CN110851814B - Verification method for user login based on image - Google Patents

Verification method for user login based on image Download PDF

Info

Publication number
CN110851814B
CN110851814B CN201911035783.6A CN201911035783A CN110851814B CN 110851814 B CN110851814 B CN 110851814B CN 201911035783 A CN201911035783 A CN 201911035783A CN 110851814 B CN110851814 B CN 110851814B
Authority
CN
China
Prior art keywords
user
password
patterns
passwords
login
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201911035783.6A
Other languages
Chinese (zh)
Other versions
CN110851814A (en
Inventor
方梓威
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanjing University of Aeronautics and Astronautics
Original Assignee
Nanjing University of Aeronautics and Astronautics
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing University of Aeronautics and Astronautics filed Critical Nanjing University of Aeronautics and Astronautics
Priority to CN201911035783.6A priority Critical patent/CN110851814B/en
Publication of CN110851814A publication Critical patent/CN110851814A/en
Application granted granted Critical
Publication of CN110851814B publication Critical patent/CN110851814B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Information Transfer Between Computers (AREA)
  • Collating Specific Patterns (AREA)

Abstract

The invention discloses a verification method for user login based on an image, which expands the traditional login identification authentication method, increases picture identification and random change from original single, fixed and unchanged character passwords, and improves the security of own passwords, accounts and information after peeping when the user logs in. On the premise of using the personal password to carry out login verification, the login method capable of reducing the password attack of the user is provided, so that privacy revealing probability is reduced, and personal property safety is guaranteed.

Description

Verification method for user login based on image
Technical Field
The invention relates to the field of computers, in particular to a verification method for user login based on images.
Background
Traditional text passwords consist of numbers, letters, etc. that are sufficient to resist brute force attacks, but a powerful text password is hard to remember, so users tend to choose regular, concise passwords, which results in weaker password security.
Most previous passwords based on image recognition such as: the image point passwords need to be used for login authentication by drawing specified patterns by hands, but the passwords still cannot effectively resist attack of an attacker and are easy to be subjected to shoulder peeping attack.
Disclosure of Invention
Aiming at the defects related to the background technology, the invention provides a verification method for user login based on images.
The invention adopts the following technical scheme for solving the technical problems:
a verification method for user login based on images comprises the following steps:
step 1), when a user inputs a password, randomly selecting 9 patterns in a preset pattern library, randomly sequencing the patterns, sequentially filling the patterns into 9 password slots, and reminding the user to select one pattern as a mark pattern;
step 2), after the user selects the mark pattern, randomly sequencing the nine numbers 1 to 9, sequentially filling the nine numbers into the 9 password slots for display, reminding the user to memorize the positions of the password slots corresponding to the nine numbers, and then confirming;
step 3), after the user confirms, displaying the 9 patterns in the step 1), and reminding the user to input a password;
step 4), correcting the password after the user inputs the password:
judging whether the number corresponding to the code slot corresponding to the mark pattern is odd or even, and if the number is odd, directly taking the code input by the user as the corrected code; if the number is even, the passwords input by the user are arranged in reverse order and then used as corrected passwords;
and 5) sending the user name and the corrected password to a server, and judging whether the user name and the password are correct or not by the server.
Compared with the prior art, the technical scheme provided by the invention has the following technical effects:
1. the sequence of the patterns at each login can be randomly changed, and the positions of the identification patterns cannot be known in advance, so that the password security is greatly improved due to good defense effect on the shoulder peeping mode;
2. each time of random generation has good effect. The result shows that the random result can effectively avoid human factors, so that the password is safer.
Drawings
FIG. 1 is a schematic illustration of an interface for selecting a pattern as a logo pattern in accordance with the present invention;
FIG. 2 is a schematic diagram of an interface showing code slot numbering according to the present invention;
FIG. 3 is a schematic diagram of an interface for inputting a password according to the present invention.
Detailed Description
The technical scheme of the invention is further described in detail below with reference to the accompanying drawings:
this invention may be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the invention to those skilled in the art. In the drawings, the components are exaggerated for clarity.
The invention discloses a verification method for user login based on images, which comprises the following steps:
step 1), when a user inputs a password, randomly selecting 9 patterns in a preset pattern library, randomly sequencing, sequentially filling the 9 password slots, and reminding the user to select one pattern as a mark pattern, wherein the mark pattern is shown in fig. 1;
step 2), after the user selects the mark pattern, randomly sequencing the nine numbers 1 to 9, sequentially filling the nine numbers into the 9 password slots for display, reminding the user to memorize the positions of the password slots corresponding to the nine numbers, and then confirming the positions, as shown in figure 2;
step 3), after the user confirms, displaying the 9 patterns in the step 1), and reminding the user to input a password, as shown in fig. 3;
step 4), correcting the password after the user inputs the password:
judging whether the number corresponding to the code slot corresponding to the mark pattern is odd or even, and if the number is odd, directly taking the code input by the user as the corrected code; if the number is even, the passwords input by the user are arranged in reverse order and then used as corrected passwords;
and 5) sending the user name and the corrected password to a server, and judging whether the user name and the password are correct or not by the server.
At present, login verification mainly uses text passwords of combination of letters and numbers, when being attacked by shoulder peeping and the like, the security capability is very weak, and therefore account security of a user is seriously threatened under the condition. The invention adopts a brand new authentication scheme, achieves the aim of well preventing attack means such as shoulder peeping and the like, and can well protect the account against attack under the condition of facilitating the memory of a user, thereby greatly improving the safety.
It will be understood by those skilled in the art that, unless otherwise defined, all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs.
While the foregoing is directed to embodiments of the present invention, other and further details of the invention may be had by the present invention, it should be understood that the foregoing description is merely illustrative of the present invention and that no limitations are intended to the scope of the invention, except insofar as modifications, equivalents, improvements or modifications are within the spirit and principles of the invention.

Claims (1)

1. The verification method for user login based on the image is characterized by comprising the following steps:
step 1), when a user inputs a password, randomly selecting 9 patterns in a preset pattern library, randomly sequencing the patterns, sequentially filling the patterns into 9 password slots, and reminding the user to select one pattern as a mark pattern;
step 2), after the user selects the mark pattern, randomly sequencing the nine numbers 1 to 9, sequentially filling the nine numbers into the 9 password slots for display, reminding the user to memorize the positions of the password slots corresponding to the nine numbers, and then confirming;
step 3), after the user confirms, displaying the 9 patterns in the step 1), and reminding the user to input a password;
step 4), correcting the password after the user inputs the password:
judging whether the number corresponding to the code slot corresponding to the mark pattern is odd or even, and if the number is odd, directly taking the code input by the user as the corrected code; if the number is even, the passwords input by the user are arranged in reverse order and then used as corrected passwords;
and 5) sending the user name and the corrected password to a server, and judging whether the user name and the password are correct or not by the server.
CN201911035783.6A 2019-10-29 2019-10-29 Verification method for user login based on image Active CN110851814B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911035783.6A CN110851814B (en) 2019-10-29 2019-10-29 Verification method for user login based on image

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911035783.6A CN110851814B (en) 2019-10-29 2019-10-29 Verification method for user login based on image

Publications (2)

Publication Number Publication Date
CN110851814A CN110851814A (en) 2020-02-28
CN110851814B true CN110851814B (en) 2023-04-25

Family

ID=69598113

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911035783.6A Active CN110851814B (en) 2019-10-29 2019-10-29 Verification method for user login based on image

Country Status (1)

Country Link
CN (1) CN110851814B (en)

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2007148658A (en) * 2005-11-25 2007-06-14 Fuji Xerox Co Ltd Password input device and password input method
SG148888A1 (en) * 2007-06-20 2009-01-29 Chye Shin Jimmy Wong Improved system and method for random entry of password
CN101663672A (en) * 2007-02-21 2010-03-03 维杜普有限责任公司 The method and system that is used for graphical image authentication
CN102156544A (en) * 2011-04-18 2011-08-17 湘潭大学 Multimodality code-word disorderly combined password input device
CN103543939A (en) * 2013-07-08 2014-01-29 Tcl集团股份有限公司 Electronic device unlocking method and system and electronic device
CN106911847A (en) * 2017-02-22 2017-06-30 南京航空航天大学 Mobile phone text cipher authentication method based on the semantic prompting of vibrations
US10025952B1 (en) * 2014-11-21 2018-07-17 The Florida State University Research Foundation, Inc. Obfuscation of sensitive human-perceptual output
CN108345784A (en) * 2018-02-28 2018-07-31 于君 There are the cipher-code input method and equipment of icon and random character segment mark
CN109063454A (en) * 2018-07-02 2018-12-21 兰州交通大学 A kind of multi stroke shapes password suggested design and its Verification System
CN109165502A (en) * 2018-08-23 2019-01-08 南京航空航天大学 Secure password input method on a kind of smart phone that anti-shoulder is peeped

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101175042B1 (en) * 2011-11-10 2012-08-17 숭실대학교산학협력단 Method and apparatus for authenticating password of user device

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2007148658A (en) * 2005-11-25 2007-06-14 Fuji Xerox Co Ltd Password input device and password input method
CN101663672A (en) * 2007-02-21 2010-03-03 维杜普有限责任公司 The method and system that is used for graphical image authentication
SG148888A1 (en) * 2007-06-20 2009-01-29 Chye Shin Jimmy Wong Improved system and method for random entry of password
CN102156544A (en) * 2011-04-18 2011-08-17 湘潭大学 Multimodality code-word disorderly combined password input device
CN103543939A (en) * 2013-07-08 2014-01-29 Tcl集团股份有限公司 Electronic device unlocking method and system and electronic device
US10025952B1 (en) * 2014-11-21 2018-07-17 The Florida State University Research Foundation, Inc. Obfuscation of sensitive human-perceptual output
CN106911847A (en) * 2017-02-22 2017-06-30 南京航空航天大学 Mobile phone text cipher authentication method based on the semantic prompting of vibrations
CN108345784A (en) * 2018-02-28 2018-07-31 于君 There are the cipher-code input method and equipment of icon and random character segment mark
CN109063454A (en) * 2018-07-02 2018-12-21 兰州交通大学 A kind of multi stroke shapes password suggested design and its Verification System
CN109165502A (en) * 2018-08-23 2019-01-08 南京航空航天大学 Secure password input method on a kind of smart phone that anti-shoulder is peeped

Non-Patent Citations (7)

* Cited by examiner, † Cited by third party
Title
Analysis and Improvement of a PIN-Entry Method Resilient to Shoulder-Surfing and Recording Attacks.《IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY》.2015,第10卷(第10期),第278-292页. *
文伟平 ; 尹燕彬 ; .基于累加方法的防肩窥图形密码系统的设计与实现.信息网络安全.2009,(第03期),第7-10页. *
曹晓静 ; 罗伟其 ; .一种安全的登陆方案设计.微计算机信息.2006,(第12期),全文. *
罗军舟 ; 杨明 ; 凌振 ; 吴文甲 ; 顾晓丹 ; .网络空间安全体系与关键技术.中国科学:信息科学.2016,(第08期),全文. *
耿博 ; 葛丽娜 ; 王秋月 ; 王利娟 ; .改进的九宫格手势认证方法.计算机工程与科学.2018,(第09期),全文. *
胡卫 ; 马常楼 ; 廖巍 ; .图形密码方案可用性及安全性分析.计算机应用与软件.2009,(第12期),第3284-3287、3283页. *
陈舒荻.抗肩窥攻击的安全口令输入方法.《网络与信息安全学报》.2019,第5卷(第1期),第87-93页. *

Also Published As

Publication number Publication date
CN110851814A (en) 2020-02-28

Similar Documents

Publication Publication Date Title
US9684780B2 (en) Dynamic interactive identity authentication method and system
US9117065B2 (en) Dynamic interactive identity authentication method and system
US8826406B2 (en) Password security input system using shift value of password key and password security input method thereof
US10015163B2 (en) Apparatus and method for cryptographic operations using enhanced knowledge factor credentials
EP3304394B1 (en) Authentication methods and systems
US20070174628A1 (en) User authentication
US20070271465A1 (en) Method of Authentication by Challenge-Response and Picturized-Text Recognition
US20090144554A1 (en) Two-way authentication with non-disclosing password entry
US9768959B2 (en) Computer security system and method to protect against keystroke logging
JP5852235B2 (en) Access authentication method
EP1604258A1 (en) Method and system for enabling remote message composition
JP2019505051A (en) Dynamic graphical password-based network registration method and system
CN109075972B (en) System and method for password anti-theft authentication and encryption
CN104112096B (en) Multi-point touch method and device
US20160012617A1 (en) Apparatus and method for providing feedback on input data
CN110851814B (en) Verification method for user login based on image
CN115242450A (en) Password data input method, device and storage medium
Hanif et al. A new shoulder surfing and mobile key-logging resistant graphical password scheme for smart-held devices
LIM Multi-grid background Pass-Go
Potey et al. Secure authentication for data protection in cloud computing using color schemes
KR101659809B1 (en) Apparatus for input password for user authentication and method for thereof and system for thereof
Pawar et al. A survey paper on authentication for shoulder surfing resistance for graphical password using cued click point (CCP)
Rani et al. A Novel Session Password Security Technique using Textual Color and Images
US20240095331A1 (en) Apparatus, system and method for secure data entry
Huang et al. PAAI: Password Authentication Using AI

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant