CN115086031A - Password verification method and device, electronic equipment and storage medium - Google Patents

Password verification method and device, electronic equipment and storage medium Download PDF

Info

Publication number
CN115086031A
CN115086031A CN202210674235.3A CN202210674235A CN115086031A CN 115086031 A CN115086031 A CN 115086031A CN 202210674235 A CN202210674235 A CN 202210674235A CN 115086031 A CN115086031 A CN 115086031A
Authority
CN
China
Prior art keywords
password
target account
current
complex
channel
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210674235.3A
Other languages
Chinese (zh)
Inventor
黄文强
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Bank of China Ltd
Original Assignee
Bank of China Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Bank of China Ltd filed Critical Bank of China Ltd
Priority to CN202210674235.3A priority Critical patent/CN115086031A/en
Publication of CN115086031A publication Critical patent/CN115086031A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0838Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The application discloses a password verification method and device, electronic equipment and a storage medium, which can be applied to the financial field or other fields, wherein the method comprises the following steps: receiving a current input password of a target account input by a target user on current channel equipment; if the current input password does not belong to the password with the complex format, judging whether the current conversion password of the target account is stored; when a current conversion password receives a password conversion request of a target account, the complex password is converted and stored; if the current conversion password is stored, comparing whether the current conversion password is consistent with the current input password; if the current conversion password is not stored, converting the current input password of the target account into a complex format password corresponding to the current input password according to a conversion rule; comparing whether the complex format password corresponding to the current input password is consistent with the complex password; and if the compared passwords are consistent, feeding back a password passing verification result to the current channel equipment.

