CN111859369A - System and method for automatic unified management of passwords - Google Patents
System and method for automatic unified management of passwords Download PDFInfo
- Publication number
- CN111859369A CN111859369A CN202010741674.2A CN202010741674A CN111859369A CN 111859369 A CN111859369 A CN 111859369A CN 202010741674 A CN202010741674 A CN 202010741674A CN 111859369 A CN111859369 A CN 111859369A
- Authority
- CN
- China
- Prior art keywords
- module
- password
- data
- user
- operation set
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
- G06F21/46—Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Power Engineering (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a system and a method for password automatic unified management, which belong to the technical field of python automatic scripts and encryption algorithms, and comprise five modules: the system comprises a main control module, a password generation module, a password rule restriction module, a data backup and migration module and a data storage module. The method comprises the following steps of developing by using a python automation script, carrying out storage management based on a json format, operating a plurality of functions of account password storage, inquiry, deletion, modification and the like in a command line mode; the password is generated through an MD5 salt adding encryption algorithm, and user password customization is supported; and using the pdf file as a carrier, and performing backup migration on the data in an encryption/decryption mode. The application provides convenient and transparent unified password management for users, and ensures the security and uniqueness of the password.
Description
Technical Field
The invention relates to python automation script and encryption algorithm technology, in particular to a system and a method for password automation unified management.
Background
In the current world with developed internet, everyone can relate to a lot of account password information, mailbox accounts, website accounts, database accounts and the like, especially in the internet industry, the number of used account passwords is very large, and meanwhile, the problems that the information is difficult to manage, the recording and the query are time-consuming and labor-consuming are caused; meanwhile, the phenomenon that a plurality of account numbers share the same password exists, and if any one of the websites has a security hole, other account numbers are in a dangerous state. At present, many software can manage such information, but only record management is carried out, and the password content is artificially edited, so that the higher security strength of the password cannot be stably maintained. Only by human thinking, it is difficult to find out a large number of unique and safe passwords, and at the same time, an application combining multiple characteristics of management, password encryption and the like is needed.
Disclosure of Invention
The invention provides a system for automatic unified management of passwords, which mainly solves two problems: firstly, through script automation, various account passwords are managed in a unified manner, and a user is allowed to perform custom management and safely perform data migration; secondly, a strong password with higher security is automatically generated through an encryption algorithm, so that the security and uniqueness of different account passwords are ensured.
The technical scheme of the invention is as follows:
a password automatic unified management system is developed by using a python automatic script, storage management is carried out based on a json format, and various functions of account password storage, inquiry, deletion, modification and the like are operated in a command line mode; the password is generated through an MD5 salt adding encryption algorithm, and user password customization is supported; and using the pdf file as a carrier, and performing backup migration on the data in an encryption/decryption mode. The application provides convenient and transparent unified password management for users, and ensures the security and uniqueness of the password.
The system comprises five modules in total: the system comprises a main control module, a password generation module, a password rule restriction module, a data storage module and a data backup and migration module; wherein
The main control module: processing command input and core functions of the terminal, and controlling overall function scheduling;
a password generation module: generating a strong password by an MD5 salt encryption algorithm;
a cipher rule restriction module: accessing a restriction script, and secondarily packaging the password value output by the password generation module;
the data backup and migration module: migrating data using pdf encryption and decryption technology;
a data storage module: for storing data.
Further, in the above-mentioned case,
the main control module also comprises a command control module and an operation set module;
the command control module is responsible for receiving system terminal command parameters, identifying and distributing commands to be mapped to the operation set module;
the operation set module comprises all function functions and interacts with the password generation module and the data storage module simultaneously. And responding to the corresponding functional operation according to different mapping values transmitted by the command control module, wherein the main functions comprise viewing all description values (key), taking a corresponding account (user _ name) and a corresponding password (password) according to the description values, storing the password in a user-defined mode, storing the password by using an MD5 salt-adding encryption algorithm, modifying the description values or the account numbers or the passwords, and deleting specified data.
When the user takes the corresponding account password according to the description value, the main control module outputs the password to the system shear plate while displaying information in the terminal, and the user can directly paste the password for use.
