CN110851814B - Verification method for user login based on image - Google Patents
Verification method for user login based on image Download PDFInfo
- Publication number
- CN110851814B CN110851814B CN201911035783.6A CN201911035783A CN110851814B CN 110851814 B CN110851814 B CN 110851814B CN 201911035783 A CN201911035783 A CN 201911035783A CN 110851814 B CN110851814 B CN 110851814B
- Authority
- CN
- China
- Prior art keywords
- user
- password
- patterns
- passwords
- login
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/36—User authentication by graphic or iconic representation
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Information Transfer Between Computers (AREA)
- Collating Specific Patterns (AREA)
Abstract
The invention discloses a verification method for user login based on an image, which expands the traditional login identification authentication method, increases picture identification and random change from original single, fixed and unchanged character passwords, and improves the security of own passwords, accounts and information after peeping when the user logs in. On the premise of using the personal password to carry out login verification, the login method capable of reducing the password attack of the user is provided, so that privacy revealing probability is reduced, and personal property safety is guaranteed.
Description
Technical Field
The invention relates to the field of computers, in particular to a verification method for user login based on images.
Background
Traditional text passwords consist of numbers, letters, etc. that are sufficient to resist brute force attacks, but a powerful text password is hard to remember, so users tend to choose regular, concise passwords, which results in weaker password security.
Most previous passwords based on image recognition such as: the image point passwords need to be used for login authentication by drawing specified patterns by hands, but the passwords still cannot effectively resist attack of an attacker and are easy to be subjected to shoulder peeping attack.
Disclosure of Invention
Aiming at the defects related to the background technology, the invention provides a verification method for user login based on images.
The invention adopts the following technical scheme for solving the technical problems:
a verification method for user login based on images comprises the following steps:
step 1), when a user inputs a password, randomly selecting 9 patterns in a preset pattern library, randomly sequencing the patterns, sequentially filling the patterns into 9 password slots, and reminding the user to select one pattern as a mark pattern;
step 2), after the user selects the mark pattern, randomly sequencing the nine numbers 1 to 9, sequentially filling the nine numbers into the 9 password slots for display, reminding the user to memorize the positions of the password slots corresponding to the nine numbers, and then confirming;
step 3), after the user confirms, displaying the 9 patterns in the step 1), and reminding the user to input a password;
step 4), correcting the password after the user inputs the password:
judging whether the number corresponding to the code slot corresponding to the mark pattern is odd or even, and if the number is odd, directly taking the code input by the user as the corrected code; if the number is even, the passwords input by the user are arranged in reverse order and then used as corrected passwords;
and 5) sending the user name and the corrected password to a server, and judging whether the user name and the password are correct or not by the server.
Compared with the prior art, the technical scheme provided by the invention has the following technical effects:
1. the sequence of the patterns at each login can be randomly changed, and the positions of the identification patterns cannot be known in advance, so that the password security is greatly improved due to good defense effect on the shoulder peeping mode;
2. each time of random generation has good effect. The result shows that the random result can effectively avoid human factors, so that the password is safer.
Drawings
FIG. 1 is a schematic illustration of an interface for selecting a pattern as a logo pattern in accordance with the present invention;
FIG. 2 is a schematic diagram of an interface showing code slot numbering according to the present invention;
FIG. 3 is a schematic diagram of an interface for inputting a password according to the present invention.
Detailed Description
The technical scheme of the invention is further described in detail below with reference to the accompanying drawings:
this invention may be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the invention to those skilled in the art. In the drawings, the components are exaggerated for clarity.
The invention discloses a verification method for user login based on images, which comprises the following steps:
step 1), when a user inputs a password, randomly selecting 9 patterns in a preset pattern library, randomly sequencing, sequentially filling the 9 password slots, and reminding the user to select one pattern as a mark pattern, wherein the mark pattern is shown in fig. 1;
step 2), after the user selects the mark pattern, randomly sequencing the nine numbers 1 to 9, sequentially filling the nine numbers into the 9 password slots for display, reminding the user to memorize the positions of the password slots corresponding to the nine numbers, and then confirming the positions, as shown in figure 2;
step 3), after the user confirms, displaying the 9 patterns in the step 1), and reminding the user to input a password, as shown in fig. 3;
step 4), correcting the password after the user inputs the password:
judging whether the number corresponding to the code slot corresponding to the mark pattern is odd or even, and if the number is odd, directly taking the code input by the user as the corrected code; if the number is even, the passwords input by the user are arranged in reverse order and then used as corrected passwords;
and 5) sending the user name and the corrected password to a server, and judging whether the user name and the password are correct or not by the server.
At present, login verification mainly uses text passwords of combination of letters and numbers, when being attacked by shoulder peeping and the like, the security capability is very weak, and therefore account security of a user is seriously threatened under the condition. The invention adopts a brand new authentication scheme, achieves the aim of well preventing attack means such as shoulder peeping and the like, and can well protect the account against attack under the condition of facilitating the memory of a user, thereby greatly improving the safety.
It will be understood by those skilled in the art that, unless otherwise defined, all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs.
While the foregoing is directed to embodiments of the present invention, other and further details of the invention may be had by the present invention, it should be understood that the foregoing description is merely illustrative of the present invention and that no limitations are intended to the scope of the invention, except insofar as modifications, equivalents, improvements or modifications are within the spirit and principles of the invention.
Claims (1)
1. The verification method for user login based on the image is characterized by comprising the following steps:
step 1), when a user inputs a password, randomly selecting 9 patterns in a preset pattern library, randomly sequencing the patterns, sequentially filling the patterns into 9 password slots, and reminding the user to select one pattern as a mark pattern;
step 2), after the user selects the mark pattern, randomly sequencing the nine numbers 1 to 9, sequentially filling the nine numbers into the 9 password slots for display, reminding the user to memorize the positions of the password slots corresponding to the nine numbers, and then confirming;
step 3), after the user confirms, displaying the 9 patterns in the step 1), and reminding the user to input a password;
step 4), correcting the password after the user inputs the password:
judging whether the number corresponding to the code slot corresponding to the mark pattern is odd or even, and if the number is odd, directly taking the code input by the user as the corrected code; if the number is even, the passwords input by the user are arranged in reverse order and then used as corrected passwords;
and 5) sending the user name and the corrected password to a server, and judging whether the user name and the password are correct or not by the server.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911035783.6A CN110851814B (en) | 2019-10-29 | 2019-10-29 | Verification method for user login based on image |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911035783.6A CN110851814B (en) | 2019-10-29 | 2019-10-29 | Verification method for user login based on image |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110851814A CN110851814A (en) | 2020-02-28 |
CN110851814B true CN110851814B (en) | 2023-04-25 |
Family
ID=69598113
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201911035783.6A Active CN110851814B (en) | 2019-10-29 | 2019-10-29 | Verification method for user login based on image |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110851814B (en) |
Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2007148658A (en) * | 2005-11-25 | 2007-06-14 | Fuji Xerox Co Ltd | Password input device and password input method |
SG148888A1 (en) * | 2007-06-20 | 2009-01-29 | Chye Shin Jimmy Wong | Improved system and method for random entry of password |
CN101663672A (en) * | 2007-02-21 | 2010-03-03 | 维杜普有限责任公司 | The method and system that is used for graphical image authentication |
CN102156544A (en) * | 2011-04-18 | 2011-08-17 | 湘潭大学 | Multimodality code-word disorderly combined password input device |
CN103543939A (en) * | 2013-07-08 | 2014-01-29 | Tcl集团股份有限公司 | Electronic device unlocking method and system and electronic device |
CN106911847A (en) * | 2017-02-22 | 2017-06-30 | 南京航空航天大学 | Mobile phone text cipher authentication method based on the semantic prompting of vibrations |
US10025952B1 (en) * | 2014-11-21 | 2018-07-17 | The Florida State University Research Foundation, Inc. | Obfuscation of sensitive human-perceptual output |
CN108345784A (en) * | 2018-02-28 | 2018-07-31 | 于君 | There are the cipher-code input method and equipment of icon and random character segment mark |
CN109063454A (en) * | 2018-07-02 | 2018-12-21 | 兰州交通大学 | A kind of multi stroke shapes password suggested design and its Verification System |
CN109165502A (en) * | 2018-08-23 | 2019-01-08 | 南京航空航天大学 | Secure password input method on a kind of smart phone that anti-shoulder is peeped |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101175042B1 (en) * | 2011-11-10 | 2012-08-17 | 숭실대학교산학협력단 | Method and apparatus for authenticating password of user device |
-
2019
- 2019-10-29 CN CN201911035783.6A patent/CN110851814B/en active Active
Patent Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2007148658A (en) * | 2005-11-25 | 2007-06-14 | Fuji Xerox Co Ltd | Password input device and password input method |
CN101663672A (en) * | 2007-02-21 | 2010-03-03 | 维杜普有限责任公司 | The method and system that is used for graphical image authentication |
SG148888A1 (en) * | 2007-06-20 | 2009-01-29 | Chye Shin Jimmy Wong | Improved system and method for random entry of password |
CN102156544A (en) * | 2011-04-18 | 2011-08-17 | 湘潭大学 | Multimodality code-word disorderly combined password input device |
CN103543939A (en) * | 2013-07-08 | 2014-01-29 | Tcl集团股份有限公司 | Electronic device unlocking method and system and electronic device |
US10025952B1 (en) * | 2014-11-21 | 2018-07-17 | The Florida State University Research Foundation, Inc. | Obfuscation of sensitive human-perceptual output |
CN106911847A (en) * | 2017-02-22 | 2017-06-30 | 南京航空航天大学 | Mobile phone text cipher authentication method based on the semantic prompting of vibrations |
CN108345784A (en) * | 2018-02-28 | 2018-07-31 | 于君 | There are the cipher-code input method and equipment of icon and random character segment mark |
CN109063454A (en) * | 2018-07-02 | 2018-12-21 | 兰州交通大学 | A kind of multi stroke shapes password suggested design and its Verification System |
CN109165502A (en) * | 2018-08-23 | 2019-01-08 | 南京航空航天大学 | Secure password input method on a kind of smart phone that anti-shoulder is peeped |
Non-Patent Citations (7)
Title |
---|
Analysis and Improvement of a PIN-Entry Method Resilient to Shoulder-Surfing and Recording Attacks.《IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY》.2015,第10卷(第10期),第278-292页. * |
文伟平 ; 尹燕彬 ; .基于累加方法的防肩窥图形密码系统的设计与实现.信息网络安全.2009,(第03期),第7-10页. * |
曹晓静 ; 罗伟其 ; .一种安全的登陆方案设计.微计算机信息.2006,(第12期),全文. * |
罗军舟 ; 杨明 ; 凌振 ; 吴文甲 ; 顾晓丹 ; .网络空间安全体系与关键技术.中国科学:信息科学.2016,(第08期),全文. * |
耿博 ; 葛丽娜 ; 王秋月 ; 王利娟 ; .改进的九宫格手势认证方法.计算机工程与科学.2018,(第09期),全文. * |
胡卫 ; 马常楼 ; 廖巍 ; .图形密码方案可用性及安全性分析.计算机应用与软件.2009,(第12期),第3284-3287、3283页. * |
陈舒荻.抗肩窥攻击的安全口令输入方法.《网络与信息安全学报》.2019,第5卷(第1期),第87-93页. * |
Also Published As
Publication number | Publication date |
---|---|
CN110851814A (en) | 2020-02-28 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9684780B2 (en) | Dynamic interactive identity authentication method and system | |
US9117065B2 (en) | Dynamic interactive identity authentication method and system | |
US8826406B2 (en) | Password security input system using shift value of password key and password security input method thereof | |
US10015163B2 (en) | Apparatus and method for cryptographic operations using enhanced knowledge factor credentials | |
EP3304394B1 (en) | Authentication methods and systems | |
US20070174628A1 (en) | User authentication | |
US20070271465A1 (en) | Method of Authentication by Challenge-Response and Picturized-Text Recognition | |
US20090144554A1 (en) | Two-way authentication with non-disclosing password entry | |
US9768959B2 (en) | Computer security system and method to protect against keystroke logging | |
JP5852235B2 (en) | Access authentication method | |
EP1604258A1 (en) | Method and system for enabling remote message composition | |
JP2019505051A (en) | Dynamic graphical password-based network registration method and system | |
CN109075972B (en) | System and method for password anti-theft authentication and encryption | |
CN104112096B (en) | Multi-point touch method and device | |
US20160012617A1 (en) | Apparatus and method for providing feedback on input data | |
CN110851814B (en) | Verification method for user login based on image | |
CN115242450A (en) | Password data input method, device and storage medium | |
Hanif et al. | A new shoulder surfing and mobile key-logging resistant graphical password scheme for smart-held devices | |
LIM | Multi-grid background Pass-Go | |
Potey et al. | Secure authentication for data protection in cloud computing using color schemes | |
KR101659809B1 (en) | Apparatus for input password for user authentication and method for thereof and system for thereof | |
Pawar et al. | A survey paper on authentication for shoulder surfing resistance for graphical password using cued click point (CCP) | |
Rani et al. | A Novel Session Password Security Technique using Textual Color and Images | |
US20240095331A1 (en) | Apparatus, system and method for secure data entry | |
Huang et al. | PAAI: Password Authentication Using AI |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |