CN111859369A - System and method for automatic unified management of passwords - Google Patents

System and method for automatic unified management of passwords Download PDF

Info

Publication number
CN111859369A
CN111859369A CN202010741674.2A CN202010741674A CN111859369A CN 111859369 A CN111859369 A CN 111859369A CN 202010741674 A CN202010741674 A CN 202010741674A CN 111859369 A CN111859369 A CN 111859369A
Authority
CN
China
Prior art keywords
module
password
data
user
operation set
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010741674.2A
Other languages
Chinese (zh)
Inventor
姜昱鹏
齐光鹏
徐士强
陈初兴
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Inspur Cloud Information Technology Co Ltd
Original Assignee
Inspur Cloud Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Inspur Cloud Information Technology Co Ltd filed Critical Inspur Cloud Information Technology Co Ltd
Priority to CN202010741674.2A priority Critical patent/CN111859369A/en
Publication of CN111859369A publication Critical patent/CN111859369A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Power Engineering (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides a system and a method for password automatic unified management, which belong to the technical field of python automatic scripts and encryption algorithms, and comprise five modules: the system comprises a main control module, a password generation module, a password rule restriction module, a data backup and migration module and a data storage module. The method comprises the following steps of developing by using a python automation script, carrying out storage management based on a json format, operating a plurality of functions of account password storage, inquiry, deletion, modification and the like in a command line mode; the password is generated through an MD5 salt adding encryption algorithm, and user password customization is supported; and using the pdf file as a carrier, and performing backup migration on the data in an encryption/decryption mode. The application provides convenient and transparent unified password management for users, and ensures the security and uniqueness of the password.

Description

System and method for automatic unified management of passwords
Technical Field
The invention relates to python automation script and encryption algorithm technology, in particular to a system and a method for password automation unified management.
Background
In the current world with developed internet, everyone can relate to a lot of account password information, mailbox accounts, website accounts, database accounts and the like, especially in the internet industry, the number of used account passwords is very large, and meanwhile, the problems that the information is difficult to manage, the recording and the query are time-consuming and labor-consuming are caused; meanwhile, the phenomenon that a plurality of account numbers share the same password exists, and if any one of the websites has a security hole, other account numbers are in a dangerous state. At present, many software can manage such information, but only record management is carried out, and the password content is artificially edited, so that the higher security strength of the password cannot be stably maintained. Only by human thinking, it is difficult to find out a large number of unique and safe passwords, and at the same time, an application combining multiple characteristics of management, password encryption and the like is needed.
Disclosure of Invention
The invention provides a system for automatic unified management of passwords, which mainly solves two problems: firstly, through script automation, various account passwords are managed in a unified manner, and a user is allowed to perform custom management and safely perform data migration; secondly, a strong password with higher security is automatically generated through an encryption algorithm, so that the security and uniqueness of different account passwords are ensured.
The technical scheme of the invention is as follows:
a password automatic unified management system is developed by using a python automatic script, storage management is carried out based on a json format, and various functions of account password storage, inquiry, deletion, modification and the like are operated in a command line mode; the password is generated through an MD5 salt adding encryption algorithm, and user password customization is supported; and using the pdf file as a carrier, and performing backup migration on the data in an encryption/decryption mode. The application provides convenient and transparent unified password management for users, and ensures the security and uniqueness of the password.
The system comprises five modules in total: the system comprises a main control module, a password generation module, a password rule restriction module, a data storage module and a data backup and migration module; wherein
The main control module: processing command input and core functions of the terminal, and controlling overall function scheduling;
a password generation module: generating a strong password by an MD5 salt encryption algorithm;
a cipher rule restriction module: accessing a restriction script, and secondarily packaging the password value output by the password generation module;
the data backup and migration module: migrating data using pdf encryption and decryption technology;
a data storage module: for storing data.
Further, in the above-mentioned case,
the main control module also comprises a command control module and an operation set module;
the command control module is responsible for receiving system terminal command parameters, identifying and distributing commands to be mapped to the operation set module;
the operation set module comprises all function functions and interacts with the password generation module and the data storage module simultaneously. And responding to the corresponding functional operation according to different mapping values transmitted by the command control module, wherein the main functions comprise viewing all description values (key), taking a corresponding account (user _ name) and a corresponding password (password) according to the description values, storing the password in a user-defined mode, storing the password by using an MD5 salt-adding encryption algorithm, modifying the description values or the account numbers or the passwords, and deleting specified data.
When the user takes the corresponding account password according to the description value, the main control module outputs the password to the system shear plate while displaying information in the terminal, and the user can directly paste the password for use.
Further, in the above-mentioned case,
the password generation module comprises:
the strong password generated by using the MD5 salt-adding encryption algorithm ensures the security and uniqueness of the password;
the method can be used for connecting a password rule restriction module and enriching password formats.
Further, in the above-mentioned case,
the cipher rule restriction module is an optional module and comprises:
the password generating module is used for generating a password;
the module can be freely controlled to be opened through a switch;
the user can customize different restriction rules by accessing the self-defined script.
In a still further aspect of the present invention,
a control switch is arranged in the password rule restriction module, and the password rule restriction module is in an off state under the default condition, namely the password rule restriction is not carried out; and when the corresponding command line parameters are input, the password rule restriction module can be opened through the main control module, and the rule restriction is performed on the password output by the password generation module.
Further, in the above-mentioned case,
the data backup and migration module comprises:
only the data storage module is operated and is independently controlled by a command without depending on the main module;
converting the json file into a pdf file, so that different PC terminals or mobile terminals can look up the pdf file conveniently;
the security of data migration is enhanced by using encryption and decryption technology for the pdf file.
Further, in the above-mentioned case,
the data storage module uses a json file to store data locally when the data volume is small; storing in a key value pair format, wherein the description information is used as a key value, and a user name (user _ name) and a password (password) are used as value values in a set form; and under the default condition, the password field is a non-NULL value and must be assigned, and if the user name field is not assigned, the default value is NULL.
In addition, the invention also provides a password automatic unified management method,
the working steps are as follows:
the method comprises the following steps: inputting related commands in the system terminal, receiving command parameters by a command control module of the main control module, and identifying, judging and mapping specific function functions in the operation set module;
step two: the operation set module of the main control module performs appointed function response, and is connected with the data storage module and the password generation module;
step three: before all functions of the operation set module respond, judging whether json files exist in the same directory or not, if yes, creating new files, and if yes, continuing reading and writing;
step four: aiming at the storage function in the operation set module, if the user does not need to define the password by self, the password generation module is called to automatically generate a strong password generated by an MD5 salt-adding encryption algorithm;
step five: in the first step, if the command line parameter does not control to open the password rule restriction module, the step is omitted, otherwise, the password restriction module performs secondary packaging after the password generation module outputs, and then returns a packaging value to the operation set module;
step six: the operation set module outputs interactive data to the terminal console, wherein the interactive data comprises description values, user names and passwords, and the password values are output to a system shear plate to be used by a user directly;
step seven: and if data backup and migration are needed, independently executing the script of the data backup and migration module, operating the module aiming at the json file, and outputting the encrypted pdf file.
The invention has the advantages that
(1) The system provides convenient and transparent unified password management for users, saves time and labor, and can be easily operated only by commands at the system terminal;
(2) the automatic management and generation of the password are realized, and the safety and the uniqueness of the password are ensured.
Drawings
FIG. 1 is a schematic diagram of a master control module structure and interaction flow;
fig. 2 is a schematic diagram of the overall architecture.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer and more complete, the technical solutions in the embodiments of the present invention will be described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention, and based on the embodiments of the present invention, all other embodiments obtained by a person of ordinary skill in the art without creative efforts belong to the scope of the present invention.
The invention is based on MD5(Message-Digest Algorithm) salt-adding encryption Algorithm, which comprises five modules: the system comprises a main control module, a password generation module, a password rule restriction module, a data storage module and a data backup and migration module. The main control module also comprises a command control module and an operation set module, wherein the command control module receives the command line parameters, maps the command line parameters to the operation set module and calls a corresponding function method; meanwhile, the main control module integrates other four modules to carry out overall function scheduling. The password generation module generates a unique 128-bit hash value through an MD5 salt encryption algorithm, and meanwhile, the password is allowed to be customized by a user. The password rule restriction module is a pluggable script, secondary packaging is carried out on the output value of the password generation module, and the module can be freely controlled to be used. The data storage module is responsible for locally storing data. The data backup and migration module is responsible for converting the database file into pdf format and realizing data backup and transfer through encryption/decryption mode.
The main functions of each module are as follows:
the main control module: comprises a command control module and an operation set module. The command control module is responsible for receiving command line parameters of the terminal and mapping the command line parameters to the operation set module; the operation set module responds to the corresponding functional operation according to different mapping values transmitted by the command control module, and the main functions comprise checking all description values (key), taking corresponding account numbers (user _ name) and passwords (password) according to the description values, storing the passwords in a user-defined mode, storing the passwords by using an MD5 salting encryption algorithm, modifying the description values or the account numbers or the passwords and deleting specified data. When the user takes the corresponding account password according to the description value, the main control module outputs the password to the system shear plate while displaying information in the terminal, and the user can directly paste the password for use.
A password generation module: the module is mainly responsible for outputting strong passwords through an MD5 salt encryption algorithm. The MD5 algorithm generates a unique 128-bit hash value (16 bytes) for an input string, and even if only one character of the input string changes, the output hash value of the input string is greatly different, so that the input string has better security and irreversibility. In order to obtain a password with higher security strength, salt adding encryption operation is used on the basis of an MD5 algorithm, letters, numbers and special symbols are used as original character strings, the original character strings are disordered and arranged in sequence, then characters with specified range lengths are randomly selected to form a new character string, and then the new character string is encrypted through an MD5 algorithm, wherein the process is the salt adding encryption operation. This provides input strings of different lengths, different contents, and different orders for each invocation of the MD5 algorithm to minimize the regularity of the hash value generated.
A cipher rule restriction module: the module is an optional module and is mainly responsible for carrying out secondary packaging on the output value of the password generation module. The output value of the MD5 salt-adding encryption algorithm is always 16 characters, which is a combination of letters and numbers. The login password of different websites can be defined differently, such as the limitation of length, or the initial character is not allowed to be a number, etc. The module is a pluggable module, a control switch is arranged in the pluggable module, and the pluggable module is in a closed state under the default condition, namely, the restriction of the password rule is not performed. And when the corresponding command line parameters are input, the password rule restriction module can be opened through the main control module, and the rule restriction is performed on the password output by the password generation module. Restriction rules can be freely defined, and the module can be accessed by compiling scripts, so that the flexibility is high.
A data storage module: the module is mainly used for storing data. When the data size is small, the json file can be used for storing the data locally. The information is stored in a key value pair format, the description information is used as a key value, and the user name (user _ name) and the password (password) are used as value values in a set form. And under the default condition, the password field is a non-NULL value and must be assigned, and if the user name field is not assigned, the default value is NULL.
The data backup and migration module: the module is responsible for converting json files to pdf files for data backup or migration. The purpose of converting the pdf file is to facilitate the lookup at other PC terminals or mobile terminals, but when the password file is transmitted through the network, there is a danger of being intercepted, especially when the file has an important password, the pdf file needs to be encrypted and transmitted by the transmitting terminal, and the pdf file is decrypted by the secret password by the receiving terminal, so that the content of the pdf file is not exposed even if the middle part is intercepted.
The five modules integrally cooperate as follows:
the method comprises the following steps: inputting related commands in the system terminal, receiving command parameters by a command control module of the main control module, and identifying, judging and mapping specific function functions in the operation set module;
step two: the operation set module of the main control module performs appointed function response, and is connected with the data storage module and the password generation module;
step three: before all functions of the operation set module respond, judging whether json files exist in the same directory or not, if yes, creating new files, and if yes, continuing reading and writing;
step four: aiming at the storage function in the operation set module, if the user does not need to define the password by self, the password generation module is called to automatically generate a strong password generated by an MD5 salt-adding encryption algorithm;
step five: in the first step, if the command line parameter does not control to open the password rule restriction module, the step is omitted, otherwise, the password restriction module performs secondary packaging after the password generation module outputs, and then returns a packaging value to the operation set module;
step six: the operation set module outputs interactive data to the terminal console, wherein the interactive data comprises description values, user names and passwords, and the password values are output to a system shear plate to be used by a user directly;
step seven: and if data backup and migration are needed, independently executing the script of the data backup and migration module, operating the module aiming at the json file, and outputting the encrypted pdf file.
The above description is only a preferred embodiment of the present invention, and is only used to illustrate the technical solutions of the present invention, and not to limit the protection scope of the present invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention shall fall within the protection scope of the present invention.

Claims (10)

1. An automatic unified management system for passwords is characterized in that,
the system comprises five modules in total: the system comprises a main control module, a password generation module, a password rule restriction module, a data storage module and a data backup and migration module; wherein
The main control module: processing command input and core functions of the terminal, and controlling overall function scheduling;
a password generation module: generating a strong password by an MD5 salt encryption algorithm;
a cipher rule restriction module: accessing a restriction script, and secondarily packaging the password value output by the password generation module;
the data backup and migration module: migrating data using pdf encryption and decryption technology;
a data storage module: for storing data.
2. The system of claim 1,
the main control module also comprises a command control module and an operation set module;
the command control module is responsible for receiving system terminal command parameters, identifying and distributing commands to be mapped to the operation set module;
the operation set module comprises all function functions and interacts with the password generation module and the data storage module simultaneously.
3. The system of claim 2,
the operation set module responds to the corresponding functional operation according to different mapping values transmitted by the command control module, and the main functions comprise checking all description values (key), taking corresponding account numbers (user _ name) and passwords (password) according to the description values, storing the passwords in a user-defined mode, storing the passwords by using an MD5 salting encryption algorithm, modifying the description values or the account numbers or the passwords and deleting specified data.
4. The system of claim 3,
when the user takes the corresponding account password according to the description value, the main control module outputs the password to the system shear plate while displaying information in the terminal, and the user can directly paste the password for use.
5. The system of claim 2,
the password generation module comprises:
the strong password generated by using the MD5 salt-adding encryption algorithm ensures the security and uniqueness of the password;
the method can be used for connecting a password rule restriction module and enriching password formats.
6. The system of claim 2,
the cipher rule restriction module is an optional module and comprises:
the password generating module is used for generating a password;
the module can be freely controlled to be opened through a switch;
the user can customize different restriction rules by accessing the self-defined script.
7. The system of claim 6,
a control switch is arranged in the password rule restriction module, and the password rule restriction module is in an off state under the default condition, namely the password rule restriction is not carried out; and when the corresponding command line parameters are input, the password rule restriction module can be opened through the main control module, and the rule restriction is performed on the password output by the password generation module.
8. The system of claim 2,
the data backup and migration module comprises:
only the data storage module is operated and is independently controlled by a command without depending on the main module;
converting the json file into a pdf file, so that different PC terminals or mobile terminals can look up the pdf file conveniently;
the security of data migration is enhanced by using encryption and decryption technology for the pdf file.
9. The system of claim 2,
the data storage module is stored locally by using a json file; storing in a key value pair format, wherein the description information is used as a key value, and a user name (user _ name) and a password (password) are used as value values in a set form; and under the default condition, the password field is a non-NULL value and must be assigned, and if the user name field is not assigned, the default value is NULL.
10. An automatic unified management method for passwords is characterized in that,
the working steps are as follows:
the method comprises the following steps: inputting related commands in the system terminal, receiving command parameters by a command control module of the main control module, and identifying, judging and mapping specific function functions in the operation set module;
step two: the operation set module of the main control module performs appointed function response, and is connected with the data storage module and the password generation module;
step three: before all functions of the operation set module respond, judging whether json files exist in the same directory or not, if yes, creating new files, and if yes, continuing reading and writing;
step four: aiming at the storage function in the operation set module, if the user does not need to define the password by self, the password generation module is called to automatically generate a strong password generated by an MD5 salt-adding encryption algorithm;
step five: in the first step, if the command line parameter does not control to open the password rule restriction module, the step is omitted, otherwise, the password restriction module performs secondary packaging after the password generation module outputs, and then returns a packaging value to the operation set module;
step six: the operation set module outputs interactive data to the terminal console, wherein the interactive data comprises description values, user names and passwords, and the password values are output to a system shear plate to be used by a user directly;
step seven: and if data backup and migration are needed, independently executing the script of the data backup and migration module, operating the module aiming at the json file, and outputting the encrypted pdf file.
CN202010741674.2A 2020-07-29 2020-07-29 System and method for automatic unified management of passwords Pending CN111859369A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010741674.2A CN111859369A (en) 2020-07-29 2020-07-29 System and method for automatic unified management of passwords

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010741674.2A CN111859369A (en) 2020-07-29 2020-07-29 System and method for automatic unified management of passwords

Publications (1)

Publication Number Publication Date
CN111859369A true CN111859369A (en) 2020-10-30

Family

ID=72948236

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010741674.2A Pending CN111859369A (en) 2020-07-29 2020-07-29 System and method for automatic unified management of passwords

Country Status (1)

Country Link
CN (1) CN111859369A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117041443A (en) * 2023-10-09 2023-11-10 人力资源和社会保障部人事考试中心 Offline photo processing method, device and storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140013452A1 (en) * 2012-07-03 2014-01-09 Selim Aissi Data protection hub
CN104348609A (en) * 2014-09-18 2015-02-11 成都西山居互动娱乐科技有限公司 Non-stored password management algorithm
CN105897412A (en) * 2015-12-15 2016-08-24 乐视网信息技术(北京)股份有限公司 Website password generation method and device

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140013452A1 (en) * 2012-07-03 2014-01-09 Selim Aissi Data protection hub
CN104348609A (en) * 2014-09-18 2015-02-11 成都西山居互动娱乐科技有限公司 Non-stored password management algorithm
CN105897412A (en) * 2015-12-15 2016-08-24 乐视网信息技术(北京)股份有限公司 Website password generation method and device

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117041443A (en) * 2023-10-09 2023-11-10 人力资源和社会保障部人事考试中心 Offline photo processing method, device and storage medium
CN117041443B (en) * 2023-10-09 2023-12-08 人力资源和社会保障部人事考试中心 Offline photo processing method, device and storage medium

Similar Documents

Publication Publication Date Title
JP7116197B2 (en) Technologies for file sharing
US9825925B2 (en) Method and apparatus for securing sensitive data in a cloud storage system
CN110598442A (en) Sensitive data self-adaptive desensitization method and system
CN105760781B (en) The storage method, restoration methods and operating method of large data files can be deduced in order
CN109791594A (en) Data are segmented in order to persistently be stored in multiple immutable data structures
US9805209B2 (en) Systems and methodologies for managing document access permissions
CN102413159B (en) Trusty online storage system oriented to network operating system
CN107947917A (en) A kind of method and device for generating whitepack key
CN109361644A (en) A kind of Fog property base encryption method for supporting fast search and decryption
CN108777685A (en) Method and apparatus for handling information
EP4350556A1 (en) Information verification method and apparatus
CN112860777A (en) Data processing method, device and equipment
CN110008725B (en) User structured data processing system
CN111859369A (en) System and method for automatic unified management of passwords
CN114036538A (en) Database transparent encryption and decryption implementation method and system based on virtual block device
CN111062041A (en) Data processing method and system implemented based on font library
CN109598137B (en) Method and system for safely processing data
Kumar et al. Data security and encryption technique for cloud storage
CN107968793A (en) A kind of method, apparatus and system for downloading whitepack key
CN114969722A (en) Government affair data privacy calculation system supporting multiple data types
CN113987574A (en) Block chain private transaction method, device, equipment and readable storage medium
CN110362773B (en) Cross-domain communication method, device, computer equipment and storage medium
CN116235174A (en) Apparatus and method for performing encryption algorithm
CN110795726A (en) Password protection method and system based on artificial neural network
KR102123440B1 (en) Encryption method for supporting range query in multi-client environment and apparatus using the same

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20201030

RJ01 Rejection of invention patent application after publication