Further, in the above-mentioned case,
the password generation module comprises:
the strong password generated by using the MD5 salt-adding encryption algorithm ensures the security and uniqueness of the password;
the method can be used for connecting a password rule restriction module and enriching password formats.
Further, in the above-mentioned case,
the cipher rule restriction module is an optional module and comprises:
the password generating module is used for generating a password;
the module can be freely controlled to be opened through a switch;
the user can customize different restriction rules by accessing the self-defined script.
In a still further aspect of the present invention,
a control switch is arranged in the password rule restriction module, and the password rule restriction module is in an off state under the default condition, namely the password rule restriction is not carried out; and when the corresponding command line parameters are input, the password rule restriction module can be opened through the main control module, and the rule restriction is performed on the password output by the password generation module.
Further, in the above-mentioned case,
the data backup and migration module comprises:
only the data storage module is operated and is independently controlled by a command without depending on the main module;
converting the json file into a pdf file, so that different PC terminals or mobile terminals can look up the pdf file conveniently;
the security of data migration is enhanced by using encryption and decryption technology for the pdf file.
Further, in the above-mentioned case,
the data storage module uses a json file to store data locally when the data volume is small; storing in a key value pair format, wherein the description information is used as a key value, and a user name (user _ name) and a password (password) are used as value values in a set form; and under the default condition, the password field is a non-NULL value and must be assigned, and if the user name field is not assigned, the default value is NULL.
In addition, the invention also provides a password automatic unified management method,
the working steps are as follows:
the method comprises the following steps: inputting related commands in the system terminal, receiving command parameters by a command control module of the main control module, and identifying, judging and mapping specific function functions in the operation set module;
step two: the operation set module of the main control module performs appointed function response, and is connected with the data storage module and the password generation module;
step three: before all functions of the operation set module respond, judging whether json files exist in the same directory or not, if yes, creating new files, and if yes, continuing reading and writing;
step four: aiming at the storage function in the operation set module, if the user does not need to define the password by self, the password generation module is called to automatically generate a strong password generated by an MD5 salt-adding encryption algorithm;
step five: in the first step, if the command line parameter does not control to open the password rule restriction module, the step is omitted, otherwise, the password restriction module performs secondary packaging after the password generation module outputs, and then returns a packaging value to the operation set module;
step six: the operation set module outputs interactive data to the terminal console, wherein the interactive data comprises description values, user names and passwords, and the password values are output to a system shear plate to be used by a user directly;
step seven: and if data backup and migration are needed, independently executing the script of the data backup and migration module, operating the module aiming at the json file, and outputting the encrypted pdf file.
The invention has the advantages that
(1) The system provides convenient and transparent unified password management for users, saves time and labor, and can be easily operated only by commands at the system terminal;
(2) the automatic management and generation of the password are realized, and the safety and the uniqueness of the password are ensured.
Drawings
FIG. 1 is a schematic diagram of a master control module structure and interaction flow;
fig. 2 is a schematic diagram of the overall architecture.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer and more complete, the technical solutions in the embodiments of the present invention will be described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention, and based on the embodiments of the present invention, all other embodiments obtained by a person of ordinary skill in the art without creative efforts belong to the scope of the present invention.
The invention is based on MD5(Message-Digest Algorithm) salt-adding encryption Algorithm, which comprises five modules: the system comprises a main control module, a password generation module, a password rule restriction module, a data storage module and a data backup and migration module. The main control module also comprises a command control module and an operation set module, wherein the command control module receives the command line parameters, maps the command line parameters to the operation set module and calls a corresponding function method; meanwhile, the main control module integrates other four modules to carry out overall function scheduling. The password generation module generates a unique 128-bit hash value through an MD5 salt encryption algorithm, and meanwhile, the password is allowed to be customized by a user. The password rule restriction module is a pluggable script, secondary packaging is carried out on the output value of the password generation module, and the module can be freely controlled to be used. The data storage module is responsible for locally storing data. The data backup and migration module is responsible for converting the database file into pdf format and realizing data backup and transfer through encryption/decryption mode.
The main functions of each module are as follows:
the main control module: comprises a command control module and an operation set module. The command control module is responsible for receiving command line parameters of the terminal and mapping the command line parameters to the operation set module; the operation set module responds to the corresponding functional operation according to different mapping values transmitted by the command control module, and the main functions comprise checking all description values (key), taking corresponding account numbers (user _ name) and passwords (password) according to the description values, storing the passwords in a user-defined mode, storing the passwords by using an MD5 salting encryption algorithm, modifying the description values or the account numbers or the passwords and deleting specified data. When the user takes the corresponding account password according to the description value, the main control module outputs the password to the system shear plate while displaying information in the terminal, and the user can directly paste the password for use.
A password generation module: the module is mainly responsible for outputting strong passwords through an MD5 salt encryption algorithm. The MD5 algorithm generates a unique 128-bit hash value (16 bytes) for an input string, and even if only one character of the input string changes, the output hash value of the input string is greatly different, so that the input string has better security and irreversibility. In order to obtain a password with higher security strength, salt adding encryption operation is used on the basis of an MD5 algorithm, letters, numbers and special symbols are used as original character strings, the original character strings are disordered and arranged in sequence, then characters with specified range lengths are randomly selected to form a new character string, and then the new character string is encrypted through an MD5 algorithm, wherein the process is the salt adding encryption operation. This provides input strings of different lengths, different contents, and different orders for each invocation of the MD5 algorithm to minimize the regularity of the hash value generated.
A cipher rule restriction module: the module is an optional module and is mainly responsible for carrying out secondary packaging on the output value of the password generation module. The output value of the MD5 salt-adding encryption algorithm is always 16 characters, which is a combination of letters and numbers. The login password of different websites can be defined differently, such as the limitation of length, or the initial character is not allowed to be a number, etc. The module is a pluggable module, a control switch is arranged in the pluggable module, and the pluggable module is in a closed state under the default condition, namely, the restriction of the password rule is not performed. And when the corresponding command line parameters are input, the password rule restriction module can be opened through the main control module, and the rule restriction is performed on the password output by the password generation module. Restriction rules can be freely defined, and the module can be accessed by compiling scripts, so that the flexibility is high.
A data storage module: the module is mainly used for storing data. When the data size is small, the json file can be used for storing the data locally. The information is stored in a key value pair format, the description information is used as a key value, and the user name (user _ name) and the password (password) are used as value values in a set form. And under the default condition, the password field is a non-NULL value and must be assigned, and if the user name field is not assigned, the default value is NULL.
The data backup and migration module: the module is responsible for converting json files to pdf files for data backup or migration. The purpose of converting the pdf file is to facilitate the lookup at other PC terminals or mobile terminals, but when the password file is transmitted through the network, there is a danger of being intercepted, especially when the file has an important password, the pdf file needs to be encrypted and transmitted by the transmitting terminal, and the pdf file is decrypted by the secret password by the receiving terminal, so that the content of the pdf file is not exposed even if the middle part is intercepted.
The five modules integrally cooperate as follows:
the method comprises the following steps: inputting related commands in the system terminal, receiving command parameters by a command control module of the main control module, and identifying, judging and mapping specific function functions in the operation set module;
step two: the operation set module of the main control module performs appointed function response, and is connected with the data storage module and the password generation module;
step three: before all functions of the operation set module respond, judging whether json files exist in the same directory or not, if yes, creating new files, and if yes, continuing reading and writing;
step four: aiming at the storage function in the operation set module, if the user does not need to define the password by self, the password generation module is called to automatically generate a strong password generated by an MD5 salt-adding encryption algorithm;
step five: in the first step, if the command line parameter does not control to open the password rule restriction module, the step is omitted, otherwise, the password restriction module performs secondary packaging after the password generation module outputs, and then returns a packaging value to the operation set module;
step six: the operation set module outputs interactive data to the terminal console, wherein the interactive data comprises description values, user names and passwords, and the password values are output to a system shear plate to be used by a user directly;
step seven: and if data backup and migration are needed, independently executing the script of the data backup and migration module, operating the module aiming at the json file, and outputting the encrypted pdf file.
The above description is only a preferred embodiment of the present invention, and is only used to illustrate the technical solutions of the present invention, and not to limit the protection scope of the present invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention shall fall within the protection scope of the present invention.
Claims (10)
1. An automatic unified management system for passwords is characterized in that,
the system comprises five modules in total: the system comprises a main control module, a password generation module, a password rule restriction module, a data storage module and a data backup and migration module; wherein
The main control module: processing command input and core functions of the terminal, and controlling overall function scheduling;
a password generation module: generating a strong password by an MD5 salt encryption algorithm;
a cipher rule restriction module: accessing a restriction script, and secondarily packaging the password value output by the password generation module;
the data backup and migration module: migrating data using pdf encryption and decryption technology;
a data storage module: for storing data.
2. The system of claim 1,
the main control module also comprises a command control module and an operation set module;
the command control module is responsible for receiving system terminal command parameters, identifying and distributing commands to be mapped to the operation set module;
the operation set module comprises all function functions and interacts with the password generation module and the data storage module simultaneously.
3. The system of claim 2,
the operation set module responds to the corresponding functional operation according to different mapping values transmitted by the command control module, and the main functions comprise checking all description values (key), taking corresponding account numbers (user _ name) and passwords (password) according to the description values, storing the passwords in a user-defined mode, storing the passwords by using an MD5 salting encryption algorithm, modifying the description values or the account numbers or the passwords and deleting specified data.
4. The system of claim 3,
when the user takes the corresponding account password according to the description value, the main control module outputs the password to the system shear plate while displaying information in the terminal, and the user can directly paste the password for use.
5. The system of claim 2,
the password generation module comprises:
the strong password generated by using the MD5 salt-adding encryption algorithm ensures the security and uniqueness of the password;
the method can be used for connecting a password rule restriction module and enriching password formats.
6. The system of claim 2,
the cipher rule restriction module is an optional module and comprises:
the password generating module is used for generating a password;
the module can be freely controlled to be opened through a switch;
the user can customize different restriction rules by accessing the self-defined script.
7. The system of claim 6,
a control switch is arranged in the password rule restriction module, and the password rule restriction module is in an off state under the default condition, namely the password rule restriction is not carried out; and when the corresponding command line parameters are input, the password rule restriction module can be opened through the main control module, and the rule restriction is performed on the password output by the password generation module.
8. The system of claim 2,
the data backup and migration module comprises:
only the data storage module is operated and is independently controlled by a command without depending on the main module;
converting the json file into a pdf file, so that different PC terminals or mobile terminals can look up the pdf file conveniently;
the security of data migration is enhanced by using encryption and decryption technology for the pdf file.
9. The system of claim 2,
the data storage module is stored locally by using a json file; storing in a key value pair format, wherein the description information is used as a key value, and a user name (user _ name) and a password (password) are used as value values in a set form; and under the default condition, the password field is a non-NULL value and must be assigned, and if the user name field is not assigned, the default value is NULL.
10. An automatic unified management method for passwords is characterized in that,
the working steps are as follows:
the method comprises the following steps: inputting related commands in the system terminal, receiving command parameters by a command control module of the main control module, and identifying, judging and mapping specific function functions in the operation set module;
step two: the operation set module of the main control module performs appointed function response, and is connected with the data storage module and the password generation module;
step three: before all functions of the operation set module respond, judging whether json files exist in the same directory or not, if yes, creating new files, and if yes, continuing reading and writing;
step four: aiming at the storage function in the operation set module, if the user does not need to define the password by self, the password generation module is called to automatically generate a strong password generated by an MD5 salt-adding encryption algorithm;
step five: in the first step, if the command line parameter does not control to open the password rule restriction module, the step is omitted, otherwise, the password restriction module performs secondary packaging after the password generation module outputs, and then returns a packaging value to the operation set module;
step six: the operation set module outputs interactive data to the terminal console, wherein the interactive data comprises description values, user names and passwords, and the password values are output to a system shear plate to be used by a user directly;
step seven: and if data backup and migration are needed, independently executing the script of the data backup and migration module, operating the module aiming at the json file, and outputting the encrypted pdf file.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010741674.2A CN111859369A (en) | 2020-07-29 | 2020-07-29 | System and method for automatic unified management of passwords |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010741674.2A CN111859369A (en) | 2020-07-29 | 2020-07-29 | System and method for automatic unified management of passwords |
Publications (1)
Publication Number | Publication Date |
---|---|
CN111859369A true CN111859369A (en) | 2020-10-30 |
Family
ID=72948236
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010741674.2A Pending CN111859369A (en) | 2020-07-29 | 2020-07-29 | System and method for automatic unified management of passwords |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111859369A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN117041443A (en) * | 2023-10-09 | 2023-11-10 | 人力资源和社会保障部人事考试中心 | Offline photo processing method, device and storage medium |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140013452A1 (en) * | 2012-07-03 | 2014-01-09 | Selim Aissi | Data protection hub |
CN104348609A (en) * | 2014-09-18 | 2015-02-11 | 成都西山居互动娱乐科技有限公司 | Non-stored password management algorithm |
CN105897412A (en) * | 2015-12-15 | 2016-08-24 | 乐视网信息技术(北京)股份有限公司 | Website password generation method and device |
-
2020
- 2020-07-29 CN CN202010741674.2A patent/CN111859369A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140013452A1 (en) * | 2012-07-03 | 2014-01-09 | Selim Aissi | Data protection hub |
CN104348609A (en) * | 2014-09-18 | 2015-02-11 | 成都西山居互动娱乐科技有限公司 | Non-stored password management algorithm |
CN105897412A (en) * | 2015-12-15 | 2016-08-24 | 乐视网信息技术(北京)股份有限公司 | Website password generation method and device |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN117041443A (en) * | 2023-10-09 | 2023-11-10 | 人力资源和社会保障部人事考试中心 | Offline photo processing method, device and storage medium |
CN117041443B (en) * | 2023-10-09 | 2023-12-08 | 人力资源和社会保障部人事考试中心 | Offline photo processing method, device and storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP7116197B2 (en) | Technologies for file sharing | |
US9825925B2 (en) | Method and apparatus for securing sensitive data in a cloud storage system | |
CN110598442A (en) | Sensitive data self-adaptive desensitization method and system | |
CN105760781B (en) | The storage method, restoration methods and operating method of large data files can be deduced in order | |
CN109791594A (en) | Data are segmented in order to persistently be stored in multiple immutable data structures | |
US9805209B2 (en) | Systems and methodologies for managing document access permissions | |
CN102413159B (en) | Trusty online storage system oriented to network operating system | |
CN107947917A (en) | A kind of method and device for generating whitepack key | |
CN109361644A (en) | A kind of Fog property base encryption method for supporting fast search and decryption | |
CN108777685A (en) | Method and apparatus for handling information | |
EP4350556A1 (en) | Information verification method and apparatus | |
CN112860777A (en) | Data processing method, device and equipment | |
CN110008725B (en) | User structured data processing system | |
CN111859369A (en) | System and method for automatic unified management of passwords | |
CN114036538A (en) | Database transparent encryption and decryption implementation method and system based on virtual block device | |
CN111062041A (en) | Data processing method and system implemented based on font library | |
CN109598137B (en) | Method and system for safely processing data | |
Kumar et al. | Data security and encryption technique for cloud storage | |
CN107968793A (en) | A kind of method, apparatus and system for downloading whitepack key | |
CN114969722A (en) | Government affair data privacy calculation system supporting multiple data types | |
CN113987574A (en) | Block chain private transaction method, device, equipment and readable storage medium | |
CN110362773B (en) | Cross-domain communication method, device, computer equipment and storage medium | |
CN116235174A (en) | Apparatus and method for performing encryption algorithm | |
CN110795726A (en) | Password protection method and system based on artificial neural network | |
KR102123440B1 (en) | Encryption method for supporting range query in multi-client environment and apparatus using the same |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20201030 |
|
RJ01 | Rejection of invention patent application after publication |