Several steps.
6. a kind of account authentication device, which is characterized in that described device is applied to server, and described device includes:
Module is obtained, for after the certification request of the account information for the carrying account to be certified for receiving user terminal transmission, Obtain the number of the corresponding continuous authentification failure of the account to be certified;
Sending module, for when the number of the continuous authentification failure be greater than or equal to preset verification threshold when, to the use Family terminal sends instruction information, and the instruction information is used to indicate input identifying code;
Authentication module, if the identifying code sent for receiving the user terminal, and determine the identifying code received by testing Card, then authenticate the account to be certified according to the account information;
Discard module, if the identifying code sent for not receiving the user terminal, or determine the identifying code received not By verifying, then the certification request is abandoned.
7. device according to claim 6, which is characterized in that described device further includes statistical module, the statistical module It is specifically used for:
If determining that the account authentication to be certified fails according to the account information, the corresponding company of the account to be certified that adds up The number of continuous authentification failure;
It is if determining the account authentication success to be certified according to the account information, the account to be certified is corresponding continuous The number of authentification failure is set to initial value.
8. device according to claim 6 or 7, which is characterized in that described device further includes locking module, the locking mould Block is specifically used for:
When the number of the continuous authentification failure is greater than or equal to preset lock threshold, the account to be certified, institute are locked Lock threshold is stated greater than the verification threshold.
9. device according to claim 8, which is characterized in that described device further includes unlocked state, the unlocked state It is specifically used for:
If receiving the unlock instruction of the account to be certified, then to the account to be certified after locking the account to be certified Family unlock;
And/or
Start timing after locking the account to be certified, when reaching preset duration, the account to be certified is unlocked.
10. device according to claim 8, which is characterized in that described device further includes judgment module, the judgment module It is specifically used for:
Judge whether the account to be certified is locked;
If the account to be certified is not locked out, it is corresponding to trigger the acquisition module execution acquisition account to be certified The step of number of continuous authentification failure.
CN201910202483.6A 2019-03-11 2019-03-11 A kind of account authentication method and device Pending CN109981626A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910202483.6A CN109981626A (en) 2019-03-11 2019-03-11 A kind of account authentication method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910202483.6A CN109981626A (en) 2019-03-11 2019-03-11 A kind of account authentication method and device

Publications (1)

Publication Number Publication Date
CN109981626A true CN109981626A (en) 2019-07-05

Family

ID=67079240

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910202483.6A Pending CN109981626A (en) 2019-03-11 2019-03-11 A kind of account authentication method and device

Country Status (1)

Country Link
CN (1) CN109981626A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110768995A (en) * 2019-10-30 2020-02-07 北京达佳互联信息技术有限公司 Security verification method, device and system
CN112215613A (en) * 2020-10-09 2021-01-12 支付宝(杭州)信息技术有限公司 Password verification method, device, equipment and medium
CN112887104A (en) * 2019-11-29 2021-06-01 游戏橘子数位科技股份有限公司 Method for detecting account status
CN112910896A (en) * 2021-02-02 2021-06-04 支付宝(杭州)信息技术有限公司 Account authentication method, device, equipment and medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102957701A (en) * 2012-11-05 2013-03-06 深圳市共进电子股份有限公司 Method and system for verifying telnet server brute force attack prevention
CN104202620A (en) * 2014-07-04 2014-12-10 南京超聚通信科技有限公司 System and method of implementing video on demand and review of unidirectional set-top box through mobile intelligent terminal
US9935931B2 (en) * 2015-09-28 2018-04-03 Lenovo Enterprise Solutions (Singapore) Pte. Ltd. Authorizing user access to resource by determining whether other, authorized users have indicated that the user should be permitted access
CN108256315A (en) * 2018-01-15 2018-07-06 北京明华联盟科技有限公司 Terminal and cipher authentication method and computer readable storage medium
US10187371B1 (en) * 2012-01-26 2019-01-22 United Services Automobile Association (Usaa) Quick-logon for computing device

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10187371B1 (en) * 2012-01-26 2019-01-22 United Services Automobile Association (Usaa) Quick-logon for computing device
CN102957701A (en) * 2012-11-05 2013-03-06 深圳市共进电子股份有限公司 Method and system for verifying telnet server brute force attack prevention
CN104202620A (en) * 2014-07-04 2014-12-10 南京超聚通信科技有限公司 System and method of implementing video on demand and review of unidirectional set-top box through mobile intelligent terminal
US9935931B2 (en) * 2015-09-28 2018-04-03 Lenovo Enterprise Solutions (Singapore) Pte. Ltd. Authorizing user access to resource by determining whether other, authorized users have indicated that the user should be permitted access
CN108256315A (en) * 2018-01-15 2018-07-06 北京明华联盟科技有限公司 Terminal and cipher authentication method and computer readable storage medium

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110768995A (en) * 2019-10-30 2020-02-07 北京达佳互联信息技术有限公司 Security verification method, device and system
CN110768995B (en) * 2019-10-30 2022-04-01 北京达佳互联信息技术有限公司 Security verification method, device, system and storage medium
CN112887104A (en) * 2019-11-29 2021-06-01 游戏橘子数位科技股份有限公司 Method for detecting account status
CN112215613A (en) * 2020-10-09 2021-01-12 支付宝(杭州)信息技术有限公司 Password verification method, device, equipment and medium
CN112215613B (en) * 2020-10-09 2022-06-24 支付宝(杭州)信息技术有限公司 Password verification method, device, equipment and medium
CN112910896A (en) * 2021-02-02 2021-06-04 支付宝(杭州)信息技术有限公司 Account authentication method, device, equipment and medium

Similar Documents

Publication Publication Date Title
CN109981626A (en) A kind of account authentication method and device
EP3966717B1 (en) User interface for authentication with random noise symbols
EP3966716B1 (en) Pattern matching for authentication with random noise symbols and pattern recognition
CN114008974B (en) Partial pattern recognition in symbol streams
EP3967011B1 (en) Partial pattern recognition in a stream of symbols
US11736472B2 (en) Authentication with well-distributed random noise symbols
EP3967012B1 (en) Partial pattern recognition in a stream of symbols
US11258783B2 (en) Authentication with random noise symbols and pattern recognition
US20200389443A1 (en) Authentication with random noise symbols and pattern recognition
CN111182547B (en) Login protection method, device and system
CN113746785B (en) Mailbox login and processing method, system and device
CN113873519B (en) Digital asset carrier terminal based on block chain
CN116781398A (en) Cloud platform login method and device, computer equipment and storage medium
CN111787003A (en) Method for supporting multi-factor authentication interface protocol

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20190705