Description

Password verification method and device, electronic equipment and storage medium
Technical Field
The present application relates to the field of account security technologies, and in particular, to a password verification method and apparatus, an electronic device, and a storage medium.
Background
With the continuous development of internet technology, in order to effectively ensure the security of an account, many current applications have more and more requirements on the format of an account password set by a user during registration so as to ensure that the account password set by the user has higher complexity and is prevented from being cracked easily.
But still simple pure numeric passwords are currently used for bank accounts. At present, intelligent software such as a mobile phone bank is also introduced by banks, and the support for the responsible password can be easily realized through the software. However, because a large number of devices installed at present cannot support the input of complex passwords, for example, a large number of automatic teller machines can only input numbers, but cannot input characters such as letters and the like.
Because the cost needs to be considered when replacing the devices, the bank account password still adopts a pure digital password at present. Thus resulting in the current bank account still having a higher risk.
Disclosure of Invention
Based on the defects of the prior art, the application provides a password verification method and device, electronic equipment and a storage medium, so as to solve the problem that the existing mode causes higher risk of an account.
In order to achieve the above object, the present application provides the following technical solutions:
a first aspect of the present application provides a password authentication method, including:
receiving a current input password of a target account input on current channel equipment by a target user and sent by the current channel equipment;
if the current input password of the target account does not belong to the password with the complex format, judging whether the current conversion password of the target account is stored; when a password conversion request of the target account initiated by a target user through a target client is received, converting a complex password of the target account into a one-time password conforming to a password input format of the current channel equipment according to a conversion rule;
if the current conversion password of the target account is stored, comparing whether the current conversion password of the target account is consistent with the current input password of the target account or not;
if the current conversion password of the target account is consistent with the current input password of the target account through comparison, a password passing verification result is fed back to the current channel equipment;
if the current conversion password of the target account is not stored, converting the current input password of the target account into a complex format password corresponding to the current input password according to the conversion rule;
comparing whether the complex format password corresponding to the current input password is consistent with the complex password of the target account or not;
and if the complex format password corresponding to the current input password is consistent with the complex password of the target account through comparison, the password passing verification result is fed back to the current channel equipment.
Optionally, in the above password verification method, before receiving the current input password of the target account, which is sent by the current device and input by the target user on the current channel device, the method further includes:
receiving a password conversion request of the target account, which is sent by the target client after the target user sends the verification of the complex password passing through the target account at the target client; the password conversion request of the target account at least comprises a channel identification corresponding to the current channel equipment and an account number of the target account;
acquiring a complex password of the target account according to the account number of the target account;
converting the complex password of the target account into a one-time password which accords with the current channel equipment according to the conversion rule;
determining the one-time password obtained by current conversion as the current conversion password of the target account;
and storing the current conversion password of the target account, and feeding back the current conversion password of the target account to the target client.
Optionally, in the above password verification method, before obtaining the complex password of the target account according to the identifier of the target account, the method further includes:
judging whether the channel to which the current channel equipment belongs to a channel using the complex password of the target account or not according to the user configuration information of the target account; if the channel to which the current channel equipment belongs is judged to belong to the channel using the complex password of the target account, executing the complex password of the target account acquired according to the identification of the target account;
if the channel to which the current channel equipment belongs is judged not to belong to the channel using the complex password of the target account, sending prompt information to the target client; the prompting information is used for prompting that the channel to which the current channel equipment belongs does not belong to a channel using the complex password of the target account.
Optionally, in the above password verification method, before converting the current input password of the target account into the complex-format password corresponding to the current input password according to the conversion rule, the method further includes:
judging whether the channel to which the current channel equipment belongs to a channel using the complex password of the target account or not according to the user configuration information of the target account; if the channel to which the current channel equipment belongs is judged to belong to the channel using the complex password of the target account, the current input password of the target account is converted into the complex format password corresponding to the current input password according to the conversion rule;
and if the channel to which the current channel equipment belongs is judged not to belong to the channel using the complex password of the target account, feeding back a password non-passing verification result to the current channel equipment, and feeding back the prompt information.
Optionally, in the above password authentication method, the method further includes:
if the current input password of the target account belongs to the password with the complex format, comparing whether the current input password of the target account is consistent with the complex password of the target account or not; and if the current input password of the target account is consistent with the complex password of the target account through comparison, the password passing verification result is fed back to the current channel equipment.
Another embodiment of the present application provides a password authentication apparatus, including:
the first receiving unit is used for receiving a current input password of a target account, which is input on the current channel equipment by a target user and is sent by the current channel equipment;
the first judgment unit is used for judging whether the current conversion password of the target account is stored or not when the current input password of the target account does not belong to the password with the complex format; when a password conversion request of the target account initiated by the target user through a target client is received, converting the complex password of the target account into a one-time password which accords with a password input format of the current channel equipment according to a conversion rule;
the first verification unit is used for comparing whether the current conversion password of the target account is consistent with the current input password of the target account or not when the current conversion password of the target account is judged to be stored;
the first conversion unit is used for converting the current input password of the target account into a complex format password corresponding to the current input password according to the conversion rule if the current conversion password of the target account is judged not to be stored;
the second verification unit is used for comparing whether the complex format password corresponding to the current input password is consistent with the complex password of the target account or not;
and the result feedback unit is used for feeding back a password passing verification result to the current channel equipment when the current conversion password of the target account is compared to be consistent with the current input password of the target account or the complex format password corresponding to the current input password is compared to be consistent with the complex password of the target account.
Optionally, in the above password authentication apparatus, the password authentication apparatus further includes:
the second receiving unit is used for receiving a password conversion request of the target account sent by the target client after the target client sends the verification of the complex password passing through the target account; the password conversion request of the target account at least comprises a channel identification corresponding to the current channel equipment and an account number of the target account;
the acquisition unit is used for acquiring the complex password of the target account according to the account number of the target account;
the second conversion unit is used for converting the complex password of the target account into a one-time password which accords with the current channel equipment according to the conversion rule;
the determining unit is used for determining the one-time password obtained by current conversion as the current conversion password of the target account;
and the password feedback unit is used for storing the current conversion password of the target account and feeding back the current conversion password of the target account to the target client.
Optionally, in the above password authentication apparatus, the password authentication apparatus further includes:
the second judging unit is used for judging whether the channel to which the current channel equipment belongs to a channel using the complex password of the target account or not according to the user configuration information of the target account; when the second judging unit judges that the channel to which the current channel equipment belongs to a channel using the complex password of the target account, the acquiring unit executes the complex password of the target account acquired according to the identifier of the target account;
a first prompting unit, configured to send a prompting message to the target client when the second determining unit determines that the channel to which the current channel device belongs does not belong to a channel using a complex password of the target account; the prompting information is used for prompting that the channel to which the current channel equipment belongs does not belong to a channel using the complex password of the target account.
Optionally, in the above password authentication apparatus, the password authentication apparatus further includes:
the third judging unit is used for judging whether the channel to which the current channel equipment belongs to a channel using the complex password of the target account or not according to the user configuration information of the target account; when the three judging units judge that the channel to which the current channel equipment belongs to a channel using the complex password of the target account, the first converting unit executes the conversion of the current input password of the target account into the complex format password corresponding to the current input password according to the conversion rule;
and the second prompting unit is used for feeding back a password non-passing verification result to the current channel equipment and feeding back the prompting information when the third judging unit judges that the channel to which the current channel equipment belongs does not belong to the channel using the complex password of the target account.
Optionally, in the above password authentication apparatus, the password authentication apparatus further includes:
the third verification unit is used for comparing whether the current input password of the target account is consistent with the complex password of the target account or not when the current input password of the target account belongs to the password with the complex format; and if the current input password of the target account is consistent with the complex password of the target account through comparison, the result feedback unit executes the password passing verification result fed back to the current channel equipment.
A third aspect of the present application provides an electronic device comprising:
a memory and a processor;
wherein the memory is used for storing programs;
the processor is configured to execute the program, and when executed, the program is specifically configured to implement the password authentication method as described in any of the above.
A fourth aspect of the present application provides a computer storage medium for storing a computer program which, when executed, is operable to implement a cryptographic authentication method as claimed in any one of the preceding claims.
According to the password verification method, the password conversion request of the target account can be initiated through the target client before the password is input, so that the complex password of the target account is converted into the one-time password which accords with the password input format of the current channel equipment according to the conversion rule, the current conversion password of the target account is obtained, or the conversion is directly carried out through the target client, so that the complex password can be converted into the password with the simple format, and the password can be input on the equipment which does not support the complex password. Therefore, after receiving the current input password of the target account input by the target user on the current channel equipment and sent by the current channel equipment, if the current input password of the target account does not belong to the password with the complex format, whether the current conversion password of the target account is stored is judged. And if the current conversion password of the target account is stored, comparing whether the current conversion password of the target account is consistent with the current input password of the target account. And if the current conversion password of the target account is consistent with the current input password of the target account through comparison, feeding back a password passing verification result to the current channel equipment. If the current conversion password of the target account is not stored, the current input password of the target account is converted into the complex format password corresponding to the current input password according to the conversion rule, and then whether the complex format password corresponding to the current input password is consistent with the complex password of the target account or not is compared. If the complex format password corresponding to the compared current input password is consistent with the complex password of the target account, the password passing verification result is also fed back to the current channel equipment, so that the channel equipment which does not support the input of the complex format password can be verified by the complex format password through the conversion of the password format, and the safety of the account is effectively improved.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, it is obvious that the drawings in the following description are only embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
Fig. 1 is a flowchart of a password authentication method according to an embodiment of the present application;
fig. 2 is a flowchart of a method for obtaining a current conversion password of a target account according to an embodiment of the present disclosure;
fig. 3 is a schematic structural diagram of a password authentication device according to an embodiment of the present disclosure;
fig. 4 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be described clearly and completely with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only some embodiments of the present application, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
In this application, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The embodiment of the application provides a password verification method, as shown in fig. 1, specifically including the following steps:
s101, receiving a current input password of a target account input by a target user on current channel equipment, wherein the password is sent by the current channel equipment.
Wherein the target user refers to a user who currently inputs a password. The current channel device refers to a device for which the user currently inputs a password. And the currently input password of the target account refers to the password currently input by the target user aiming at the target account.
When a user needs to verify the password of the target account during withdrawal or other operations, the password is input on the current channel equipment, and the current channel equipment verifies the current input password of the target account and other data in the background.
S102, judging whether the current input password of the target account belongs to the password with the complex format.
In the embodiment of the present application, the complex-format password mainly refers to a password that is distinguished from an existing password format, for example, a password that includes letters or other special characters, or a password that has a length that is greater than an existing password format requirement. For setting the complex format password, the setting needs to be performed on the channel equipment supporting the complex format password entry.
Because some channel devices support complex format passwords, such as mobile phone banks, or computer clients. And part of channel equipment can not support the input of the password with the complex format, and the password after the conversion of the password with the complex format can be adopted, so that the current input password needing to be processed by the target account can be the password with the complex format or not, and the processing modes under different conditions are different, so that whether the current input password of the target account belongs to the password with the complex format or not needs to be judged firstly.
Optionally, the determination may be performed directly according to a specific format of a currently input password of the target account, or may be performed according to a password input format supported by the current channel device, and at this time, the channel identifier of the current channel device needs to be obtained.
If the currently input password of the target account is not determined to belong to the password with the complex format, it is determined that the currently input password is the password with the converted format, so step S103 is executed at this time. And if the current input password of the target account belongs to the password with the complex format, comparing whether the current input password of the target account is consistent with the complex password of the target account.
If the current input password of the target account is consistent with the complex password of the target account, step S107 is executed.
S103, judging whether the current conversion password of the target account is stored.
When a password conversion request of the target account initiated by a target user through a target client is received, the current conversion password of the target account is a one-time password which is in accordance with the password input format of the current channel equipment and converts the complex password of the target account into the complex password of the target account according to the conversion rule.
The target client refers to a client capable of performing user association on a target account, such as a mobile phone bank.
It should be noted that, for a channel setting that does not support password entry in a complex format, in the embodiment of the present application, a user may perform password authentication in two ways. One is a password conversion request of the target account initiated by the target client to the background before the password is entered on the current channel device. At the moment, the background converts the complex password of the target account into a one-time password which accords with the password input format of the current channel equipment according to the conversion rule, namely, the complex password is converted into the current conversion password of the target account, the current conversion password of the target account is stored, and the current conversion password of the target account is fed back to the target client. After obtaining the current conversion password of the target account, the target user can input the current conversion password of the target account on the current channel equipment. In another mode, the complex password of the target account is directly converted into the password meeting the current channel equipment through the target client, or the user converts the complex password of the target account into the password meeting the current channel equipment according to the conversion rule and inputs the obtained password into the current channel equipment.
Therefore, if the first method is adopted, the background stores the current conversion password of the target account, so that password authentication can be performed by directly using the current conversion password of the target account, and step S104 is executed when it is determined that the current conversion password of the target account is stored. If the second method is adopted, it is determined that the current conversion password of the target account is not stored, and at this time, only step S105 is executed accordingly.
Optionally, the method for obtaining the current conversion password of the target account, provided by the embodiment of the present application, is executed before step S101, and specifically as shown in fig. 2, includes the following steps:
s201, receiving a password conversion request of a target account sent by a target client after the target client sends the verification of the complex password of the target account.
The password conversion request of the target account at least comprises a channel identification corresponding to the current channel equipment and an account number of the target account.
Specifically, when a target user needs to perform password conversion, a channel identifier corresponding to a current channel device can be entered through a target client to initiate a password conversion request, at this time, the target client will obtain an account number of a currently logged-in target account, and then a password conversion request of the target account is initiated by using the channel identifier corresponding to the current channel device and the account number of the target account. Optionally, the target user may also input a password entry format supported by the current channel device, which may provide for efficiency of conversion. If the user does not input the password input format supported by the current channel equipment, determining a default password input format associated with the channel identification of the current channel equipment according to the channel identification of the current channel equipment.
In order to ensure the security, after the user inputs information such as channel identification corresponding to the current channel equipment, the user also needs to verify the complex password of the target account, and only after the verification is passed, the user can initiate the password conversion request,
optionally, in another embodiment of the present application, in order to make the use of the password more flexible, the requirements of different users can be met. Therefore, in another embodiment of the present application, after the target user sets the complex password of the target account, a channel using the complex password of the target account may be configured, and the complex format password of the target account may not be required to be used in all channels. Therefore, in another embodiment of the present application, before performing step S202, the following steps may be further performed:
and judging whether the channel to which the current channel equipment belongs to a channel using the complex password of the target account or not according to the user configuration information of the target account.
If the channel to which the current channel device belongs is judged to belong to the channel using the complex password of the target account, step S202 is executed.
And if the channel to which the current channel equipment belongs is judged not to belong to the channel using the complex password of the target account, sending prompt information to the target client. The prompt information is used for prompting that the channel to which the current channel equipment belongs does not belong to the channel using the complex password of the target account, so that the target user knows that the current channel equipment cannot request password conversion, and the password with a simple format can be directly used.
S202, acquiring the complex password of the target account according to the account number of the target account.
Alternatively, the complex password for the target account may be looked up from a background database. Of course, feedback from the target client is also possible. Specifically, the request may be included in the request for the cryptographic conversion, and in this case, the request for the cryptographic conversion needs to be extracted.
And S203, converting the complex password of the target account into a one-time password which accords with the current channel equipment according to the conversion rule.
It should be noted that, in order to further ensure the security of the password, in the embodiment of the present application, the password converted according to the conversion rule is disposable, and will be invalidated after being used.
And S204, determining the current converted one-time password as the current conversion password of the target account.
S205, storing the current conversion password of the target account, and feeding back the current conversion password of the target account to the target client.
And S104, comparing whether the current conversion password of the target account is consistent with the current input password of the target account.
If the current conversion password of the target account is consistent with the current input password of the target account, step S107 is executed to handle subsequent services on the current channel device. Optionally, if the current conversion password of the target account is not consistent with the current input password of the target account, it is determined that the password is not verified, and at this time, a password error may be fed back to the current channel device.
And S105, converting the current input password of the target account into a complex format password corresponding to the current input password according to the conversion rule.
It should be noted that, in the embodiment of the present application, the conversion rule may not only convert the complex format password into the simple format password, but also perform reverse pushing to convert the simple format password back into the complex format password.
It should be noted that, in order to ensure security, the password converted according to the conversion rule has a certain randomness, so that the complex password of the target account is converted twice according to the conversion rule, and the obtained passwords are usually different. Therefore, if the complex password of the target account is converted into the password with the simple format according to the conversion rule, the obtained password with the simple format is different from the current input password of the target account, so in the embodiment of the present application, the current input password of the target account is reversely pushed according to the conversion rule to obtain the corresponding password with the complex format, and then step S106 is executed.
Similarly, in another embodiment of the present application, after the target user sets the complex password of the target account, channels using the complex format password may be configured, and the complex format password may not be required to be used in all channels. Therefore, in another embodiment of the present application, before performing step S105, the following steps may be further performed:
and judging whether the channel to which the current channel equipment belongs to a channel using the complex password of the target account or not according to the user configuration information of the target account.
If the channel to which the current channel device belongs is judged to belong to the channel using the complex password of the target account, step S105 is executed.
And if the channel to which the current channel equipment belongs is judged not to belong to the channel using the complex password of the target account, feeding back a password non-passing verification result to the current channel equipment, and feeding back prompt information.
And S106, comparing whether the complex format password corresponding to the current input password is consistent with the complex password of the target account.
If the complex format password corresponding to the current input password is consistent with the complex password of the target account, step S107 is executed to handle subsequent services on the current channel device. Optionally, if the complex format password corresponding to the currently input password is not consistent with the complex password of the target account, it is determined that the password is not verified, and at this time, a password error may be fed back to the current channel device.
And S107, feeding back a password passing verification result to the current channel equipment.
After the current channel equipment receives the password passing verification result, the target user can be allowed to handle subsequent services through the current channel equipment.
The embodiment of the application provides a password verification method, which can initiate a password conversion request of a target account through a target client before inputting a password, convert a complex password of the target account into a one-time password which accords with a password input format of current channel equipment according to a conversion rule, obtain a current conversion password of the target account, or directly convert the complex password into a password with a simple format through the target client, and input the complex password on equipment which does not support the complex password. Therefore, after receiving the current input password of the target account input by the target user on the current channel equipment and sent by the current channel equipment, if the current input password of the target account does not belong to the password with the complex format, whether the current conversion password of the target account is stored is judged. And if the current conversion password of the target account is stored, comparing whether the current conversion password of the target account is consistent with the current input password of the target account. And if the current conversion password of the target account is consistent with the current input password of the target account through comparison, feeding back a password passing verification result to the current channel equipment. If the current conversion password of the target account is not stored, the current input password of the target account is converted into the complex format password corresponding to the current input password according to the conversion rule, and then whether the complex format password corresponding to the current input password is consistent with the complex password of the target account or not is compared. If the complex format password corresponding to the compared current input password is consistent with the complex password of the target account, the password passing verification result is also fed back to the current channel equipment, so that the channel equipment which does not support the input of the complex format password can be verified by the complex format password through the conversion of the password format, and the safety of the account is effectively improved.
Another embodiment of the present application provides a password verification apparatus, as shown in fig. 3, including:
a first receiving unit 301, configured to receive a current input password of a target account, which is input by a target user on a current channel device and sent by the current channel device.
The first determining unit 302 is configured to determine whether a current conversion password of the target account is stored when the current input password of the target account does not belong to a password with a complex format.
When a password conversion request of the target account initiated by a target user through a target client is received, the current conversion password of the target account is a one-time password which is in accordance with the password input format of the current channel equipment and converts the complex password of the target account into the complex password of the target account according to the conversion rule.
The first verifying unit 303 is configured to compare whether the current conversion password of the target account is consistent with the current input password of the target account when it is determined that the current conversion password of the target account is stored.
The first conversion unit 304 is configured to, if it is determined that the current conversion password of the target account is not stored, convert the current input password of the target account into a complex format password corresponding to the current input password according to the conversion rule.
And a second verification unit 305, configured to compare whether the complex-format password corresponding to the currently input password is consistent with the complex password of the target account.
And the result feedback unit 306 is configured to feed back a password passing verification result to the current channel device when the current conversion password of the target account is identical to the current input password of the target account or the complex format password corresponding to the current input password is identical to the complex password of the target account.
Optionally, in a password verification apparatus provided in another embodiment of the present application, the password verification apparatus further includes:
and the second receiving unit is used for receiving a password conversion request of the target account sent by the target client after the target client sends the verification of the complex password passing through the target account.
The password conversion request of the target account at least comprises a channel identification corresponding to the current channel equipment and an account number of the target account.
And the acquisition unit is used for acquiring the complex password of the target account according to the account number of the target account.
And the second conversion unit is used for converting the complex password of the target account into a one-time password which accords with the current channel equipment according to the conversion rule.
And the determining unit is used for determining the one-time password obtained by current conversion as the current conversion password of the target account.
And the password feedback unit is used for storing the current conversion password of the target account and feeding back the current conversion password of the target account to the target client.
Optionally, in a password verification apparatus provided in another embodiment of the present application, further including:
and the second judgment unit is used for judging whether the channel to which the current channel equipment belongs to a channel using the complex password of the target account or not according to the user configuration information of the target account.
When the second judging unit judges that the channel to which the current channel equipment belongs to a channel using the complex password of the target account, the acquiring unit executes to acquire the complex password of the target account according to the identification of the target account.
And the first prompting unit is used for sending prompting information to the target client when the second judging unit judges that the channel to which the current channel equipment belongs does not belong to the channel using the complex password of the target account.
The prompting information is used for prompting that the channel to which the current channel equipment belongs does not belong to the channel using the complex password of the target account.
Optionally, in a password verification apparatus provided in another embodiment of the present application, further including:
and the third judging unit is used for judging whether the channel to which the current channel equipment belongs to a channel using the complex password of the target account or not according to the user configuration information of the target account.
When the third judging unit judges that the channel to which the current channel equipment belongs to the channel using the complex password of the target account, the first conversion unit converts the current input password of the target account into the complex format password corresponding to the current input password according to the conversion rule.
And the second prompting unit is used for feeding back a password non-passing verification result to the current channel equipment and feeding back prompting information when the third judging unit judges that the channel to which the current channel equipment belongs does not belong to the channel using the complex password of the target account.
Optionally, in a password verification apparatus provided in another embodiment of the present application, the password verification apparatus further includes:
and the third verification unit is used for comparing whether the current input password of the target account is consistent with the complex password of the target account or not when the current input password of the target account belongs to the password with the complex format.
And if the current input password of the target account is consistent with the complex password of the target account through comparison, the result feedback unit feeds back the password passing verification result to the current channel equipment.
It should be noted that, for the specific working processes of each unit provided in the foregoing embodiments of the present application, corresponding steps in the foregoing method embodiments may be referred to accordingly, and are not described herein again.
Another embodiment of the present application provides an electronic device, as shown in fig. 4, including:
a memory 401 and a processor 402.
The memory 401 is used for storing programs.
The processor 402 is configured to execute the program stored in the memory 401, and when the program is executed, the program is specifically configured to implement the password authentication method provided in any of the above-mentioned embodiments.
Another embodiment of the present application provides a computer storage medium for storing a computer program, and when the computer program is executed, the computer program is used to implement the password authentication method provided in any one of the above embodiments.
Computer storage media, including permanent and non-permanent, removable and non-removable media, may implement the information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
The invention name provided by the invention can be used in the financial field or other fields, for example, can be used in a password verification application scene in the financial field. The other fields are arbitrary fields other than the financial field. The above description is only an example, and does not limit the application fields of the password authentication method and apparatus, the electronic device, and the storage medium provided by the present invention.
Those of skill would further appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative components and steps have been described above generally in terms of their functionality in order to clearly illustrate this interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (10)

1. A method of password authentication, comprising:
receiving a current input password of a target account input on current channel equipment by a target user and sent by the current channel equipment;
if the current input password of the target account does not belong to the password with the complex format, judging whether the current conversion password of the target account is stored; when a password conversion request of the target account initiated by the target user through a target client is received, converting the complex password of the target account into a one-time password which accords with a password input format of the current channel equipment according to a conversion rule;
if the current conversion password of the target account is stored, comparing whether the current conversion password of the target account is consistent with the current input password of the target account or not;
if the current conversion password of the target account is consistent with the current input password of the target account through comparison, a password passing verification result is fed back to the current channel equipment;
if the current conversion password of the target account is not stored, converting the current input password of the target account into a complex format password corresponding to the current input password according to the conversion rule;
comparing whether the complex format password corresponding to the current input password is consistent with the complex password of the target account or not;
and if the complex format password corresponding to the current input password is consistent with the complex password of the target account through comparison, the password passing verification result is fed back to the current channel equipment.
2. The method of claim 1, wherein the receiving of the current input password of the target account input by the target user on the current channel device sent by the current device further comprises:
receiving a password conversion request of the target account, which is sent by the target client after the target user sends the verification of the complex password of the target account through the target client; the password conversion request of the target account at least comprises a channel identification corresponding to the current channel equipment and an account number of the target account;
acquiring a complex password of the target account according to the account number of the target account;
converting the complex password of the target account into a one-time password which accords with the current channel equipment according to the conversion rule;
determining the one-time password obtained by current conversion as the current conversion password of the target account;
and storing the current conversion password of the target account, and feeding back the current conversion password of the target account to the target client.
3. The method of claim 2, wherein before the obtaining the complex password of the target account according to the identifier of the target account, the method further comprises:
judging whether the channel to which the current channel equipment belongs to a channel using the complex password of the target account or not according to the user configuration information of the target account; if the channel to which the current channel equipment belongs is judged to belong to the channel using the complex password of the target account, executing the complex password of the target account acquired according to the identification of the target account;
if the channel to which the current channel equipment belongs is judged not to belong to the channel using the complex password of the target account, sending prompt information to the target client; the prompting information is used for prompting that the channel to which the current channel equipment belongs does not belong to a channel using the complex password of the target account.
4. The method of claim 3, wherein before converting the current input password of the target account into the complex format password corresponding to the current input password according to the conversion rule, the method further comprises:
judging whether the channel to which the current channel equipment belongs to a channel using the complex password of the target account or not according to the user configuration information of the target account; if the channel to which the current channel equipment belongs is judged to belong to the channel using the complex password of the target account, the current input password of the target account is converted into the complex format password corresponding to the current input password according to the conversion rule;
and if the channel to which the current channel equipment belongs is judged not to belong to the channel using the complex password of the target account, feeding back a password non-passing verification result to the current channel equipment, and feeding back the prompt information.
5. The method of claim 1, further comprising:
if the current input password of the target account belongs to the password with the complex format, comparing whether the current input password of the target account is consistent with the complex password of the target account or not; and if the current input password of the target account is consistent with the complex password of the target account through comparison, the password passing verification result is fed back to the current channel equipment.
6. A password authentication apparatus, comprising:
the first receiving unit is used for receiving a current input password of a target account, which is input on the current channel equipment by a target user and is sent by the current channel equipment;
the first judgment unit is used for judging whether the current conversion password of the target account is stored or not when the current input password of the target account does not belong to the password with the complex format; when a password conversion request of the target account initiated by the target user through a target client is received, converting the complex password of the target account into a one-time password which accords with a password input format of the current channel equipment according to a conversion rule;
the first verification unit is used for comparing whether the current conversion password of the target account is consistent with the current input password of the target account or not when the current conversion password of the target account is judged to be stored;
the first conversion unit is used for converting the current input password of the target account into a complex format password corresponding to the current input password according to the conversion rule if the current conversion password of the target account is judged not to be stored;
the second verification unit is used for comparing whether the complex format password corresponding to the current input password is consistent with the complex password of the target account or not;
and the result feedback unit is used for feeding back a password passing verification result to the current channel equipment when the current conversion password of the target account is compared to be consistent with the current input password of the target account or the complex format password corresponding to the current input password is compared to be consistent with the complex password of the target account.
7. The apparatus of claim 6, further comprising:
a second receiving unit, configured to receive a password conversion request of the target account sent by the target client after the target client sends the verification of the complex password that passes through the target account; the password conversion request of the target account at least comprises a channel identification corresponding to the current channel equipment and an account number of the target account;
the acquisition unit is used for acquiring the complex password of the target account according to the account number of the target account;
the second conversion unit is used for converting the complex password of the target account into a one-time password which accords with the current channel equipment according to the conversion rule;
the determining unit is used for determining the one-time password obtained by current conversion as the current conversion password of the target account;
and the password feedback unit is used for storing the current conversion password of the target account and feeding back the current conversion password of the target account to the target client.
8. The apparatus of claim 7, further comprising:
the second judging unit is used for judging whether the channel to which the current channel equipment belongs to a channel using the complex password of the target account or not according to the user configuration information of the target account; when the second judging unit judges that the channel to which the current channel equipment belongs to a channel using the complex password of the target account, the acquiring unit executes the complex password of the target account acquired according to the identifier of the target account;
a first prompting unit, configured to send a prompting message to the target client when the second determining unit determines that the channel to which the current channel device belongs does not belong to a channel using a complex password of the target account; the prompting information is used for prompting that the channel to which the current channel equipment belongs does not belong to a channel using the complex password of the target account.
9. An electronic device, comprising:
a memory and a processor;
wherein the memory is used for storing programs;
the processor is configured to execute the program, which when executed is specifically configured to implement the password authentication method as claimed in any one of claims 1 to 5.
10. A computer storage medium storing a computer program which, when executed, implements a cryptographic authentication method as claimed in any one of claims 1 to 5.
CN202210674235.3A 2022-06-15 2022-06-15 Password verification method and device, electronic equipment and storage medium Pending CN115086031A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210674235.3A CN115086031A (en) 2022-06-15 2022-06-15 Password verification method and device, electronic equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210674235.3A CN115086031A (en) 2022-06-15 2022-06-15 Password verification method and device, electronic equipment and storage medium

Publications (1)

Publication Number Publication Date
CN115086031A true CN115086031A (en) 2022-09-20

Family

ID=83252242

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210674235.3A Pending CN115086031A (en) 2022-06-15 2022-06-15 Password verification method and device, electronic equipment and storage medium

Country Status (1)

Country Link
CN (1) CN115086031A (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105227520A (en) * 2014-06-09 2016-01-06 中移电子商务有限公司 The method and system of a kind of account password setting and authenticating user identification
CN106375085A (en) * 2015-07-21 2017-02-01 中兴通讯股份有限公司 Password verification method, apparatus and system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105227520A (en) * 2014-06-09 2016-01-06 中移电子商务有限公司 The method and system of a kind of account password setting and authenticating user identification
CN106375085A (en) * 2015-07-21 2017-02-01 中兴通讯股份有限公司 Password verification method, apparatus and system

Similar Documents

Publication Publication Date Title
EP2929479B1 (en) Method and apparatus of account login
US20190280863A1 (en) Recovery of secret data in a distributed system
AU2017215589B2 (en) Electronic payment service processing method and device, and electronic payment method and device
US20130239173A1 (en) Computer program and method for administering secure transactions using secondary authentication
WO2008130760A1 (en) Request-specific authentication for accessing web service resources
US11218464B2 (en) Information registration and authentication method and device
CN113472716B (en) System access method, gateway device, server, electronic device and storage medium
WO2023071305A1 (en) Cloud database resource processing method and apparatus, and electronic device and storage medium
CN104767616A (en) Message processing method, system and related device
CN110690972A (en) Token authentication method and device, electronic equipment and storage medium
CN104767617A (en) Message processing method, system and related device
CN104579671A (en) Authentication method and system
EP2540028B1 (en) Protecting account security settings using strong proofs
US20240040384A1 (en) Techniques for call authentication
WO2018006318A1 (en) Method and system for using intelligent entrance guard on basis of mobile terminal
US8875244B1 (en) Method and apparatus for authenticating a user using dynamic client-side storage values
WO2017067455A1 (en) Verification device and method based on fingerprint application
CN112101605A (en) Method and device for reserving withdrawal, electronic equipment and computer storage medium
CN115086031A (en) Password verification method and device, electronic equipment and storage medium
CN107104922B (en) Method and device for authority management and resource control
CN115600178A (en) Transaction request processing method and device, electronic equipment and storage medium
CN106161365B (en) Data processing method and device and terminal
CN109450953B (en) Authorization method and device, electronic equipment and computer readable storage medium
CN115001803B (en) Mobile phone bank login method and device
WO2022143056A1 (en) Identity card-based hardware wallet fingerprint authentication method and system, and hardware wallet

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination