CN112019505A

CN112019505A - Login method, device, server, electronic equipment and storage medium

Info

Publication number: CN112019505A
Application number: CN202010712763.4A
Authority: CN
Inventors: 刘志健
Original assignee: Beijing Dajia Internet Information Technology Co Ltd
Current assignee: Beijing Dajia Internet Information Technology Co Ltd
Priority date: 2020-07-22
Filing date: 2020-07-22
Publication date: 2020-12-01

Abstract

The embodiment of the disclosure provides a login method, a login device, a server, an electronic device and a storage medium. The method comprises the following steps: receiving a login request sent by electronic equipment; on the premise that a login password carried in a login request is not matched with a target password, if the login request carries a login certificate belonging to a target account and the target frequency is less than or equal to a first preset threshold value, or if the login request does not carry the login certificate belonging to the target account and the target frequency is less than or equal to a second preset threshold value, first indication information is sent to the electronic equipment; and if the login request carries the login credentials belonging to the target account and the target frequency is greater than a first preset threshold value, or if the login request does not carry the login credentials belonging to the target account and the target frequency is greater than a second preset threshold value, sending second indication information to the electronic equipment. Therefore, the scheme of the disclosure reduces the cost of identifying the legal user and network black products.

Description

Login method, device, server, electronic equipment and storage medium

Technical Field

The present disclosure relates to the field of computer technologies, and in particular, to a login method, an apparatus, a server, an electronic device, and a storage medium.

Background

Conventional software or systems provide password login functionality, wherein a user can successfully login after entering a username and a correct password. However, if the login status of the user is invalid after a certain period of time, the user is required to input the password again for login. However, the user may have multiple passwords in common, and never want which one should be used at a time, and thus tries one by one. However, to avoid the network black producing a password for the blasting user, the software typically limits the number of password attempts. For example, after a normal user accidentally misses the log-in for several times, the user needs to log in according to the graphical verification code, although certain safety is enhanced, the login difficulty of the user is improved, and the user experience is not good. The network black product refers to an illegal behavior which takes the internet as a medium, takes a network technology as a main means, and brings potential threats (namely major potential safety hazards) to computer information system safety and network space management order, even national safety and social political stability. Mainly comprises hacker attack, account stealing and phishing websites.

At present, real users and network black products are identified by establishing a wind control module, however, the wind control module needs to be established with great time cost and labor cost, and the network black products may change the attack mode thereof at any time, so the wind control module needs a corresponding adjustment strategy, which is a permanent cost.

Disclosure of Invention

In order to solve the technical problems described in the background art, embodiments of the present disclosure provide a login method, an apparatus, a server, an electronic device, and a storage medium, and a technical solution of the present disclosure is as follows:

according to a first aspect of the embodiments of the present disclosure, there is provided a login method applied to a server, the method including:

receiving a login request sent by electronic equipment, wherein the login request carries identification information and a login password of a target account number requested to be logged in;

when a login password carried in the login request is not matched with a target password, and the login request carries a login credential belonging to the target account, and a target frequency is less than or equal to a first preset threshold value, or when the login password carried in the login request is not matched with the target password, and the login credential belonging to the target account is not carried in the login request, and the target frequency is less than or equal to a second preset threshold value, first indication information is sent to the electronic equipment, the first indication information is used for indicating to re-input the login password, the target password is the login password of the target account stored in the server in advance, and the target frequency is the frequency of continuous mismatching between the login password carried in the login request and the target password;

when a login password carried in the login request is not matched with a target password, and the login request carries a login credential belonging to the target account, and the target frequency is greater than the first preset threshold value, or when the login password carried in the login request is not matched with the target password, and the login credential belonging to the target account is not carried in the login request, and the target frequency is greater than the second preset threshold value, sending second indication information to the electronic equipment, wherein the second indication information is used for indicating that the login password cannot be input again;

the first preset threshold is greater than the second preset threshold, the first preset threshold is used for representing the maximum number of times that a login password carried in a login request is not continuously matched with a target password when the login request carries a login credential belonging to the target account, and the second preset threshold is used for representing the maximum number of times that the login password carried in the login request is not continuously matched with the target password when the login credential belonging to the target account is not carried in the login request.

Optionally, the login credential is used to identify an account to which the login credential belongs, and the login credential is generated by the server and stored in the electronic device when the electronic device successfully logs in an account before sending the login request.

Optionally, the method further includes:

and when the electronic equipment successfully logs in the target account, regenerating the login credentials belonging to the target account, and sending the login credentials to the electronic equipment.

Optionally, the login credential is generated by encrypting target information, where the target information includes identification information of an account to which the login credential belongs;

after receiving the login request sent by the electronic device, the method further includes:

and when the login request carries the login credential, decrypting the login credential carried in the login request, and verifying whether the login credential carried in the login request belongs to the target account according to the data obtained after decryption.

Optionally, the login credential is generated by encrypting the target information by using a preset key and an advanced encryption standard AES;

the decrypting the login credentials carried in the login request and verifying whether the login credentials carried in the login request belong to the target account according to the data obtained after decryption includes:

decrypting the encrypted target information by adopting the preset key to obtain the identification information of the account to which the login certificate belongs, and determining the identification information as information to be compared;

when the information to be compared is the same as the identification information of the target account, determining that a login certificate carried in the login request belongs to the target account;

and when the information to be compared is different from the identification information of the target account, determining that the login credential carried in the login request does not belong to the target account.

Optionally, the login credential is a first numerical value used for identifying an account to which the login credential belongs, where the first numerical value is generated by performing a hash algorithm on the fixed salt and the target information;

executing a hash algorithm on the fixed salt and the identification information of the target account number to generate a second numerical value;

when the second value is the same as the first value, determining that a login credential carried in the login request belongs to the target account;

and when the second value is different from the first value, determining that the login credential carried in the login request does not belong to the target account.

Optionally, the login credential is a third value for identifying the account to which the login credential belongs, where the third value is generated by performing a hash algorithm on the random salt and the target information;

executing a hash algorithm on random salt used when the login certificate belonging to the target account is generated and the identification information of the target account to generate a fourth numerical value;

when the fourth value is the same as the third value, determining that a login credential carried in the login request belongs to the target account;

and when the fourth numerical value is different from the third numerical value, determining that the login credential carried in the login request does not belong to the target account.

Optionally, the second indication information is a graphic verification code.

According to a second aspect of the embodiments of the present disclosure, there is provided a login method applied to an electronic device, the method including:

sending a login request to a server, wherein the login request carries identification information and a login password of a target account number requested to be logged in;

when the login password carried in the login request is not matched with the target password, the login request carries a login certificate belonging to the target account, and the target times is less than or equal to a first preset threshold value, or, the login password carried in the login request is not matched with the target password, and the login request does not carry login credentials belonging to the target account, and when the target times is less than or equal to a second preset threshold, receiving first indication information sent by the server, and executing a first preset prompting operation, wherein the first indication information is used for indicating that the login password is input again, the target password is a login password of the target account pre-stored in the server, and the target times are the times that the login password carried in the login request is not matched with the target password continuously;

when a login password carried in the login request is not matched with a target password, and the login request carries a login credential belonging to the target account, and the target frequency is greater than the first preset threshold value, or when the login password carried in the login request is not matched with the target password, and the login credential belonging to the target account is not carried in the login request, and the target frequency is greater than the second preset threshold value, receiving second indication information sent by the server, and executing a second preset prompt operation, wherein the second indication information is used for indicating that the login password cannot be input again;

the first preset prompting operation is used for prompting the user to input the login password again, and the second preset prompting operation is used for prompting the user that the login password cannot be input again;

the first preset threshold is larger than the second preset threshold, the first preset threshold is used for representing the maximum number of times that the login password carried in the login request is not matched with the target password continuously when the login credential belonging to the target account is carried in the login request, and the second preset threshold is used for representing the maximum number of times that the login password carried in the login request is not matched with the target password continuously when the login credential belonging to the target account is not carried in the login request.

Optionally, the second indication information is a graphic verification code, and the executing a second preset prompt operation includes:

and displaying the graphical verification code.

Optionally, the method further includes:

and after the electronic equipment successfully logs in the target account, receiving and storing a login certificate which is sent by the server and is regenerated by the server and belongs to the target account.

According to a third aspect of the embodiments of the present disclosure, there is provided a login apparatus applied to a server, the apparatus including:

the system comprises a receiving module, a login module and a login module, wherein the receiving module is configured to receive a login request sent by electronic equipment, and the login request carries identification information and a login password of a target account number requested to be logged in;

a first indication module, configured to send first indication information to the electronic device when a login password carried in the login request is not matched with a target password, the login request carries a login credential belonging to the target account, and a target number of times is less than or equal to a first preset threshold, or when the login password carried in the login request is not matched with the target password, the login credential belonging to the target account is not carried in the login request, and the target number of times is less than or equal to a second preset threshold, the first indication information being used for indicating to re-input the login password, the target password being a login password of the target account pre-stored in the server, and the target number of times being the number of times that the login password carried in the login request is not matched with the target password continuously;

the second indication module is configured to send second indication information to the electronic device when a login password carried in the login request is not matched with a target password, the login request carries a login credential belonging to the target account, and the target frequency is greater than the first preset threshold value, or when the login password carried in the login request is not matched with the target password, the login request does not carry the login credential belonging to the target account, and the target frequency is greater than the second preset threshold value, wherein the second indication information is used for indicating that the login password cannot be input again;

Optionally, the apparatus further comprises:

and the credential generation module is configured to regenerate the login credential belonging to the target account and send the login credential to the electronic device when the electronic device successfully logs in the target account.

Optionally, the login credential is generated by encrypting target information, where the target information includes identification information of an account to which the login credential belongs; the device further comprises:

and the verification module is configured to decrypt the login credentials carried in the login request when the login credentials are carried in the login request, and verify whether the login credentials carried in the login request belong to the target account according to the data obtained after decryption.

the authentication module includes:

the decryption submodule is configured to decrypt the encrypted target information by using the preset key to obtain the identification information of the account to which the login certificate belongs, and the identification information is determined as information to be compared;

the first determining submodule is configured to determine that a login credential carried in the login request belongs to the target account when the information to be compared is the same as the identification information of the target account;

and the second determining submodule is configured to determine that the login credential carried in the login request does not belong to the target account when the information to be compared is different from the identification information of the target account.

the authentication module includes:

a first processing submodule configured to perform a hash algorithm on the fixed salt and the identification information of the target account number, and generate a second numerical value;

a third determining submodule configured to determine that a login credential carried in the login request belongs to the target account when the second value is the same as the first value;

a fourth determining submodule configured to determine that the login credential carried in the login request does not belong to the target account when the second value is different from the first value.

the authentication module includes:

the second processing submodule is configured to execute a hash algorithm on the random salt used when the login certificate belonging to the target account is generated and the identification information of the target account to generate a fourth numerical value;

a fifth determining submodule configured to determine that a login credential carried in the login request belongs to the target account when the fourth value is the same as the third value;

a sixth determining submodule configured to determine that the login credential carried in the login request does not belong to the target account when the fourth value is different from the third value.

Optionally, the second indication information is a graphic verification code.

According to a fourth aspect of the embodiments of the present disclosure, there is provided a login apparatus applied to an electronic device, the apparatus including:

the system comprises a sending module, a login module and a login module, wherein the sending module is configured to send a login request to a server, and the login request carries identification information and a login password of a target account number requested to be logged in;

a first execution module configured to not match a target password with a login password carried in the login request, and the login request carries a login credential belonging to the target account, and when the target number is less than or equal to a first preset threshold, or, the login password carried in the login request is not matched with the target password, and the login request does not carry login credentials belonging to the target account, and when the target times is less than or equal to a second preset threshold, receiving first indication information sent by the server, and executing a first preset prompting operation, wherein the first indication information is used for indicating that the login password is input again, the target password is a login password of the target account pre-stored in the server, and the target times are the times that the login password carried in the login request is not matched with the target password continuously;

a second execution module, configured to receive second indication information sent by the server and execute a second preset prompt operation when a login password carried in the login request is not matched with a target password, the login request carries a login credential belonging to the target account, and the target frequency is greater than the first preset threshold, or when the login password carried in the login request is not matched with the target password, the login request does not carry the login credential belonging to the target account, and the target frequency is greater than the second preset threshold, the second indication information being used for indicating that the login password cannot be input again;

Optionally, the second indication information is a graphical verification code, and the second execution module, when executing a second preset prompt operation, is specifically configured to:

and displaying the graphical verification code.

Optionally, the apparatus further comprises:

and the credential updating module is configured to receive and store the login credential which is sent by the server and is regenerated by the server and belongs to the target account after the electronic device successfully logs in the target account.

According to a fifth aspect of embodiments of the present disclosure, there is provided a server including:

a processor;

a memory for storing the processor-executable instructions;

wherein the processor is configured to execute the instructions to implement the login method described above.

According to a sixth aspect of embodiments of the present disclosure, there is provided an electronic apparatus including:

a processor;

a memory for storing the processor-executable instructions;

According to a seventh aspect of the embodiments of the present disclosure, there is provided a storage medium, wherein instructions of the storage medium, when executed by a processor of an electronic device, enable the electronic device to execute the login method described above.

According to an eighth aspect of embodiments of the present disclosure, there is provided a computer program product containing instructions which, when run on a computer, cause the computer to implement the login method described above.

Compared with the prior art, the method has the following advantages:

according to the technical scheme provided by the embodiment of the disclosure, when a server receives a login request which is sent by an electronic device and requests to login a target account, if a login password carried in the login request is not matched with a login password of the target account pre-stored in the server, and the login request carries a login credential belonging to the target account, and the number of times that the login password carried in the login request is not continuously matched with the login password of the target account pre-stored in the server is less than or equal to a first preset threshold value, or, the login password carried in the login request is not matched with the login password of the target account pre-stored in the server, and the login credential belonging to the target account is not carried in the login request, and the number of times that the login password carried in the login request is not continuously matched with the login password of the target account pre-stored in the server is less than or equal to a second preset, sending first indication information to the electronic equipment to indicate a user of the electronic equipment to input the login password again;

if the login password carried in the login request is not matched with the login password of the target account number pre-stored in the server, the login credential belonging to the target account number is carried in the login request, the number of times that the login password carried in the login request is continuously not matched with the login password of the target account number pre-stored in the server is larger than a first preset threshold value, or the login password carried in the login request is not matched with the login password of the target account number pre-stored in the server, the login credential belonging to the target account number is not carried in the login request, and the number of times that the login password carried in the login request is continuously not matched with the login password of the target account number pre-stored in the server is larger than a second preset threshold value, second indication information is sent to the electronic device to indicate that the user of the electronic device cannot input the login password again.

If one login request carries the login credential of the target account requested to be logged in, it indicates that the user corresponding to the login request is a legal user, and the network password cannot acquire the login credential, so that the network password does not carry the login credential when the network password requests to log in the target account, and therefore, if one login request does not carry the login credential of the target account requested to be logged in, it indicates that the user corresponding to the login request may be the network password.

In addition, in the technical scheme provided by the embodiment of the disclosure, under the condition that the login request carries the login credential belonging to the target account, a first preset threshold is adopted to limit the number of times of inputting the wrong password at one side of the electronic equipment; and under the condition that the login credential belonging to the target account is not carried in the login request, limiting the number of times of inputting the wrong password by one side of the electronic equipment by adopting a second preset threshold value.

Therefore, in the technical scheme provided by the embodiment of the disclosure, if the user corresponding to the login request is a legal user, more password error times, i.e. attempts of the password are allowed to be relaxed on one side of the electronic device; and if the user corresponding to the login request is network black product, allowing the electronic equipment side to have fewer password error times.

Therefore, in the technical scheme provided by the embodiment of the disclosure, whether the user requesting login is a legal user or a network black product is identified by whether the login request carries the login credential belonging to the target account number requesting login, so that the time cost and the labor cost required for identifying the legal user and the network black product are reduced, different password attempt times are adopted for the legal user and the network black product, the login experience of the legal user can be improved, and the original login security level cannot be reduced.

It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.

Drawings

FIG. 1 is a flow diagram of password entry in the prior art;

FIG. 2 is a flow diagram illustrating a method of login in accordance with an exemplary embodiment;

FIG. 3 is a flow diagram illustrating another method of logging in according to an exemplary embodiment;

FIG. 4 is a flow diagram illustrating a particular implementation of a login method in accordance with an illustrative embodiment;

FIG. 5 is a block diagram illustrating a login device in accordance with an exemplary embodiment;

FIG. 6 is a block diagram illustrating another login device in accordance with an exemplary embodiment;

FIG. 7 is a block diagram illustrating a server in accordance with an exemplary embodiment;

FIG. 8 is a block diagram illustrating an electronic device in accordance with an exemplary embodiment;

FIG. 9 is a block diagram illustrating another electronic device in accordance with an example embodiment.

Detailed Description

In order to make the technical solutions of the present disclosure better understood by those of ordinary skill in the art, the technical solutions in the embodiments of the present disclosure will be clearly and completely described below with reference to the accompanying drawings.

It should be noted that the terms "first," "second," and the like in the description and claims of the present disclosure and in the above-described drawings are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the disclosure described herein are capable of operation in sequences other than those illustrated or otherwise described herein. The implementations described in the exemplary embodiments below are not intended to represent all implementations consistent with the present disclosure. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present disclosure, as detailed in the appended claims.

The network black products have certain threats to the application of common software or systems, and if the software can automatically identify the real users and the network black products, the network black products can be fundamentally prevented from logging in, so that the login convenience can be provided for the real users while the security is enhanced to the maximum extent.

However, since the password login interfaces are all open to the outside, many attributes in the request can be forged, and software has great difficulty in distinguishing whether the network is a black product or a normal user. In the related art, whether the login request is from a real user or a network black spot is distinguished by establishing a wind control module. The wind control module needs to be responsible for people with knowledge of relevant network security, and the common black-generation attack mode is screened. When the software receives the login request, the software sends the detailed information of the request to the wind control module, and the wind control module judges whether the request comes from the network black product.

Specifically, the flow of software processing password login under the coordination of the wind control module is shown in fig. 1. When the software system receives a password login request, the detailed information of the request is sent to the wind control module for analysis; the wind control module analyzes and judges whether the current request is network black production according to the wind control model, and if the current request is a risky request, the software is required to pop up a graphical verification code to a user; if the user is a real user, the user can log in after the graphical verification code is verified. If the network is a black product, great effort is required to crack the graphical verification code, and then login is performed, so that the security of the whole password login is improved.

Although the construction of the wind control module can greatly help to improve the security of the whole software, the wind control module needs to be constructed with great time cost and labor cost, and the attack mode of the network black product can be changed at any time, so that the wind control module needs a corresponding adjustment strategy, which is a permanent cost.

The problem that time cost and labor cost are high due to the fact that a wind control module is adopted to identify legal users and network black products in the related technology is solved. The embodiment of the disclosure provides a login method, a login device, a server, an electronic device and a storage medium.

According to a first aspect of the embodiments of the present disclosure, there is provided a login method applied to a server, as shown in fig. 2, the login method may include the following steps:

step 201: and receiving a login request sent by the electronic equipment.

The login request carries identification information and a login password of the target account number requested to be logged in. The identification information of the target account may be a user ID.

In addition, when the electronic device needs to log in the target account, the electronic device carries the login password and the identification information of the target account and sends a login request to the server.

Step 202: and when a login password carried in the login request is not matched with a target password, the login request carries a login credential belonging to the target account, and the target frequency is less than or equal to a first preset threshold value, or when the login password carried in the login request is not matched with the target password, the login credential belonging to the target account is not carried in the login request, and the target frequency is less than or equal to a second preset threshold value, first indication information is sent to the electronic equipment.

The first indication information is used for indicating that a login password is input again, the target password is a login password of the target account pre-stored in the server, and the target times are the times that the login password carried in the login request is not matched with the target password continuously.

As shown in step 202, in the login method provided by the embodiment of the present disclosure, in the following two cases, the server may send the first indication information to the electronic device to instruct the user of the electronic device to re-input the login password.

The first condition is as follows: the login password carried in the login request is not matched with the login password of the target account number stored in the server in advance, the login request carries a login certificate belonging to the target account number, and the number of times that the login password carried in the login request is not matched with the login password of the target account number stored in the server in advance continuously is less than or equal to a first preset threshold value;

case two: the login password carried in the login request is not matched with the login password of the target account number stored in the server in advance, the login credential belonging to the target account number is not carried in the login request, and the number of times that the login password carried in the login request is not matched with the login password of the target account number stored in the server in advance continuously is smaller than or equal to a second preset threshold value.

Step 203: and when the login password carried in the login request is not matched with the target password, the login request carries login credentials belonging to the target account, and the target times are greater than the first preset threshold value, or when the login password carried in the login request is not matched with the target password, the login credentials belonging to the target account are not carried in the login request, and the target times are greater than the second preset threshold value, sending second indication information to the electronic equipment.

The second indication information is used for indicating that the login password cannot be input again.

In addition, the first preset threshold is greater than the second preset threshold, the first preset threshold is used for representing the maximum number of times that the login password carried in the login request is not continuously matched with the target password when the login credential belonging to the target account is carried in the login request, and the second preset threshold is used for representing the maximum number of times that the login password carried in the login request is not continuously matched with the target password when the login credential belonging to the target account is not carried in the login request.

As can be seen from step 203, in the login method provided in the embodiment of the present disclosure, in the following two cases, the server may send the second indication information to the electronic device, indicating that the user of the electronic device cannot re-input the login password.

The first condition is as follows: the login password carried in the login request is not matched with the login password of the target account number stored in the server in advance, the login request carries the login certificate belonging to the target account number, and the number of times that the login password carried in the login request is not matched with the login password of the target account number stored in the server in advance continuously is larger than a first preset threshold value;

case two: the login password carried in the login request is not matched with the login password of the target account number stored in the server in advance, the login request does not carry the login credential belonging to the target account number, and the number of times that the login password carried in the login request is not matched with the login password of the target account number stored in the server in advance continuously is larger than a second preset threshold value.

In addition, in the login method provided by the embodiment of the disclosure, no matter whether the login request carries a login credential or not, as long as the login password carried in the login request is matched with the login password of the target account pre-stored in the server, the electronic device is instructed to log in the target account. That is, when the login password carried in the login request matches the login password of the target account pre-stored in the server, it is not necessary to determine whether the login request carries a login credential, and similarly, it is not necessary to determine whether the login credential belongs to the target account when the login request carries the login credential.

As can be seen from the foregoing, the login credential may be carried in the login request, but the login credential carried in the login request may not belong to the target account requested to be logged in, and therefore, in this case, it is necessary to further verify whether the login credential carried in the login request belongs to the target account.

Therefore, the login request does not carry the login credential belonging to the target account, and the following two conditions are included:

the first condition is as follows: the login request does not carry a login credential;

case two: the login request carries login credentials, but the login credentials do not belong to the target account.

If one login request carries the login credential of the target account requested to be logged in, it indicates that the user corresponding to the login request is a legal user, and the network password cannot acquire the login credential, so that when the network password requests to log in the target account, the login credential is not carried, and therefore, if one login request does not carry the login credential of the target account requested to be logged in, it indicates that the user corresponding to the login request may be the network password, that is, for both the first case and the second case, it can be determined that the user corresponding to the login request may be the network password.

Therefore, in the login method provided by the embodiment of the disclosure, whether the user requesting login is a legal user or a network black product is identified by whether the login request carries the login credential belonging to the target account number requesting login, so that the time cost and the labor cost required for identifying the legal user and the network black product are reduced.

In addition, in the login method provided by the embodiment of the disclosure, under the condition that the login request carries the login credential belonging to the target account, a first preset threshold is adopted to limit the number of times of inputting the wrong password at one side of the electronic device; and under the condition that the login credential belonging to the target account is not carried in the login request, limiting the number of times of inputting the wrong password by one side of the electronic equipment by adopting a second preset threshold value. Therefore, in the login method provided by the embodiment of the present disclosure, if the user corresponding to the login request is a valid user, more password error times, i.e. attempts of the password, are allowed on one side of the electronic device; and if the user corresponding to the login request is network black product, allowing the electronic equipment side to have fewer password error times. The method and the system have the advantages that different password attempt times are adopted for legal users and network black products, login experience of the legal users can be improved, and original login security level cannot be reduced.

Therefore, in the login method provided by the embodiment of the disclosure, when the electronic device successfully logs in to an account, the server generates a login credential belonging to the account and sends the login credential to the electronic device for storage. That is, when the login credential is successfully logged in to an account before the electronic device sends the login request, the login credential is generated by the server and stored in the electronic device.

Therefore, if the electronic device does not successfully log in any account before sending the login request this time, the login credential is not carried in the login request sent this time by the electronic device; if the electronic equipment successfully logs in an account before sending the login request, but the account is not the target account requested to log in at this time, the login certificate carried in the login request sent by the electronic equipment at this time does not belong to the target account; if the target account requested to be logged in is successfully logged in before the electronic equipment sends the login request, the login credential carried in the login request sent by the electronic equipment belongs to the target account.

Optionally, the second indication information is a graphic verification code.

Under the condition that the number of times that the login password carried in the login request is not matched with the login password stored in the server in succession is less than or equal to a second preset threshold value, the server instructs the electronic equipment to input the login password again; and under the condition that the number of times that the login password carried in the login request is not matched with the login password stored in the server in succession is greater than a second preset threshold value, the server sends the graphical verification code to the electronic equipment, so that the user of the electronic equipment logs in according to the graphical verification code.

The second preset threshold value limits the maximum number of times that the user of the electronic device inputs the wrong password under the condition that the login request does not carry the login credential belonging to the target account. Therefore, when the target number of times is less than the second preset threshold, the user of the electronic device is allowed to re-input the login password, and when the target number of times is greater than the second preset threshold, the user needs to be authenticated by the graphical authentication code, that is, the user needs to forcibly input the graphical authentication code to log in.

If the user of the electronic equipment sending the login request without the login credentials belonging to the target account is a black network, the user needs to spend a lot of effort to crack the graphical verification code and then can log in, so that the security of the whole password login is improved.

Therefore, under the condition that the login request does not carry the login credential belonging to the target account, the user of the electronic equipment cannot try the login password for unlimited times, and the login safety is guaranteed to a certain extent.

Optionally, the method further includes:

In the login method provided by the embodiment of the disclosure, after the electronic device successfully logs in the target account, the server regenerates the login credential belonging to the target account and sends the login credential to the electronic device for storage. After the electronic equipment receives the login credentials which are generated by the server and belong to the target account again, the electronic equipment uses the login credentials to cover the login credentials stored before.

Before the electronic device receives the login credential of the regenerated target account sent by the server, regardless of whether the login credential stored therein belongs to the target account, the electronic device overwrites the login credential already stored therein with the received login credential after receiving the login credential of the regenerated target account sent by the server.

That is, in the login method provided by the embodiment of the present disclosure, the latest generated login credential is always stored in the electronic device. For example, the electronic device currently stores a login credential of a first account, and at this time, the electronic device requests to log in a second account, and then automatically carries the login credential of the first account and a login password of the second account in the login request, and then sends the login request to the server. If the login password carried in the login request is matched with the login password of the second account pre-stored in the server through the judgment of the server, the electronic equipment can successfully log in the second account, and at the moment, the server generates a login certificate of the second account and sends the login certificate to the electronic equipment. And after the electronic equipment receives the login certificate of the second account, the previously stored login certificate of the first account is covered by the login certificate of the second account.

Optionally, when the electronic device logs in the target account through a web end (i.e., a web page), the login credentials may be stored in a cookie manner; when the electronic device logs in the target account through the APP, the login credentials can be stored locally. The cookie is a type of "small text file" and is information that some websites store on the user's local terminal (usually encrypted) for Session tracking in order to identify the user's identity, and is temporarily or permanently stored by the electronic device.

The target information is encrypted to generate a login credential, so that the login credential belongs to encrypted data, and whether the login credential belongs to the target account can be verified after decryption, and login safety is further improved.

The generation method or encryption method of the login credential may be any of the following methods.

The first method is as follows: encryption is performed using the Advanced Encryption Standard (AES). The AES is also called Rijndael encryption method in cryptography, is a block encryption standard adopted by the federal government in the united states, is the most common symmetric encryption algorithm, and when the symmetric encryption algorithm is used, encrypted data can be successfully decrypted by using the same secret key as that used for encryption.

After the target information is encrypted by adopting a preset secret key and AES, a character string is generated, and the character string is the login certificate. After the login certificate is decrypted, the data before encryption, namely the identification information of the account to which the login certificate belongs, can be acquired, so that whether the identification information of the account to which the login certificate belongs is the same as that of the target account is judged, if so, the login certificate belongs to the target account, and if not, the login certificate does not belong to the target account.

In addition, when the login credentials are generated by sampling the AES encryption method, the target information may further include an ID of the login credentials, a login method of an account to which the login credentials belong, and a timestamp for sending the login credentials to the electronic device. Specifically, the data structure of the target information may be as shown in table 1. Wherein the login credentials ID is used to distinguish between different login credentials, i.e. different login credentials have different IDs.

TABLE 1 data structure of object information

In addition, when the target information adopts the data structure shown in table 1, if the login credential does not belong to the target account number after the authentication of the server, the number of times of password errors is counted based on the format of the UserID, for example, when the UserID is XXX, the login request belongs to the user of XXX, and when the login password is incorrect, the number of times of errors of the password of the same user can be calculated by adding one to the count of the password errors. Wherein, when the number of password errors exceeds a second preset threshold (e.g. 3 times), the graphical verification code needs to be forcibly input.

If the login certificate belongs to the target account number after the verification of the server, the number of password errors is counted based on the format of ID (namely ID of the login certificate) + UserID, for example, when the UserID is XXX, the ID of the login certificate is YYY, the login request belongs to the user of XXX, the ID of the login certificate is YY, and when the login password is wrong, the count of the password errors is increased by one, and the number of the password errors of the same certificate can be calculated by using the format. Wherein, the graphical verification code needs to be forcibly input when the number of password errors exceeds a first preset threshold (e.g. 10).

The second method comprises the following steps: the encryption is carried out by adopting a fixed salt mode, wherein the fixed salt is a fixed salt value, namely a known constant salt value is adopted in the encryption instead of random variation. Namely, the login credentials of different accounts all adopt the same salt value.

Optionally, the login credential is a first value for identifying an account to which the login credential belongs, where the first value is generated by performing a hash algorithm on the fixed salt and the target information;

The login certificate is a first numerical value generated after the hash algorithm is executed on the fixed salt and the target information, so that the same fixed salt can be adopted to execute the hash algorithm on the identification information of the target account, a second numerical value is obtained, and whether the login certificate belongs to the target account can be verified by comparing whether the second numerical value is the same as the first numerical value.

The third method comprises the following steps: and encrypting by adopting a random salt mode, wherein the random salt is a randomly generated salt value, namely, when a login certificate is generated for the first time aiming at each account, a salt value is randomly generated. That is, the login credentials of different accounts do not use the same salt.

When the login credentials are generated in the third mode, the server can randomly generate a salt value when the login credentials of each account are generated for the first time, then the salt value is bound with the corresponding account and stored in the data table, so that when the server verifies the login credentials, the salt value corresponding to the account can be directly read from the data table, and when the login credentials of a certain account are regenerated, the salt value bound with the account can be directly read from the data table.

In addition, the login certificate is a third numerical value generated after the hash algorithm is executed on the random salt and the target information, so that the same salt value used in encryption can be adopted, the hash algorithm is executed on the identification information of the target account, a fourth numerical value is obtained, and whether the login certificate belongs to the target account can be verified by comparing whether the fourth numerical value is the same as the third numerical value or not.

As can be seen from the above, the login credentials may be encrypted by using AES, or a hash algorithm may be performed on the identification information of the account to which the fixed salt and the login credentials belong, or the identification information of the account to which the random salt and the login credentials belong, so that a value obtained as the login credentials is issued to the electronic device by the server.

It should be understood that the encryption method for the login credentials is not limited to the above three methods, and may be any other encryption method.

To sum up, according to the login method provided by the embodiment of the present disclosure, after the user successfully logs in, the server issues the corresponding encrypted login credential to the electronic device that successfully logs in, where the login credential is that the network black yield cannot be obtained, because the login credential is only successful, and if the network black yield successfully logs in, the account cannot be attacked at all. Therefore, the login method provided by the embodiment of the disclosure can accurately identify the user who has successfully logged in with the password through the login credential, namely, accurately distinguish the legal user from the network black product, thereby reducing the time cost and the labor cost required for identifying the legal user and the network black product.

Because the encrypted login credentials store the identification information of the account to which the login credentials belong, when a login request carries the login credentials, the account to which the login credentials belong must be logged in to allow more password attempts, and the login of other accounts can only allow less password attempts.

In addition, when login is requested by carrying the login credential, the password is only tried in an unlimited number of wrong times, but the password cannot be tried in an unlimited number, and once the limited number is exceeded, the password still needs to be forcibly input to log in.

According to a second aspect of the embodiments of the present disclosure, there is provided a login method applied to an electronic device, as shown in fig. 3, the login method may include the following steps:

step 301: a login request is sent to the server.

The login request carries identification information and a login password of the target account number requested to be logged in.

Step 302: and when the login password carried in the login request is not matched with the target password, the login request carries the login credential belonging to the target account, and the target frequency is less than or equal to a first preset threshold value, or when the login password carried in the login request is not matched with the target password, the login credential belonging to the target account is not carried in the login request, and the target frequency is less than or equal to a second preset threshold value, receiving first indication information sent by the server, and executing a first preset prompt operation.

The target password is a login password of the target account pre-stored in the server, the target times are times that the login password carried in the login request is not matched with the target password continuously, the first indication information is used for indicating to input the login password again, and the first preset prompt operation is used for prompting the user to input the login password again.

As can be seen from step 302, in the login method provided in the embodiment of the present disclosure, in the following two cases, the server may send the first indication information to the electronic device, and instruct the user of the electronic device to re-input the login password.

Step 303: and when the login password carried in the login request is not matched with the target password, the login request carries the login credential belonging to the target account, and the target times are greater than the first preset threshold value, or when the login password carried in the login request is not matched with the target password, the login credential belonging to the target account is not carried in the login request, and the target times are greater than the second preset threshold value, receiving second indication information sent by the server, and executing second preset prompt operation.

The second indication information is used for indicating that the login password cannot be input again, and the second preset prompting operation is used for prompting that the user cannot input the login password again.

As can be seen from step 303, in the login method provided in the embodiment of the present disclosure, in the following two cases, the server may send the second indication information to the electronic device, indicating that the user of the electronic device cannot re-input the login password.

In addition, under the condition that the login password carried in the login request is matched with the target password, the login operation of the target account is executed. The target password is a login password of the target account pre-stored in the server.

Therefore, in the login method provided by the embodiment of the present disclosure, no matter whether the login request carries a login credential, the electronic device may log in the target account as long as the login password carried in the login request matches with the login password of the target account pre-stored in the server.

That is, on the server side, in the case where the login password carried in the login request matches the login password of the target account pre-stored in the server, the server does not need to determine whether the login request carries a login credential, and similarly, does not need to determine whether the login credential belongs to the target account in the case where the login request carries the login credential.

That is, in the login method provided by the embodiment of the present disclosure, when the electronic device successfully logs in to an account, the server generates a login credential belonging to the account, and sends the login credential to the electronic device for saving. Namely, when the login credential is successfully logged in an account before the electronic device sends the login request, the login credential is generated by the server and is stored in the electronic device.

Therefore, before the electronic equipment requests to log in the target account, if the login credentials are not stored in the electronic equipment, the login credentials are not carried in the login request sent to the server; if the login credentials are stored in the server, the login credentials are carried in the login request and sent to the server. If the electronic equipment successfully logs in the target account before requesting to log in the target account, the electronic equipment carries a login certificate belonging to the target account in the login request; if the electronic device does not successfully log in the target account but successfully logs in other accounts before requesting to log in the target account, the login credentials stored in the electronic device and belonging to other accounts are still carried in the login request requesting to log in the target account. Optionally, the second indication information is a graphic verification code, and the executing a second preset prompt operation includes:

and displaying the graphical verification code.

As can be seen from the above, in the login method provided in the embodiment of the present disclosure, when the login password carried in the login request is not matched with the target password, and the login credential carried in the login request belongs to the target account, and the target number of times is less than or equal to the first preset threshold, the server sends the first indication information to the electronic device, and indicates the electronic device to input the login password again; and under the condition that the login password carried in the login request is not matched with the target password, the login credential carried in the login request belongs to the target account, and the target times is greater than a first preset threshold value, the server sends the graphic verification code to the electronic equipment.

Under the condition that the login password carried in the login request is not matched with the target password, the login credential carried in the login request does not belong to the target account, and the target frequency is less than or equal to a second preset threshold value, the server sends first indication information to the electronic equipment to indicate the electronic equipment to input the login password again; and under the condition that the login password carried in the login request is not matched with the target password, the login credential carried in the login request does not belong to the target account, and the target times is greater than a second preset threshold value, the server sends the graphic verification code to the electronic equipment.

Therefore, under the condition that the login password carried in the login request is not matched with the login password of the target account number stored in the server in advance, the electronic device may receive first indication information or a graphical verification code sent by the server, and when the first indication information is received, the first preset prompting operation (for example, a display interface for inputting the password again is displayed) is executed according to the first indication information, so that the user of the electronic device can input the login password again; and when the graphic verification code is received, displaying the graphic verification code, so that the user of the electronic equipment can log in only by inputting the graphic verification code.

Optionally, the method further includes:

To sum up, a specific implementation of the login method provided by the embodiment of the present disclosure may be as shown in fig. 4. The details are as follows:

the electronic equipment initiates a login request of the account A, and after the server successfully verifies the password, the server issues a login certificate C corresponding to the account A and stores the login certificate C in the electronic equipment.

After a period of time, the login state of the electronic device expires, the electronic device re-initiates a login request of the account A, and at this time, the request carries the login credential C issued before. If the password requested this time is not verified correctly, but because it carries the login credential C of the A account, the number of attempts to login the password is relaxed to 10 and the user may continue to try other passwords. In the 10 login password attempts, if the login password is successfully verified, the electronic device can successfully log in the account a, and at this time, the server issues a new login credential C again and overwrites the original login credential C, so that the new login credential C can be used continuously next time.

It should be noted that, when the login credential C carrying the account a requests to login to another account B, the number of attempts to login the password is set to 3, that is, if the number of attempts exceeds 3, the graphical verification code needs to be forcibly input. In addition, the login credential C is carried to log in the account a, but the password error times exceed 10 times, and the graphical verification code still needs to be forcibly input.

According to a third aspect of the embodiments of the present disclosure, there is provided a login apparatus applied to a server, as shown in fig. 5, the login apparatus 50 includes:

a receiving module 501, configured to receive a login request sent by an electronic device, where the login request carries identification information of a target account and a login password that are requested to be logged in;

a first indication module 503, configured to send first indication information to the electronic device when a login password carried in the login request is not matched with a target password, the login request carries a login credential belonging to the target account, and a target number of times is less than or equal to a first preset threshold, or when the login password carried in the login request is not matched with the target password, the login credential belonging to the target account is not carried in the login request, and the target number of times is less than or equal to a second preset threshold, the first indication information being used to indicate to re-input the login password, the target password being a login password of the target account pre-stored in the server, and the target number of times being a number of times when the login password carried in the login request is not continuously matched with the target password;

a second indication module 504, configured to send second indication information to the electronic device when a login password carried in the login request is not matched with a target password, the login request carries a login credential belonging to the target account, and the target frequency is greater than the first preset threshold, or when the login password carried in the login request is not matched with the target password, the login request does not carry the login credential belonging to the target account, and the target frequency is greater than the second preset threshold, where the second indication information is used to indicate that the login password cannot be re-input;

Optionally, the apparatus further comprises:

and a credential generating module 505 configured to, when the electronic device successfully logs in the target account, regenerate a login credential belonging to the target account and send the login credential to the electronic device.

the verification module 502 is configured to decrypt the login credential carried in the login request when the login credential is carried in the login request, and verify whether the login credential carried in the login request belongs to the target account according to data obtained after decryption.

Optionally, the login credential is generated by encrypting the target information by using a preset key and an advanced encryption standard AES; the verification module 502 includes:

the decryption submodule 5021 is configured to decrypt the encrypted target information by using the preset key to obtain the identification information of the account to which the login certificate belongs, and determine the identification information as information to be compared;

the first determining submodule 5022 is configured to determine that a login credential carried in the login request belongs to the target account when the information to be compared is the same as the identification information of the target account;

the second determining submodule 5023 is configured to determine that the login credential carried in the login request does not belong to the target account when the information to be compared is different from the identification information of the target account.

Optionally, the login credential is a first numerical value used for identifying an account to which the login credential belongs, where the first numerical value is generated by performing a hash algorithm on the fixed salt and the target information; the verification module 502 includes:

a first processing submodule 5024 configured to execute a hash algorithm on the fixed salt and the identification information of the target account number to generate a second numerical value;

a third determining submodule 5025, configured to determine that a login credential carried in the login request belongs to the target account when the second value is the same as the first value;

a fourth determining submodule 5026, configured to determine that the login credential carried in the login request does not belong to the target account when the second value is different from the first value.

Optionally, the login credential is a third value for identifying the account to which the login credential belongs, where the third value is generated by performing a hash algorithm on the random salt and the target information; the verification module 502 includes:

a second processing submodule 5027, configured to execute a hash algorithm on the random salt used for generating the login credential belonging to the target account and the identification information of the target account, and generate a fourth numerical value;

a fifth determining submodule 5028, configured to determine that the login credential carried in the login request belongs to the target account when the fourth value is the same as the third value;

a sixth determining submodule 5029 configured to determine that the login credential carried in the login request does not belong to the target account when the fourth value is different from the third value.

Optionally, the second indication information is a graphic verification code.

Therefore, the login device provided by the embodiment of the disclosure identifies whether the user requesting login is a legal user or a network black product by whether the login request carries the login credential belonging to the target account number requesting login, so that the time cost and the labor cost required for identifying the legal user and the network black product are reduced, different password attempt times are adopted for the legal user and the network black product, the login experience of the legal user can be improved, and the original login security level cannot be reduced.

According to a fourth aspect of the embodiments of the present disclosure, there is provided a login apparatus applied to an electronic device, as shown in fig. 6, the login apparatus 60 includes:

a sending module 601, configured to send a login request to a server, where the login request carries identification information of a target account and a login password that are requested to login;

a first execution module 602 configured to determine that the login password carried in the login request does not match the target password, and the login request carries a login credential belonging to the target account, and when the target number is less than or equal to a first preset threshold, or, the login password carried in the login request is not matched with the target password, and the login request does not carry login credentials belonging to the target account, and when the target times is less than or equal to a second preset threshold, receiving first indication information sent by the server, and executing a first preset prompting operation, wherein the first indication information is used for indicating that the login password is input again, the target password is a login password of the target account pre-stored in the server, and the target times are the times that the login password carried in the login request is not matched with the target password continuously;

a second execution module 603, configured to receive second indication information sent by the server and execute a second preset prompt operation when a login password carried in the login request is not matched with a target password, the login request carries a login credential belonging to the target account, and the target frequency is greater than the first preset threshold, or when the login password carried in the login request is not matched with the target password, the login request does not carry the login credential belonging to the target account, and the target frequency is greater than the second preset threshold, the second indication information being used for indicating that the login password cannot be input again;

Optionally, the second indication information is a graphic verification code, and when executing a second preset prompt operation, the second execution module 603 is specifically configured to:

and displaying the graphical verification code.

Optionally, the apparatus further comprises:

and a credential updating module 604, configured to receive and store the login credential, which is sent by the server and is regenerated by the server and belongs to the target account, after the electronic device successfully logs in the target account.

FIG. 7 is a block diagram illustrating a server in accordance with an example embodiment. Referring to fig. 7, the server includes:

a processor 710;

a memory 70 for storing the processor-executable instructions;

wherein the processor 710 is configured to execute the instructions to implement the login method applied to the server.

FIG. 8 is a block diagram illustrating an electronic device in accordance with an example embodiment. Referring to fig. 8, the electronic device includes:

a processor 810;

a memory 80 for storing the processor-executable instructions;

wherein the processor 810 is configured to execute the instructions to implement the above-mentioned login method applied to the electronic device.

Fig. 9 is a block diagram illustrating another electronic device 900 in accordance with an example embodiment. For example, the electronic device 900 may be a mobile phone, a computer, a digital broadcast terminal, a messaging device, a game console, a tablet device, a medical device, an exercise device, a personal digital assistant, and the like.

Referring to fig. 9, electronic device 900 may include one or more of the following components: processing component 902, memory 904, power component 906, multimedia component 908, audio component 910, input/output (I/O) interface 912, sensor component 914, and communication component 916.

The processing component 902 generally controls overall operation of the electronic device 900, such as operations associated with display, telephone calls, data communications, camera operations, and recording operations. Processing component 902 may include one or more processors 920 to execute instructions to perform all or a portion of the steps of the methods described above. Further, processing component 902 can include one or more modules that facilitate interaction between processing component 902 and other components. For example, the processing component 902 can include a multimedia module to facilitate interaction between the multimedia component 908 and the processing component 902.

The memory 904 is configured to store various types of data to support operation at the electronic device 900. Examples of such data include instructions for any application or method operating on the electronic device 900, contact data, phonebook data, messages, pictures, videos, and so forth. The memory 904 may be implemented by any type or combination of volatile or non-volatile memory devices such as Static Random Access Memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic or optical disks.

The power supply component 906 provides power to the various components of the electronic device 900. The power components 906 may include a power management system, one or more power supplies, and other components associated with generating, managing, and distributing power for the electronic device 900.

The multimedia components 908 include a screen that provides an output interface between the electronic device 900 and a user. In some embodiments, the screen may include a Liquid Crystal Display (LCD) and a Touch Panel (TP). If the screen includes a touch panel, the screen may be implemented as a touch screen to receive an input signal from a user. The touch panel includes one or more touch sensors to sense touch, slide, and gestures on the touch panel. The touch sensor may not only sense the boundary of a touch or slide action, but also detect the duration and pressure associated with the touch or slide operation. In some embodiments, the multimedia component 908 includes a front facing camera and/or a rear facing camera. The front-facing camera and/or the rear-facing camera may receive external multimedia data when the device 900 is in an operating mode, such as a shooting mode or a video mode. Each front camera and rear camera may be a fixed optical lens system or have a focal length and optical zoom capability.

The audio component 910 is configured to output and/or input audio signals. For example, the audio component 910 includes a Microphone (MIC) configured to receive external audio signals when the electronic device 900 is in an operational mode, such as a call mode, a recording mode, and a voice recognition mode. The received audio signals may further be stored in the memory 904 or transmitted via the communication component 916. In some embodiments, audio component 910 also includes a speaker for outputting audio signals.

I/O interface 912 provides an interface between processing component 902 and peripheral interface modules, which may be keyboards, click wheels, buttons, etc. These buttons may include, but are not limited to: a home button, a volume button, a start button, and a lock button.

The sensor component 914 includes one or more sensors for providing status evaluations of various aspects of the electronic device 900. For example, sensor assembly 914 may detect an open/closed state of electronic device 900, the relative positioning of components, such as a display and keypad of electronic device 900, sensor assembly 914 may also detect a change in the position of electronic device 900 or a component of electronic device 900, the presence or absence of user contact with electronic device 900, orientation or acceleration/deceleration of electronic device 900, and a change in the temperature of electronic device 900. The sensor assembly 914 may include a proximity sensor configured to detect the presence of a nearby object in the absence of any physical contact. The sensor assembly 914 may also include a light sensor, such as a CMOS or CCD image sensor, for use in imaging applications. In some embodiments, the sensor assembly 914 may also include an acceleration sensor, a gyroscope sensor, a magnetic sensor, a pressure sensor, or a temperature sensor.

The communication component 916 is configured to facilitate wired or wireless communication between the electronic device 900 and other devices. The electronic device 900 may access a wireless network based on a communication standard, such as WiFi, a carrier network (such as 2G, 3G, 9G, or 5G), or a combination thereof. In an exemplary embodiment, the communication component 916 receives a broadcast signal or broadcast associated information from an external broadcast management system via a broadcast channel. In an exemplary embodiment, the communication component 916 further includes a Near Field Communication (NFC) module to facilitate short-range communications. For example, the NFC module may be implemented based on Radio Frequency Identification (RFID) technology, infrared data association (IrDA) technology, Ultra Wideband (UWB) technology, Bluetooth (BT) technology, and other technologies.

In an exemplary embodiment, the electronic device 900 may be implemented by one or more Application Specific Integrated Circuits (ASICs), Digital Signal Processors (DSPs), Digital Signal Processing Devices (DSPDs), Programmable Logic Devices (PLDs), Field Programmable Gate Arrays (FPGAs), controllers, micro-controllers, microprocessors or other electronic components for performing the above-described login method.

In an exemplary embodiment, a non-transitory computer readable storage medium comprising instructions, such as memory 909 comprising instructions, executable by processor 920 of electronic device 900 to perform the above-described method is also provided. Alternatively, for example, the storage medium may be a non-transitory computer-readable storage medium, which may be, for example, a ROM, a Random Access Memory (RAM), a CD-ROM, a magnetic tape, a floppy disk, an optical data storage device, and the like.

In yet another aspect of the present disclosure, the present disclosure also provides a storage medium, where instructions executed by a processor of a server enable the server to execute the above login method applied to the server; the instructions in the storage medium, when executed by a processor of an electronic device, enable the electronic device to perform the above-described login method applied to the electronic device.

According to yet another aspect of the embodiments of the present disclosure, there is provided a computer program product containing instructions which, when run on a computer, cause the computer to implement the login method described above.

Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure disclosed herein. This application is intended to cover any variations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.

It will be understood that the present disclosure is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the present disclosure is limited only by the appended claims.

Claims

1. A login method is applied to a server, and is characterized by comprising the following steps:

2. The login method according to claim 1, wherein the login credential is generated by encrypting target information, the target information including identification information of an account to which the login credential belongs;

3. The login method according to claim 2, wherein the login credential is generated by encrypting the target information by using a preset key and an Advanced Encryption Standard (AES);

4. The login method according to claim 2, wherein the login credential is a first value for identifying the account to which the login credential belongs, wherein the first value is generated by performing a hash algorithm on the fixed salt and the target information;

5. A login method is applied to electronic equipment, and is characterized by comprising the following steps:

6. A login device applied to a server is characterized by comprising:

7. A login device applied to an electronic device, the device comprising:

8. A server, comprising:

a processor;

a memory for storing the processor-executable instructions;

wherein the processor is configured to execute to implement the operations performed by the login method of any one of claims 1 to 4.

9. An electronic device, comprising:

a processor;

a memory for storing the processor-executable instructions;

wherein the processor is configured to execute the instructions to implement the login method of claim 5.

10. A storage medium, characterized in that instructions in the storage medium, when executed by a processor of an electronic device, enable the electronic device to perform a login method according to any one of claims 1 to 4, or perform a login method according to claim 5.