CN112613027B - Multi-password management method, device and storage medium based on machine learning - Google Patents
Multi-password management method, device and storage medium based on machine learning Download PDFInfo
- Publication number
- CN112613027B CN112613027B CN202011487576.7A CN202011487576A CN112613027B CN 112613027 B CN112613027 B CN 112613027B CN 202011487576 A CN202011487576 A CN 202011487576A CN 112613027 B CN112613027 B CN 112613027B
- Authority
- CN
- China
- Prior art keywords
- password
- user
- input
- training
- template
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
- G06F21/46—Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N20/00—Machine learning
Abstract
The invention discloses a multi-password management method based on machine learning, wherein a multi-password management system acquires password information input by a user and a corresponding password input interface, analyzes the relevance between the password input by the user and the corresponding current page information, analyzes the input habit of the password set by the user, matches the input password with a pre-stored initial password template according to the input habit of the set password, obtains and stores the input password according to the acquired password setting habits of a plurality of users in advance, obtains other users with similar habits according to the input habit of the password set by the user, takes the input password of the other users as a training set, and updates the initial password template by taking the password input by the user as a verification set; after training of the user ID and the user password of the user is completed, when the user logs in a page needing to input the user ID and the password, the multi-password management system automatically generates the user ID and the password based on the page and automatically tries to log in.
Description
Technical Field
The invention relates to the technical field of computer security, in particular to a multi-password management method, equipment and a storage medium based on machine learning.
Background
Computers and computer networks are now increasingly used to access various security resources, such as sensitive or valuable information. In accessing confidential information via intranets and the internet, the use of level permissions of visitors is increasingly used to correspond to accessing information of different levels of confidentiality, and the use of passwords to restrict access to authenticated users to determine their level permissions is becoming increasingly important. In general, a user logs in by using his/her login name and a corresponding password, and a password administration mechanism manages the setting and use of the user name and the password. If the user is an unauthorized person attempting to illegally impersonate a legitimate user submitting the wrong password multiple times, the current password may be invalidated by the password authority, requiring the user to obtain a new password to gain access to the secure resource. If the user forgets their password, they need to request a new password from the password authority. Typically, a user who needs to reset the password requests password resetting in a prompt interface. To obtain a new password, the user must first prove his identity in a different way than using their forgotten or expired password, for example by the user answering one or more questions.
The existing password management method usually adopts a mode of correspondingly storing a password and a login website or a webpage, or records login password data of a user through caching a recording file such as cookies and the like, however, the recorded password or identity data may be lost and divulged.
In addition, a general cipher control mode based on a neural network or chaotic mapping requires a lot of training and calculation, and although the general cipher control mode is common in the fields of cipher prediction and cipher generation, a required verification data set is not well determined.
Disclosure of Invention
The present invention is directed to solving at least one of the problems of the prior art. Therefore, the invention discloses a multi-password management method based on machine learning, which comprises the following steps:
step 1, a multi-password management system acquires password information input by a user and a corresponding password input interface, wherein the password input interface comprises current page identification information;
step 2, analyzing the relevance between the password input by the user and the corresponding current page information, and analyzing the input habit of the password set by the user, wherein the input habit of the password set by the user comprises the complexity of the input password, the similarity of a plurality of passwords and the relevance between the input password and the corresponding page information;
step 3, matching the input password with a pre-stored initial password template according to the input habits of the passwords set by the users, wherein the initial password template is obtained and stored in advance according to the acquired password setting habits of a plurality of users, other users with similar habits are obtained according to the input habits of the passwords set by the users, the input passwords of the other users are used as a training set, and the passwords input by the users are used as a verification set to update the initial password template;
step 4, training the user ID corresponding to the password by adopting the same steps as the step 3 and updating to obtain a trained ID template, wherein the characteristic parameters of the user ID are obtained by normalization processing according to the trained ID template;
step 5, after training of the user ID and the user password of the user is completed, when the user logs in a page needing to input the user ID and the user password, the multi-password management system automatically generates the user ID and the password based on the page and automatically tries to log in, and if the login fails, the plaintext of the tried password is displayed so that the user can conveniently change;
step 6, recording the similarity between the password changed by the user and the generated password, controlling the multi-password management system to reselect the initial password template and retrain if the similarity is smaller than a preset value, and continuing to update the parameters of the password template according to the password changed by the user if the similarity is larger than the preset value;
and 7, finishing training of all multi-password management systems when password input tests of preset times are correct, monitoring the access content of the user by the multi-password management system, judging whether the user ID and the password need to be input or not if the input text box of the access content is detected, and capturing the current page information to perform normalization processing to obtain input parameters and generate the user ID and the password according to the training template if the user ID and the password need to be input.
Still further, the step 2 may be replaced by: when analyzing the password setting habit of the user, the key consistency of the password input by the user can be obtained, if the password is set, the password predictability of the user is judged to be high if the keys of the input password are coherent, if the password is set, the password predictability of the user is judged to be low if the keys of the input password are non-coherent, and when the password predictability of the user is judged to be low, the training times are increased when the step 3 is used for training.
Furthermore, when the time interval between the keys of the password is larger than a preset interval value or is irregular, the keys are judged to be incoherent.
Furthermore, when the time interval between the keys of the password is smaller than the preset interval value or rule, the keys are judged to be coherent.
Still further, step 7 is followed by step 8: and when the password input tests of the preset times are correct, finishing the training of all the multi-password management systems, and deleting other password storage files in the user system, wherein the other password storage files comprise cookies.
Still further, the step 1 further comprises: the multi-password management system acquires a user ID input when a user logs in, then JavaScript in a webpage monitors mouse and keyboard events, and when the action of the user triggers an event, corresponding data is recorded.
The invention also discloses an electronic device, comprising: a processor; and a memory for storing executable instructions of the processor; wherein the processor is configured to perform the above-described machine learning-based multi-password management method via execution of the executable instructions.
The invention also discloses a computer readable storage medium, on which a computer program is stored, which, when executed by a processor, implements the above-mentioned machine learning-based multi-password management method.
Compared with the prior art, the password management of the user is more centralized, all the passwords of the user are managed in a unified mode, password leakage possibly caused by password cache files is reduced, only the data for generating the passwords is stored, the password data is not stored, the user can select the password management system to automatically generate the user name and the password, the password leakage possibility is greatly reduced, and meanwhile, the operation of the user is simplified.
Drawings
The invention will be further understood from the following description in conjunction with the accompanying drawings. The components in the figures are not necessarily to scale, emphasis instead being placed upon illustrating the principles of the embodiments. In the drawings, like reference numerals designate corresponding parts throughout the different views.
FIG. 1 is a flow chart of a method of machine learning based multi-password management of the present invention.
Detailed Description
Example one
A method for multi-password management based on machine learning as shown in fig. 1, the method comprising the steps of:
step 1, a multi-password management system acquires password information input by a user and a corresponding password input interface, wherein the password input interface comprises current page identification information;
step 2, analyzing the relevance between the password input by the user and the corresponding current page information, and analyzing the input habit of the password set by the user, wherein the input habit of the password set by the user comprises the complexity of the input password, the similarity of a plurality of passwords and the relevance between the input password and the corresponding page information;
step 3, matching the input password with a pre-stored initial password template according to the input habit of the password set by the user, wherein the initial password template is obtained and stored according to the acquired password setting habits of a plurality of users in advance, other users with similar habits are obtained according to the input habit of the password set by the user, the input password of the other users is used as a training set, and the password input by the user is used as a verification set to update the initial password template;
step 4, training the user ID corresponding to the password by adopting the same steps as the step 3 and updating to obtain a trained ID template, wherein the feature vector of the user ID is obtained by normalization processing according to the trained ID template;
step 5, after training of the user ID and the user password of the user is completed, when the user logs in a page needing to input the user ID and the user password, the multi-password management system automatically generates the user ID and the password based on the page and automatically tries to log in, and if the login fails, the plaintext of the tried password is displayed so that the user can conveniently change;
step 6, recording the similarity between the password changed by the user and the generated password, controlling the multi-password management system to reselect the initial password template and retrain if the similarity is smaller than a preset value, and continuing to update the parameters of the password template according to the password changed by the user if the similarity is larger than the preset value;
and 7, finishing training of all multi-password management systems when password input tests of preset times are correct, monitoring the access content of the user by the multi-password management system, judging whether the user ID and the password need to be input or not if the input text box of the access content is detected, and capturing the current page information to perform normalization processing to obtain input parameters and generate the user ID and the password according to the training template if the user ID and the password need to be input.
Still further, the step 2 may be replaced by: when analyzing the password setting habit of the user, the key consistency of the password input by the user can be obtained, if the password is set, the password predictability of the user is judged to be high if the keys of the input password are coherent, if the password is set, the password predictability of the user is judged to be low if the keys of the input password are non-coherent, and when the password predictability of the user is judged to be low, the training times are increased when the step 3 is used for training.
Furthermore, when the time interval between the keys of the password is larger than a preset interval value or is irregular, the keys are judged to be incoherent.
Furthermore, when the time interval between the keys of the numerical code is smaller than the preset interval value or rule, the keys are judged to be connected.
Still further, step 7 is followed by step 8: and when the password input tests of the preset times are correct, finishing the training of all the multi-password management systems, and deleting other password storage files in the user system, wherein the other password storage files comprise cookies.
Still further, the step 1 further comprises: the multi-password management system acquires a user ID input when a user logs in, then JavaScript in a webpage monitors mouse and keyboard events, and when the action of the user triggers an event, corresponding data is recorded.
The invention also discloses an electronic device, comprising: a processor; and a memory for storing executable instructions of the processor; wherein the processor is configured to perform the above-described machine learning-based multi-code management method via execution of the executable instructions.
The invention also discloses a computer readable storage medium, on which a computer program is stored, which, when executed by a processor, implements the above-mentioned machine learning-based multi-password management method
After training is finished, the user can choose to stop updating the template, under the condition, the multi-password management system can detect whether the user needs to register a new account password, when the page is detected to be a registration page, the user name and the password are automatically registered directly according to the possible password setting habit of the user, and the user does not need to know specific user name and password information.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
Although the invention has been described above with reference to various embodiments, it should be understood that many changes and modifications may be made without departing from the scope of the invention. It is therefore intended that the foregoing detailed description be regarded as illustrative rather than limiting, and that it be understood that it is the following claims, including all equivalents, that are intended to define the spirit and scope of this invention. The above examples are to be construed as merely illustrative and not limitative of the remainder of the disclosure. After reading the description of the invention, the skilled person can make various changes or modifications to the invention, and these equivalent changes and modifications also fall into the scope of the invention defined by the claims.
Claims (5)
1. A multi-password management method based on machine learning, the method comprising the steps of:
step 1, a multi-password management system acquires password information input by a user and a corresponding password input interface, wherein the password input interface comprises current page identification information;
step 2, analyzing the relevance between the password input by the user and the corresponding current page information, and analyzing the input habit of the password set by the user, wherein the input habit of the password set by the user comprises the complexity of the input password, the similarity of a plurality of passwords and the relevance between the input password and the corresponding page information;
step 3, matching the input password with a pre-stored initial password template according to the input habit of the password set by the user, wherein the initial password template is obtained and stored according to the obtained input habit of the multiple user set passwords, other users with similar habits are obtained according to the input habit of the user set passwords, the input passwords of the other users are used as a training set, and the passwords input by the user are used as a verification set to update the initial password template;
step 4, training the ID of the user by adopting a training process of training the password of the user in the step 3 and updating to obtain a trained ID template, wherein the characteristic parameters of the ID of the user are obtained by normalization processing according to the trained ID template;
step 5, after training of the user ID and the user password of the user is completed, when the user logs in a page needing to input the user ID and the password, the multi-password management system automatically generates the user ID and the password based on the page and automatically tries to log in, and if the login fails, the plaintext of the tried password is displayed so as to facilitate the user to change;
step 6, recording the similarity between the password changed by the user and the generated password, controlling the multi-password management system to reselect the initial password template and retrain if the similarity is smaller than a preset value, and continuing to update the parameters of the password template according to the password changed by the user if the similarity is larger than the preset value;
and 7, finishing training of all multi-password management systems when password input verification of preset times is correct, monitoring user access content by the multi-password management systems, judging whether a user ID and a password need to be input or not if an input text box of the access content is detected, and acquiring input parameters after current page information is captured and subjected to normalization processing to generate the user ID and the password according to a training template if the user ID and the password need to be input.
2. The method for multi-password management based on machine learning of claim 1, further comprising step 8 after step 7: and when the password input tests of the preset times are correct, finishing the training of all the multi-password management systems, and deleting other password storage files in the user system, wherein the other password storage files comprise cookies.
3. The method for multi-password management based on machine learning of claim 1, wherein the step 1 further comprises: the multi-password management system acquires a user ID input when a user logs in, then JavaScript in a webpage monitors mouse and keyboard events, and when the action of the user triggers an event, corresponding data is recorded.
4. An electronic device, comprising:
a processor; and the number of the first and second groups,
a memory for storing executable instructions of the processor;
wherein the processor is configured to perform the machine learning based multi-password management method of any of claims 1-3 via execution of the executable instructions.
5. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out a machine learning-based multi-password management method according to any one of claims 1 to 3.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011487576.7A CN112613027B (en) | 2020-12-16 | 2020-12-16 | Multi-password management method, device and storage medium based on machine learning |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011487576.7A CN112613027B (en) | 2020-12-16 | 2020-12-16 | Multi-password management method, device and storage medium based on machine learning |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112613027A CN112613027A (en) | 2021-04-06 |
| CN112613027B true CN112613027B (en) | 2022-06-17 |
Family
ID=75240076
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011487576.7A Active CN112613027B (en) | 2020-12-16 | 2020-12-16 | Multi-password management method, device and storage medium based on machine learning |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112613027B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113254978B (en) * | 2021-06-24 | 2021-09-21 | 国能大渡河大数据服务有限公司 | Data security management system based on machine learning |
| CN116305071B (en) * | 2023-03-18 | 2023-09-26 | 广州锦拓信息科技有限公司 | Account password security system based on artificial intelligence |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103049685A (en) * | 2013-01-23 | 2013-04-17 | 天津三星光电子有限公司 | User multi-code management system and method |
| CN107122479A (en) * | 2017-05-03 | 2017-09-01 | 西安交通大学 | A kind of user cipher conjecture system based on deep learning |
| CN107579816A (en) * | 2017-09-06 | 2018-01-12 | 中国科学院半导体研究所 | Password dictionary generation method based on recurrent neural network |
| CN109492385A (en) * | 2018-11-05 | 2019-03-19 | 桂林电子科技大学 | A kind of method for generating cipher code based on deep learning |
| CN111966998A (en) * | 2020-07-23 | 2020-11-20 | 华南理工大学 | Password generation method, system, medium, and apparatus based on variational automatic encoder |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10122706B2 (en) * | 2016-10-27 | 2018-11-06 | Ca, Inc. | Authenticating identity for password changes |
| US10114943B1 (en) * | 2017-08-01 | 2018-10-30 | Cyberark Software Ltd. | Automated process of managing and controlling accounts on a remote computer machine |
-
2020
- 2020-12-16 CN CN202011487576.7A patent/CN112613027B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103049685A (en) * | 2013-01-23 | 2013-04-17 | 天津三星光电子有限公司 | User multi-code management system and method |
| CN107122479A (en) * | 2017-05-03 | 2017-09-01 | 西安交通大学 | A kind of user cipher conjecture system based on deep learning |
| CN107579816A (en) * | 2017-09-06 | 2018-01-12 | 中国科学院半导体研究所 | Password dictionary generation method based on recurrent neural network |
| CN109492385A (en) * | 2018-11-05 | 2019-03-19 | 桂林电子科技大学 | A kind of method for generating cipher code based on deep learning |
| CN111966998A (en) * | 2020-07-23 | 2020-11-20 | 华南理工大学 | Password generation method, system, medium, and apparatus based on variational automatic encoder |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112613027A (en) | 2021-04-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9400879B2 (en) | Method and system for providing authentication through aggregate analysis of behavioral and time patterns | |
| US20090328169A1 (en) | Apparatus and method for convenient and secure access to websites | |
| EP3005215B1 (en) | Passive security of applications | |
| US11775678B2 (en) | Tagging and auditing sensitive information in a database environment | |
| US11947704B2 (en) | Tagging and auditing sensitive information in a database environment | |
| CN112613027B (en) | Multi-password management method, device and storage medium based on machine learning | |
| US20240119324A1 (en) | Systems, methods and apparatus for evaluating status of computing device user | |
| EP3830723B1 (en) | Increasing security of a password-protected resource based on publicly available data | |
| CN107517180A (en) | Login method and device | |
| KR20060089395A (en) | Method for connecting automatically to web site | |
| CN111541687B (en) | Network attack detection method and device | |
| US11036839B2 (en) | Password authentication with input pattern analysis | |
| JP2018028759A (en) | Program and information processing apparatus | |
| CN114006735B (en) | Data protection method, device, computer equipment and storage medium | |
| WO2020077061A1 (en) | Methods for securely managing a paper document | |
| US20200220720A1 (en) | Method and apparatus for content security, tracking and use verification over a network | |
| Khorev | Authenticate users with their work on the Internet | |
| CA3043983A1 (en) | Tagging and auditing sensitive information in a database environment | |
| Khorev | User Authentication Based on Knowledge of Their Work on the Internet | |
| JP6860156B1 (en) | Fraud detection systems, fraud detection methods, and programs | |
| KR102178048B1 (en) | Data monitoring method by detecting personal information downloaded | |
| US11625496B2 (en) | Methods for securing and accessing a digital document | |
| US20200125749A1 (en) | Methods for securely managing a paper document | |
| Mayron | Behavioral biometrics for universal access and authentication | |
| KR20100005935A (en) | Method for identifying own program usage permission jointly and terminal device, recording medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |