CN114006773A - Weak password judgment method, device, equipment and storage medium - Google Patents
Weak password judgment method, device, equipment and storage medium Download PDFInfo
- Publication number
- CN114006773A CN114006773A CN202111651532.8A CN202111651532A CN114006773A CN 114006773 A CN114006773 A CN 114006773A CN 202111651532 A CN202111651532 A CN 202111651532A CN 114006773 A CN114006773 A CN 114006773A
- Authority
- CN
- China
- Prior art keywords
- login information
- weak password
- information
- password
- login
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/04—Processing captured monitoring data, e.g. for logfile generation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/12—Network monitoring probes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/50—Testing arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Mining & Analysis (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The application provides a weak password judgment method, a device, equipment and a storage medium, wherein the weak password judgment method comprises the following steps: restoring the network flow into message information; dividing the network flow into a request packet and a response packet according to the message information; extracting login information from a start line, a request head and a message text of the request packet based on a preset password extraction rule; judging whether the login information can be successfully logged in based on the response packet; and judging whether the effective login information is a weak password or not. According to the method and the device, effective login information can be screened out from massive login information, so that the workload of weak password judgment is reduced, the disposal cost of the weak password is reduced, and on the other hand, whether the login information is the weak password or not can be further judged through a user-defined rule, so that the probability of the weak password being missed to report is reduced.
Description
Technical Field
The present application relates to the field of network security technologies, and in particular, to a weak password determination method, apparatus, device, and storage medium.
Background
With the rapid development of information technology, computers and networks have become essential tools and approaches for daily office work, communication and cooperative interaction, and information security becomes more and more important. It is a problem whether personal information can be secured as a user of a computer and a network. The weak password blasting is a commonly used means for hackers, so that the detection and extraction of the weak password and the timely warning and reminding of the source tracing warning information extracted by the user are particularly important precautionary means.
However, in the practical application scenario of the user, the weak password extraction rule is extracted through the public third-party library, and the weak password extraction rule cannot hit the weak password extraction rule, so that the false alarm is caused.
On the other hand, in the actual application scene of the user, massive login information can be extracted, and it is very time-consuming and labor-consuming to judge whether the massive login information is weak in password.
Disclosure of Invention
An object of the embodiments of the present application is to provide a method, an apparatus, a device, and a storage medium for determining a weak password, which are used to screen out valid login information from a large amount of login information, thereby reducing the workload of determining the weak password and reducing the handling cost of the weak password.
To this end, the first aspect of the present application discloses a weak password determination method, which includes:
acquiring network flow generated in the user login process;
restoring the network flow into message information;
dividing the network flow into a request packet and a response packet according to the message information;
extracting the login information from the initial line, the request head and the message text of the request packet based on a preset password extraction rule;
and judging whether the login information can be successfully logged in or not based on the response packet, wherein when the login information is successfully logged in, the login information is screened out and used as effective login information.
And judging whether the effective login information is a weak password or not.
In the first aspect of the present application, as an optional implementation manner, the reducing the network traffic to the message information includes:
and restoring the network flow through a sensor tool, and obtaining the message information.
In the first aspect of the present application, as an optional implementation manner, the dividing the network traffic into a request packet and a response packet according to the packet information includes:
and dividing the network traffic into the request packet or the response packet through an IP address, a port number and a SYN mark of the network traffic.
In the first aspect of the present application, as an optional implementation manner, the determining, based on the response packet, whether the login information can be successfully logged in includes:
extracting a state code of the response packet and a response body of the response packet;
judging whether the state code of the response packet is a first preset value or not;
when the status code of the response packet is the first preset value, judging whether the response body comprises a third field, wherein the third field represents that the login information is successfully logged in;
and when the response body comprises the third field, determining that the login information is successful in login, and if not, determining that the login information is failed in login.
In the first aspect of the present application, as an optional implementation manner, the determining whether the valid login information is a weak password includes:
matching the effective login information with a third-party weak password library to judge whether the effective login information is a pure number or a combination of a digit and a letter with few digits, and if so, determining that the login information is a weak password;
or obtaining a user-defined weak password dictionary, matching the effective login information with the user-defined weak password dictionary, and determining that the effective login information is a weak password when the effective login information is successfully matched with the user-defined weak password dictionary.
In the first aspect of the present application, as an optional implementation manner, the determining whether the valid login information is a weak password includes:
and judging whether the effective login information meets a user-defined weak password matching rule or not, and if the effective login information meets the user-defined weak password matching rule, determining that the effective login information is a weak password.
In the first aspect of the present application, as an optional implementation manner, the extracting, based on a preset password extraction rule, the login information in a start line, a request header, and a message body of the request packet includes:
and extracting the login information from the initial line, the request head and the message body of the request packet according to a self-defined extraction rule.
A second aspect of the present application discloses a weak password determination apparatus, the apparatus comprising:
the acquisition module is used for acquiring network flow generated in the user login process;
the message reduction module is used for reducing the network flow into message information;
the dividing module is used for dividing the network flow into a request packet and a response packet according to the message information;
the extraction module is used for extracting the login information from the initial line, the request head and the message text of the request packet based on a preset password extraction rule;
and the first judging module is used for judging whether the login information can be successfully logged in or not based on the response packet, wherein when the login information is successfully logged in, the login information is screened out and is taken as effective login information.
And the second judgment module is used for judging whether the effective login information is a weak password or not.
A third aspect of the present application discloses a weak password determination device, the device including:
a memory coupled with the memory storing executable program code;
a processor;
the processor calls the executable program code stored in the memory to execute the weak password judgment method of the first aspect of the present application.
A fourth aspect of the present application discloses a storage medium storing computer instructions for executing the weak password determination method according to the first aspect of the present application when the computer instructions are called.
Compared with the prior art, the method has the following beneficial technical effects:
according to the method and the device, on one hand, effective login information can be screened out from massive login information, so that the workload of judging the weak password is reduced, the disposal cost of the weak password is reduced, on the other hand, whether the login information is the weak password or not can be further judged through a user-defined rule, and therefore the probability of missing report of the weak password is reduced.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are required to be used in the embodiments of the present application will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present application and therefore should not be considered as limiting the scope, and that those skilled in the art can also obtain other related drawings based on the drawings without inventive efforts.
Fig. 1 is a schematic flowchart of a weak password determination method disclosed in an embodiment of the present application;
fig. 2 is a schematic structural diagram of a weak password determination apparatus disclosed in an embodiment of the present application;
fig. 3 is a schematic structural diagram of a weak password determination device disclosed in an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be described below with reference to the drawings in the embodiments of the present application.
Example one
Referring to fig. 1, fig. 1 is a schematic flowchart illustrating a weak password determination method according to an embodiment of the present application. As shown in fig. 1, the method of the embodiment of the present application includes the following steps:
101. acquiring network flow generated in the user login process;
102. restoring the network flow into message information;
103. dividing the network flow into a request packet and a response packet according to the message information;
104. extracting login information from a start line, a request head and a message text of the request packet based on a preset password extraction rule;
105. judging whether the login information can be successfully logged in or not based on the response packet, wherein when the login information is successfully logged in, the login information is screened out and used as effective login information;
106. and judging whether the valid login information is a weak password or not.
In the embodiment of the application, by acquiring the network traffic generated in the user login process and reducing the network traffic into the message information, the network traffic can be divided into the request packet and the response packet based on the message information, and then the login information for use can be captured based on the request packet, wherein the login information generally exists in the request packet, so that the login information needs to be captured based on the request packet. Further, after capturing the login information, it is possible to determine whether the login information is a weak password, that is, whether the login information is easily leaked.
Further, in some scenarios, the extracted login information is numerous, and each login information needs to be determined to determine whether the password is weak, so that due to the number of login information, the security operator needs to spend huge time and effort on processing, thereby reducing the work efficiency and disposal cost of the security operator. In view of these situations, the method of the embodiment of the present application determines whether the login information is successful in login based on the response packet before determining whether the login information is a weak password, and can screen the login information that is successful in login from a large number of login information, that is, the login information that is successful in login is used as valid login information, so that the number of login information that needs to be determined whether the login information is a weak password can be reduced, for example, assuming that there are 100 extracted login information and 60 login information that is determined to be successful in login, and thus, it is only necessary to determine whether 60 login information is a weak password.
In the embodiment of the present application, as an optional implementation manner, step 101: the method for restoring the network flow into the message information comprises the following substeps:
and restoring the network flow through a sensor tool and obtaining message information.
In this optional embodiment, the sensor tool may restore the network traffic, that is, analyze the network traffic to obtain the message information.
In the embodiment of the present application, as an optional implementation manner, step 104: the specific way of extracting the login information from the initial line, the request head and the message text of the request packet based on the preset password extraction rule is as follows:
and extracting login information in the initial line, the request header and the message body based on the AC state machine.
As an example, an AC state machine is used to match username, password and get login information in the request message.
In the embodiment of the present application, as an optional implementation, step 104: another specific way of extracting login information in the initial line, the request header and the message text of the request packet based on the preset password extraction rule is as follows:
and extracting login information from the initial line, the request head and the message body of the request packet according to the self-defined extraction rule.
Specifically, as an optional implementation, the specific way of extracting the login information from the start line, the request header, and the message body of the request packet according to the customized extraction rule is as follows:
and extracting login information from the initial line, the request head and the message body of the request packet according to the personalized setting field or the desensitization treatment result field.
In some scenarios, the login information is the user name and password after desensitization, and the login information cannot be matched and identified by the third-party database due to desensitization, so that missed report may be caused. For example, if the user desensitizes the original password and processes the field of the password to "d 55 b" instead of "password", the password field "d 55 b" after desensitization cannot be identified, but if "d 55 b" is input, the field "d 55 b" can be extracted, so that the probability of missing report is reduced, and the identification accuracy of the weak password is improved.
In this embodiment of the present application, the desensitized login information may be login information subjected to transcoding and encryption operations.
In the first aspect of the present application, as an optional implementation manner, step 103: dividing the network flow into a request packet and a response packet according to the message information, and comprising the following substeps:
the network traffic is divided into request packets or response packets by its IP address, port number and SYN flag.
In this alternative embodiment, as an example, if the target IP address of the network traffic is the IP address of the server, the network traffic may be determined to be a request packet sent by the client to the server, and if the target IP address of the network traffic is the IP address of the client, the network traffic may be determined to be a response packet returned by the server to the client.
In this optional embodiment, the network traffic includes a source IP address, a source port, a destination IP address, a destination port, an application protocol, a SYN flag, and the like, where dividing the network traffic into a request packet or a response packet through the IP address, the port number, and the SYN flag of the network traffic may refer to dividing the network traffic into the request packet or the response packet through the source IP address, the source port, and the SYN flag of the network traffic.
It should be noted that, other data that can be used to divide the network traffic into a request packet and a response packet may also be included in the network traffic, and this optional embodiment is only a preferred embodiment.
In the embodiment of the present application, as an optional implementation manner, step 105: judging whether the login information can be successfully logged in based on the response packet, and comprising the following substeps:
extracting a state code of the response packet and a response body of the response packet;
judging whether the state code of the response packet is a first preset value or not;
when the state code of the response packet is a first preset value, judging whether the response body comprises a third field, wherein the third field represents that the login information is successfully logged in;
and when the response body comprises the third field, determining that the login information is successfully logged in, and if not, determining that the login information is failed to log in.
In this optional embodiment, specifically, the third field may be "response _ code: 0" or "success".
In the embodiment of the present application, as an optional implementation manner, step 106: judging whether the valid login information is a weak password or not, comprising the following substeps:
matching the effective login information with a third-party weak password library to judge whether the effective login information is a pure number or a combination of a digit and a letter with few digits, and if so, determining that the login information is a weak password;
or acquiring a user-defined weak password dictionary, matching the effective login information with the user-defined weak password dictionary, and determining the effective login information as a weak password when the effective login information is successfully matched with the user-defined weak password dictionary.
In this optional embodiment, the valid login information is matched with the weak password library of the third party, so that whether the valid login information is a pure number or a combination of a number and a letter with a small number of digits can be determined, wherein if yes, the login information is determined to be a weak password. As one example, if the valid login information is "666666", for example, the valid login information is determined to be a weak password, and if the valid login information is "123 abc", for example, the valid login information is determined to be a weak password.
It should be noted that the weak third-party password library further includes other matching rules, for example, when the login information is a pure letter, the login information is also determined as a weak password.
In this optional embodiment, the valid login information may be matched with a user-defined weak password dictionary by obtaining the user-defined weak password dictionary, and when the valid login information is successfully matched with the user-defined weak password dictionary, it may be determined that the valid login information is a weak password, where the user-defined weak password dictionary is a user-defined and uploaded weak password dictionary.
In the embodiment of the present application, as an optional implementation manner, step 106: judging whether the valid login information is a weak password or not, comprising the following substeps:
and judging whether the effective login information meets the user-defined weak password matching rule or not, and if the effective login information meets the user-defined weak password matching rule, determining that the effective login information is a weak password.
In this optional embodiment, it can be determined that the valid login information is a weak password by determining whether the valid login information satisfies a custom weak password matching rule.
In this alternative embodiment, the user-defined weak password matching rule is a matching rule defined by user data accessed, wherein the user-defined weak password matching rule may be that when the password does not contain a special symbol, the password is a weak password.
In this optional embodiment, further optionally, determining whether the valid login information satisfies a user-defined weak password matching rule, and if the valid login information satisfies the user-defined weak password matching rule, determining that the valid login information is a weak password, includes:
and judging whether the effective login information comprises a company name, an employee name or administrator information, and if so, determining that the effective login information is a weak password.
In this optional embodiment, if the valid login information includes a company name, an employee name, or administrator information, it indicates that the valid login information is a weak password, that is, the valid login information is easy to leak, and a malicious third party may use the valid login information to attack the enterprise system or use the valid login information to complete other malicious behaviors, for example, a malicious third party may use the valid login information to log in the enterprise system, so as to obtain data of an enterprise based on the enterprise system, and further, a malicious third party may use the valid login information to crack login information of other systems, so as to destroy more system data, for example, complete password malicious modification of a related system using information such as the name of the valid login information, the company name, and the like. On the other hand, when the valid login information is a weak password, it also means that the password is easy to be cracked, for example, if the password in the valid login information is "66666", it is easy to be collided by a malicious third party using the password library.
In this optional embodiment, as another optional mode, determining whether the valid login information satisfies a user-defined weak password matching rule, and if the valid login information satisfies the user-defined weak password matching rule, determining that the valid login information is a weak password, includes:
and judging whether the effective login information comprises the parent name of the login person, if so, determining that the effective login information is a weak password.
In the embodiment of the application, whether the valid login information is the weak password or not can be comprehensively judged based on the precedence relationship among the judgment modes of the plurality of weak passwords, for example, when the valid login information is judged not to include a company name, an employee name or administrator information, whether the valid login information is matched with a third-party weak password library or not can be further judged, and then the cascade judgment is realized.
In the embodiment of the present application, as an alternative implementation, in step 106: after judging whether the effective login information is a weak password, the embodiment of the application further comprises the following steps:
and when the effective login information is the weak password, generating alarm information based on the effective login information, and sending the alarm information to the user.
In this optional embodiment, based on the valid login information, the specific manner of generating the alarm information is as follows:
the method comprises the steps of obtaining the IP address, login time and login times of a login website of effective login information in a preset period, and generating alarm information based on the IP address, login time and login times of the login website in the preset period, wherein the alarm information comprises the IP address, login time and login times of the login website, and can also comprise threat level and other data for notifying a user.
Example two
Referring to fig. 2, fig. 2 is a schematic structural diagram of a weak password determination apparatus according to an embodiment of the present disclosure. As shown in fig. 2, the apparatus of the embodiment of the present application includes the following functional modules:
an obtaining module 201, configured to obtain a network traffic generated in a user login process;
the message restoration module 202 is configured to restore the network traffic into message information;
a dividing module 203, configured to divide the network traffic into a request packet and a response packet according to the message information;
the extraction module 204 is used for extracting login information from the initial line, the request head and the message text of the request packet based on a preset password extraction rule;
a first judging module 205, configured to judge whether the login information can be successfully logged in based on the response packet, where, when the login information is successfully logged in, the login information is screened out and used as valid login information;
the second determining module 206 is configured to determine whether the valid login information is a weak password.
According to the device, through the weak password judgment method, on one hand, effective login information can be screened out from massive login information, so that the workload of weak password judgment is reduced, and the handling cost of the weak password is reduced.
It should be noted that, for other detailed descriptions of the apparatus in the embodiments of the present application, please refer to relevant contents of the first embodiment of the present application, which is not described herein again in the embodiments of the present application.
EXAMPLE III
Referring to fig. 3, fig. 3 is a schematic structural diagram of a weak password determination device disclosed in the embodiment of the present application. As shown in fig. 3, the apparatus of the embodiment of the present application includes:
a memory 301 storing executable program code;
a processor 302 coupled to the memory 301;
the processor 302 calls the executable program code stored in the memory 301 to execute the weak password determination method according to the first embodiment of the present application.
According to the device, through the weak password judgment method, on one hand, effective login information can be screened out from massive login information, so that the workload of weak password judgment is reduced, and the handling cost of the weak password is reduced.
It should be noted that, for other detailed descriptions of the devices in the embodiments of the present application, please refer to relevant contents of the first embodiment of the present application, which is not described herein again in the embodiments of the present application.
Example four
The embodiment of the application discloses a storage medium, wherein a computer instruction is stored in the storage medium, and when the computer instruction is called, the weak password judgment method is used for executing the weak password judgment method in the first embodiment of the application.
According to the storage medium, through the weak password judgment method, on one hand, effective login information can be screened from massive login information, so that the workload of weak password judgment is reduced, and the handling cost of the weak password is reduced.
Please refer to the related contents of the first embodiment of the present application for further details of the storage medium in the embodiment of the present application, which are not described in detail herein.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. The above-described embodiments of the apparatus are merely illustrative, and for example, the division of the units is only one logical division, and there may be other divisions when actually implemented, and for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection of devices or units through some communication interfaces, and may be in an electrical, mechanical or other form.
In addition, units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
Furthermore, the functional modules in the embodiments of the present application may be integrated together to form an independent part, or each module may exist separately, or two or more modules may be integrated to form an independent part.
It should be noted that the functions, if implemented in the form of software functional modules and sold or used as independent products, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application or portions thereof that substantially contribute to the prior art may be embodied in the form of a software product stored in a storage medium and including instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
In this document, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions.
The above description is only an example of the present application and is not intended to limit the scope of the present application, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, improvement and the like made within the spirit and principle of the present application shall be included in the protection scope of the present application.
Claims (10)
1. A weak password determination method, comprising:
acquiring network flow generated in the user login process;
restoring the network flow into message information;
dividing the network flow into a request packet and a response packet according to the message information;
extracting login information from a start line, a request head and a message text of the request packet based on a preset password extraction rule;
judging whether the login information can be successfully logged in or not based on the response packet, wherein when the login information is successfully logged in, the login information is screened out and used as effective login information;
and judging whether the effective login information is a weak password or not.
2. The method of claim 1, wherein the reverting the network traffic to message information comprises:
and restoring the network flow through a sensor tool, and obtaining the message information.
3. The method of claim 1, wherein the dividing the network traffic into a request packet and a response packet according to the message information comprises:
and dividing the network traffic into the request packet or the response packet through an IP address, a port number and a SYN mark of the network traffic.
4. The method of claim 1, wherein the determining whether the login information is login successful based on the response packet comprises:
extracting a state code of the response packet and a response body of the response packet;
judging whether the state code of the response packet is a first preset value or not;
when the status code of the response packet is the first preset value, judging whether the response body comprises a third field, wherein the third field represents that the login information is successfully logged in;
and when the response body comprises the third field, determining that the login information is successful in login, and if not, determining that the login information is failed in login.
5. The method of claim 1, wherein said determining whether said valid login information is a weak password comprises:
matching the effective login information with a third-party weak password library to at least judge whether the effective login information is a pure number or a combination of a digit and a letter with few digits, and if so, determining that the login information is a weak password;
or obtaining a user-defined weak password dictionary, matching the effective login information with the user-defined weak password dictionary, and determining that the effective login information is a weak password when the effective login information is successfully matched with the user-defined weak password dictionary.
6. The method of claim 1, wherein said determining whether said valid login information is a weak password comprises:
and judging whether the effective login information meets a user-defined weak password matching rule or not, and if the effective login information meets the user-defined weak password matching rule, determining that the effective login information is a weak password.
7. The method of claim 1, wherein the extracting the login information in a start line, a request header, and a message body of the request packet based on preset password extraction rules comprises:
and extracting the login information from the initial line, the request head and the message body of the request packet according to a self-defined extraction rule.
8. A weak password determination apparatus, comprising:
the acquisition module is used for acquiring network flow generated in the user login process;
the message reduction module is used for reducing the network flow into message information;
the dividing module is used for dividing the network flow into a request packet and a response packet according to the message information;
the extraction module is used for extracting login information from a start line, a request head and a message text of the request packet based on a preset password extraction rule;
the first judging module is used for judging whether the login information can be successfully logged in or not based on the response packet, wherein when the login information is successfully logged in, the login information is screened out and is used as effective login information;
and the second judgment module is used for judging whether the effective login information is a weak password or not.
9. A weak password determination apparatus, characterized in that the apparatus comprises:
a memory coupled with the memory storing executable program code;
a processor;
the processor calls the executable program code stored in the memory to execute the weak password determination method according to any one of claims 1 to 7.
10. A storage medium storing computer instructions which, when invoked, perform a weak password determination method according to any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111651532.8A CN114006773A (en) | 2021-12-31 | 2021-12-31 | Weak password judgment method, device, equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111651532.8A CN114006773A (en) | 2021-12-31 | 2021-12-31 | Weak password judgment method, device, equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114006773A true CN114006773A (en) | 2022-02-01 |
Family
ID=79932323
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111651532.8A Pending CN114006773A (en) | 2021-12-31 | 2021-12-31 | Weak password judgment method, device, equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114006773A (en) |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104243215A (en) * | 2014-09-28 | 2014-12-24 | 北京奇虎科技有限公司 | Terminal equipment password management method and system and equipment |
| US20180176208A1 (en) * | 2007-08-20 | 2018-06-21 | Ebay Inc. | System and methods for weak authentication data reinforcement |
| CN108256317A (en) * | 2017-12-05 | 2018-07-06 | 西安交大捷普网络科技有限公司 | A kind of weak password detection method |
| CN109246111A (en) * | 2018-09-18 | 2019-01-18 | 郑州云海信息技术有限公司 | A kind of detection method and device of network equipment telnet weak passwurd |
| CN111385272A (en) * | 2018-12-29 | 2020-07-07 | 北京奇虎科技有限公司 | Weak password detection method and device |
| CN111447204A (en) * | 2020-03-24 | 2020-07-24 | 深信服科技股份有限公司 | Weak password detection method, device, equipment and medium |
| CN112613029A (en) * | 2021-01-06 | 2021-04-06 | 深信服科技股份有限公司 | Weak password detection method and device, computer storage medium and equipment |
| CN113852637A (en) * | 2021-09-28 | 2021-12-28 | 全球能源互联网研究院有限公司 | Weak password detection method and device and electronic equipment |
-
2021
- 2021-12-31 CN CN202111651532.8A patent/CN114006773A/en active Pending
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20180176208A1 (en) * | 2007-08-20 | 2018-06-21 | Ebay Inc. | System and methods for weak authentication data reinforcement |
| CN104243215A (en) * | 2014-09-28 | 2014-12-24 | 北京奇虎科技有限公司 | Terminal equipment password management method and system and equipment |
| CN108256317A (en) * | 2017-12-05 | 2018-07-06 | 西安交大捷普网络科技有限公司 | A kind of weak password detection method |
| CN109246111A (en) * | 2018-09-18 | 2019-01-18 | 郑州云海信息技术有限公司 | A kind of detection method and device of network equipment telnet weak passwurd |
| CN111385272A (en) * | 2018-12-29 | 2020-07-07 | 北京奇虎科技有限公司 | Weak password detection method and device |
| CN111447204A (en) * | 2020-03-24 | 2020-07-24 | 深信服科技股份有限公司 | Weak password detection method, device, equipment and medium |
| CN112613029A (en) * | 2021-01-06 | 2021-04-06 | 深信服科技股份有限公司 | Weak password detection method and device, computer storage medium and equipment |
| CN113852637A (en) * | 2021-09-28 | 2021-12-28 | 全球能源互联网研究院有限公司 | Weak password detection method and device and electronic equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP2852913B1 (en) | Method and apparatus for determining malicious program | |
| CN108924118B (en) | Method and system for detecting database collision behavior | |
| CN110210213B (en) | Method and device for filtering malicious sample, storage medium and electronic device | |
| CN112131577A (en) | Vulnerability detection method, device and equipment and computer readable storage medium | |
| CN111131221B (en) | Interface checking device, method and storage medium | |
| CN109547426B (en) | Service response method and server | |
| CN110188538B (en) | Method and device for detecting data by adopting sandbox cluster | |
| CN113051573B (en) | Host safety real-time monitoring alarm system based on big data | |
| CN114172703A (en) | Malicious software identification method, device and medium | |
| CN112153062B (en) | Multi-dimension-based suspicious terminal equipment detection method and system | |
| CN111259382A (en) | Malicious behavior identification method, device and system and storage medium | |
| CN113965419B (en) | Method and device for judging attack success through reverse connection | |
| CN114003904B (en) | Information sharing method, device, computer equipment and storage medium | |
| CN112329036A (en) | File security processing method, device, equipment and storage medium | |
| CN113726818B (en) | Method and device for detecting lost host | |
| CN110955890B (en) | Method and device for detecting malicious batch access behaviors and computer storage medium | |
| CN113496024A (en) | Web page login method and device, storage medium and electronic equipment | |
| CN108989298B (en) | Equipment safety monitoring method and device and computer readable storage medium | |
| CN114006773A (en) | Weak password judgment method, device, equipment and storage medium | |
| CN113965418B (en) | Attack success judgment method and device | |
| US20190363925A1 (en) | Cybersecurity Alert Management System | |
| CN112464249A (en) | Asset equipment attack vulnerability repairing method, device, equipment and storage medium | |
| CN110417743B (en) | Encrypted compressed packet analysis method and device | |
| CN111224979B (en) | Link communication monitoring view construction method based on IP data flow analysis | |
| CN117201190B (en) | Mail attack detection method and device, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20220201 |