CN115967581A - Login verification method and device, electronic equipment and storage medium - Google Patents

Login verification method and device, electronic equipment and storage medium Download PDF

Info

Publication number
CN115967581A
CN115967581A CN202310020045.4A CN202310020045A CN115967581A CN 115967581 A CN115967581 A CN 115967581A CN 202310020045 A CN202310020045 A CN 202310020045A CN 115967581 A CN115967581 A CN 115967581A
Authority
CN
China
Prior art keywords
login
code
signature
preset input
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310020045.4A
Other languages
Chinese (zh)
Inventor
李祖金
陈德伟
邹鹤良
罗新良
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Digital Guangdong Network Construction Co Ltd
Original Assignee
Digital Guangdong Network Construction Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Digital Guangdong Network Construction Co Ltd filed Critical Digital Guangdong Network Construction Co Ltd
Priority to CN202310020045.4A priority Critical patent/CN115967581A/en
Publication of CN115967581A publication Critical patent/CN115967581A/en
Pending legal-status Critical Current

Links

Images

Abstract

The embodiment of the invention discloses a login verification method and device, electronic equipment and a storage medium, and belongs to the technical field of login verification. The method mainly comprises the following steps: responding to a login request initiated by a user input login account to a service system, carrying out biological feature acquisition on the user by using preset input equipment, and unlocking the preset input equipment based on the biological features of the user; acquiring a signature login code from the unlocked preset input equipment, inputting the login code into the preset input equipment through the signature login code, and signing the login code by using a private key stored in the preset input equipment to obtain the signature login code; and submitting a login request carrying the signature login code to a server of the business system so that the server of the business system checks the signature login code by using the public key corresponding to the private key and verifies the corresponding login code after the signature check is passed. According to the embodiment of the invention, multiple verification protection is carried out on the user account of the service system, the safety of the account of the service system is improved, and important information leakage is avoided.

Description

Login verification method and device, electronic equipment and storage medium
Technical Field
The present invention relates to the field of login verification technologies, and in particular, to a login verification method and apparatus, an electronic device, and a storage medium.
Background
In the prior art, when login verification is performed, a common method of adding a graphical verification code to an account password or short message verification is adopted, and certificate verification and the like are also adopted in a relatively safe manner. However, all the authentication methods may be cracked, for example, an account password is exploded, a mobile phone is lost, or a certificate UKEY is lost, which may cause information leakage. Therefore, a more secure and reliable login authentication method is needed.
Disclosure of Invention
The embodiment of the invention provides a login verification method, a login verification device, electronic equipment and a storage medium, which can perform multiple verification protection on a user account of a service system by combining biological characteristic verification, login code input equipment verification, key signature verification and login code verification.
In a first aspect, an embodiment of the present invention provides a login verification method, including: responding to a login request initiated by a user input login account to a service system, performing biological feature acquisition on the user by using preset input equipment, and unlocking the preset input equipment based on the biological features of the user; acquiring a signature login code from the unlocked preset input device, inputting the login code from the preset input device through the signature login code, and signing the login code by using a private key stored in the preset input device to obtain the signature login code; and submitting a login request carrying the signature login code to a server of the business system so that the server of the business system checks the signature login code by using the public key corresponding to the private key and verifies the corresponding login code after the signature check is passed.
In a second aspect, an embodiment of the present invention provides a login authentication apparatus, including: the first verification module is used for responding to a login request initiated by a user input login account to the service system, utilizing preset input equipment to collect biological characteristics of the user and unlocking the preset input equipment based on the biological characteristics of the user; the second verification module is used for acquiring a signature login code from the unlocked preset input equipment, inputting the login code from the preset input equipment through the signature login code, and signing the login code by using a private key stored in the preset input equipment to obtain the signature login code; and the third verification module is used for submitting a login request carrying the signature login code to the server of the business system so that the server of the business system verifies the signature login code by using the public key corresponding to the private key and verifies the corresponding login code after the verification passes.
In a third aspect, an embodiment of the present invention further provides an electronic device, including a memory, a processor, and a computer program stored in the memory and executable on the processor, where the processor executes the computer program to implement the login authentication method according to any one of the embodiments of the present invention.
In a fourth aspect, the embodiments of the present invention further provide a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the login authentication method according to any one of the embodiments of the present invention.
The embodiment of the invention provides a login verification method, a login verification device, electronic equipment and a storage medium, which can perform multiple verification protection on a user account of a business system by combining biological characteristic verification, login code input equipment verification, key signature verification and login code verification in a login process, improve the safety of the account of the business system and avoid important information leakage.
Drawings
Fig. 1 is a schematic flowchart of a login authentication method according to an embodiment of the present invention;
fig. 2 is another schematic flow chart of a login authentication method according to an embodiment of the present invention;
FIG. 3 is a flowchart illustrating a login authentication method according to another embodiment of the present invention;
fig. 4 is a schematic structural diagram of a login authentication device according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of a login authentication device according to another embodiment of the present invention;
FIG. 6 is a schematic diagram of an electronic device according to an embodiment of the present invention;
Detailed Description
The present invention will be described in further detail with reference to the accompanying drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the invention and are not limiting of the invention. It should be further noted that, for the convenience of description, only some of the structures related to the present invention are shown in the drawings, not all of the structures.
In the prior art, when a login service system is required to perform login verification, a common mode of verification by adding a graphical verification code or a short message to an account password is adopted, and certificate verification and the like are also adopted in a relatively safe mode. However, these verification methods may be cracked, for example, scenes that an account password is exploded, a mobile phone is lost, a certificate UKEY is lost, a page is intercepted, a page is captured or recorded in other screens, a keyboard is monitored, and the like may cause information leakage. The nature of these problems is that it cannot be proven that the application for login is the login account owner himself. Therefore, a more secure and reliable login authentication method is needed.
The embodiment of the invention provides a login verification method, a login verification device, electronic equipment and a storage medium, which can perform multiple verification protection on a user account of a service system by combining biological characteristic verification, login code input equipment verification, key signature verification and login code verification.
Fig. 1 is a schematic flowchart of a login authentication method according to an embodiment of the present invention, which may be executed by a login authentication apparatus according to an embodiment of the present invention, where the login authentication apparatus may be implemented in software and/or hardware. In a specific embodiment, the apparatus may be integrated in an electronic device, which may be, for example, a computer, a server, or the like. The following embodiments will be described taking as an example the integration of the device in an electronic apparatus. Referring to fig. 1, the method may specifically include the following steps:
step 101, responding to a login request initiated by a user input login account to a service system, performing biological feature acquisition on the user by using a preset input device, unlocking the preset input device based on the biological feature of the user, verifying the identity of a login requester by acquiring the biological feature and based on the biological feature, and facilitating signature verification by using the unlocked preset input device subsequently.
Specifically, the login authentication method of the present invention can be executed by a PC of the service system.
Specifically, the login request may be a login request input by an input device such as a general keyboard or a mouse, or may be a login request input by the preset input device.
Specifically, as shown in fig. 2, the login request initiated by the user to the service system by inputting the login account may be a login service address input by the user on a service system interface of the PC terminal, and a login request initiated by a user name input on a service login page returned by the PC terminal.
Specifically, the biometric feature may be a fingerprint, a palm print, a finger vein, a palm vein, a face, an iris, a signature, or a voice, and the preset input device may be a keyboard, a mouse, or a writing screen having a biometric feature recognition function.
In a specific application, the process of unlocking the preset input device based on the user biological characteristics includes comparing and confirming the acquired user biological characteristics according to real biological characteristic information of the user corresponding to the login account, which is recorded by the preset input device in advance and stored in the preset input device, and unlocking the input device if the acquired user biological characteristics are consistent with the real biological characteristics.
In practical application, when the login account is registered or after the login account is registered, the real biometric feature of the user may be recorded in advance, and the recorded biometric feature information may be stored in the preset input device for verification during login.
Specifically, when the preset input device is used for collecting the biological features of the user, the local driver pre-installed in the preset input device may be called for collection.
The embodiment is suitable for a scenario where a dedicated preset input device is configured for each user, for example, a fingerprint mouse is configured for each user to log in a login account registered by the user in the service system.
And 102, acquiring a signature login code from the unlocked preset input equipment, inputting the login code by the preset input equipment through the signature login code, and signing the login code by using a private key stored in the preset input equipment to obtain the signature login code. The method and the system can be beneficial to verifying the signature login code by utilizing the public key corresponding to the private key at a server of a service system subsequently, so that the input equipment verification and the key signature verification can be carried out on a user applying for login on the basis of fingerprint login, the login code input by the input equipment verified by the fingerprint of the real user is ensured, and the verification protection of the login process is enhanced.
Specifically, the private key may be a private key in an asymmetric key pair generated in advance according to the cryptographic asymmetric cryptographic algorithm SM 2.
In an optional embodiment of the present invention, the login verification method further includes: and awakening the service soft keyboard before utilizing the preset input equipment to carry out biological characteristic acquisition on the user and unlocking the preset input equipment based on the biological characteristics of the user. Specifically, as shown in fig. 2, the software keyboard may be woken up by calling the crypto management system. Optionally, after the preset input device is unlocked based on the user biometric characteristic, the software disc may be ejected from a PC end section of the service system before the signature registration code is acquired from the unlocked preset input device.
Optionally, the process of inputting the registration code by the preset input device includes: and the preset input equipment clicks a service soft keyboard to input the registration code.
Specifically, as shown in fig. 2, when the preset input device clicks the service soft keyboard, the track content of the clicked service soft keyboard is recorded and identified to obtain the login code, and then the preset input device can sign the login code.
Specifically, the login code may be an authentication code corresponding to the login account, and may include various forms of random authentication codes such as a picture authentication code, a short message authentication code, a mailbox authentication code, and a voice authentication code.
Specifically, the login code may be a password, that is, a password that corresponds to the login account, is registered in advance, and is stored in the service system server.
In an optional embodiment of the present invention, the signing login code is obtained by inputting a login code by a preset input device, encrypting the input login code to obtain an encrypted login code, and signing the encrypted login code by using a private key stored in the preset input device.
Therefore, the login code can be prevented from being transmitted in a plaintext mode when being transmitted to the server of the service system, particularly when the login code is a password, so that the login code is protected.
103, submitting a login request carrying a signature login code to a server of the business system, so that the server of the business system checks the signature login code by using a public key corresponding to the private key, verifies the corresponding login code after the signature is checked, verifies the login code after the signature login code is checked, and then verifies and protects the login process by combining the biological characteristics of the user, the password of the user, the input equipment and the key signature algorithm, thereby improving the account security of the business system and avoiding the leakage of important information.
Optionally, the process of verifying the signature of the signature login code by the server of the service system using the public key corresponding to the private key includes: and after receiving the login request, the server of the service system acquires a pre-stored public key corresponding to the private key according to the login account, and verifies the signature by using the public key.
Specifically, after an asymmetric key pair is generated in advance according to the national secret asymmetric cryptographic algorithm SM2, the public key in the key pair is stored in advance in the server of the service system, and a mapping relationship with the corresponding user account is generated in the server of the service system, so that the corresponding public key can be correctly obtained according to the login account information when the signature verification is required.
In an optional embodiment of the present invention, the process of verifying the corresponding registration code after passing the verification of the signature includes: and after the signature verification is passed, decrypting the corresponding encrypted login code to obtain the corresponding login code.
Specifically, if the login code is signed after the login code is encrypted, the encrypted login code needs to be decrypted to obtain an original login code, and then the login code needs to be verified. This can make the process of authentication more secure.
In an alternative specific embodiment of the present invention, the login verification method further includes: and receiving a login response fed back by the server of the service system, wherein the login response is generated by the server of the service system according to a verification result of the corresponding login code.
Specifically, the login response includes a login success response, as shown in fig. 2, after the login response fed back by the server of the service system is received, the corresponding navigation skip can be performed, and the whole multiple verification login process combining the biometric verification, the login code input device verification, the key signature verification and the login code verification is completed, so that multiple verification protection is performed on the user account of the service system, the security of the account of the service system is improved, and important information is prevented from being leaked.
The login authentication method in another embodiment of the present invention is further described below, as shown in fig. 3, that is, step 101 includes the following steps:
step 1011, in response to a login request initiated by the user to the business system by inputting a login account, performing biological feature acquisition on the user by using a preset input device.
Step 1012, user identification is performed based on the user biometric.
Specifically, the process of identifying the user based on the biometric features of the user includes: and comparing, identifying and confirming the acquired user biological characteristics according to the real biological characteristic information of the user corresponding to the login account, which is pre-recorded and stored in the service end of the service system.
Specifically, the real biometric information may be recorded by using the preset input device, or may be recorded by using other biometric input devices.
And 1003, when the user identification is passed, unlocking the preset input equipment based on the user biological characteristics.
Specifically, the embodiment of the invention is suitable for configuring the same preset input equipment for a plurality of users, and can ensure that the login process is safer and more reliable. For example, a preset input device is shared by four persons, namely a person A, a person B, a person C and a person D, and if the person A wants to unlock the preset input device after inputting a login account of the person B, even if the biometric information of the person A is consistent with the pre-recorded real biometric information of the person A in the preset input device, the unlocking failure can be caused because the business system fails to identify the user.
Specifically, the same preset input device may be configured for a plurality of users, but each user is configured with a different key pair. Even if the preset input device can be unlocked, the private key used in signing is different because the key of each person is different, so that the account of other people cannot be logged in.
Fig. 4 is a structural diagram of a login authentication apparatus according to an embodiment of the present invention, which is adapted to execute the login authentication method according to the embodiment of the present invention. As shown in fig. 4, the apparatus may specifically include:
the first verification module 401 is configured to, in response to a login request initiated by a user inputting a login account to a service system, perform biometric acquisition on the user by using a preset input device, unlock the preset input device based on a biometric characteristic of the user, verify an identity of a login requester by acquiring the biometric characteristic and based on the biometric characteristic, and facilitate signature verification by using the unlocked preset input device.
Specifically, the login authentication device of the present invention is disposed at the PC side of the service system.
Specifically, the login request may be a login request input by an input device such as a general keyboard or a mouse, or may be a login request input by the preset input device.
Specifically, as shown in fig. 2, the login request initiated by the user input login account to the service system may be a login service address input by the user on the service system interface of the PC terminal, and a login request initiated by the user name input on a service login page returned by the PC terminal.
Specifically, the biometric feature may be a fingerprint, a palm print, a finger vein, a palm vein, a human face, an iris, a signature, or a voice, and the preset input device may be a keyboard, a mouse, or a writing screen having a biometric feature recognition function.
In a specific application, the first authentication module 401 may be configured to compare and confirm the acquired user biometric features according to real biometric feature information of the user corresponding to the login account, which is recorded by using the preset input device and stored in the preset input device in advance, and unlock the input device if the acquired user biometric features match with the real biometric features.
In practical applications, when the login account is registered, or after the login account is registered, the real biometric feature of the user may be recorded in advance, and the recorded biometric feature information may be stored in the preset input device for verification during login.
Specifically, when a preset input device is used for collecting the biological features of the user, the local driver pre-installed in the preset input device may be called for collection.
The embodiment is suitable for a scenario where a dedicated preset input device is configured for each user, for example, a fingerprint mouse is configured for each user to log in a login account registered by the user in the service system.
The second verification module 402 is configured to obtain a signature login code from the unlocked preset input device, where the signature login code is obtained by inputting the login code by the preset input device and signing the login code by using a private key stored in the preset input device, and is beneficial to verifying the signature login code by using a public key corresponding to the private key at a server of the service system, so that input device verification and key signature verification can be performed on a user who applies for login on the basis of fingerprint login, it is ensured that the login code is input by the input device that is verified by a real user fingerprint, and verification protection for the login process is enhanced.
Specifically, the private key may be a private key in an asymmetric key pair generated in advance according to the cryptographic asymmetric cryptographic algorithm SM 2.
In an optional embodiment of the present invention, the login verification apparatus further includes a soft keyboard wake-up module, configured to wake up the service soft keyboard before performing biometric acquisition on the user by using the preset input device and unlocking the preset input device based on the biometric characteristic of the user.
Specifically, the soft keyboard wake-up module may wake up the soft keyboard by calling the crypto management system. Optionally, the soft keyboard wake-up module may also perform the step of waking up the service software disk before acquiring the signature login code from the unlocked preset input device after unlocking the preset input device based on the biometric characteristic of the user.
Specifically, as shown in fig. 2, when the preset input device clicks the service soft keyboard, the track content of the clicked service soft keyboard is recorded and identified to obtain the login code, and then the preset input device can sign the login code.
Specifically, the login code may be an authentication code corresponding to the login account, and may include a picture authentication code, a short message authentication code, a mailbox authentication code, a voice authentication code, and other random authentication codes in various forms.
Specifically, the login code may be a password, that is, a password that corresponds to the login account, is registered in advance, and is stored in the service system server.
In an optional embodiment of the present invention, the signing login code is obtained by inputting a login code by a preset input device, encrypting the input login code to obtain an encrypted login code, and signing the encrypted login code by using a private key stored in the preset input device.
Therefore, the login code can be prevented from being transmitted in a plaintext mode when being transmitted to the server of the service system, particularly when the login code is a password, so that the login code is protected.
The third verification module 403 is configured to submit a login request carrying the signature login code to the server of the service system, so that the server of the service system verifies the signature login code by using the public key corresponding to the private key, and verifies the corresponding login code after the verification passes. Therefore, the login process can be verified and protected by combining the biological characteristics of the user, the password of the user, the input equipment and the key signature algorithm, the safety of the account of the business system is improved, and important information is prevented from being leaked.
Optionally, the process of the server of the service system verifying the signature of the signature login code by using the public key corresponding to the private key includes: and after receiving the login request, the server of the service system acquires a pre-stored public key corresponding to the private key according to the login account, and verifies the signature by using the public key.
Specifically, after an asymmetric key pair is generated in advance according to the public key asymmetric encryption algorithm SM2, the public key in the key pair is stored in advance in the server of the service system, and a mapping relationship with the corresponding user account is generated in the server of the service system, so that the corresponding public key can be correctly obtained according to the login account information when the signature is required to be checked.
In an optional embodiment of the present invention, the process of verifying the corresponding registration code after passing the verification of the signature includes: and after the signature verification is passed, decrypting the corresponding encrypted login code to obtain the corresponding login code.
Specifically, if the signed login code is obtained by encrypting the login code and then signing, the encrypted login code needs to be decrypted first to obtain the original login code, and then the login code needs to be verified. This can make the process of authentication more secure.
In an alternative embodiment of the present invention, the login verification apparatus further includes: and the server corresponding receiving module is used for receiving a login response fed back by the server of the service system, and the login response is generated by the server of the service system according to a verification result of the corresponding login code.
Specifically, after receiving a login response fed back by a server of the business system, the corresponding navigation skip can be performed, and multiple verification login processes of biological characteristic verification, login code input equipment verification, key signature verification and login code verification are combined in the whole process, so that multiple verification protection is performed on a user account of the business system, the safety of the account of the business system is improved, and important information leakage is avoided.
To further describe the login authentication device in another embodiment of the present invention, as shown in fig. 5, the first authentication module 401 includes:
the biological feature collection sub-module 4011 is configured to, in response to a login request initiated by a user inputting a login account to the service system, perform biological feature collection on the user by using a preset input device.
The user identification sub-module 4012 is configured to perform user identification based on the user biometric features.
Specifically, the user identification sub-module 4012 may be configured to compare, identify and confirm the collected user biological characteristics according to real biological characteristic information of the user, which is pre-recorded and stored in the service end of the business system, and corresponds to the login account.
Specifically, the real biometric information may be recorded by using the preset input device, or may be recorded by using other biometric input devices.
And the unlocking sub-module 4013 is configured to unlock the preset input device based on the biometric features of the user when the user passes the identification.
Specifically, the embodiment of the invention is suitable for configuring the same preset input equipment for a plurality of users, and can ensure that the login process is safer and more reliable. For example, a preset input device is shared by four persons, i.e., a person A, a person B, a person C and a person D, and if the person A wants to unlock the preset input device after inputting the login account of the person B, even if the biometric information of the person A is consistent with the pre-recorded real biometric information of the person A in the preset input device, the unlocking failure is caused because the business system fails to identify the user.
Specifically, the same preset input device may be configured for a plurality of users, but each user is configured with a different key pair. Even if the preset input device can be unlocked, the account of other people cannot be logged in because the private key used in signature is different due to different keys of each person.
It is obvious to those skilled in the art that, for convenience and simplicity of description, the foregoing division of the functional modules is merely used as an example, and in practical applications, the above function distribution may be performed by different functional modules according to needs, that is, the internal structure of the device is divided into different functional modules to perform all or part of the above described functions. For the specific working process of the functional module, reference may be made to the corresponding process in the foregoing method embodiment, which is not described herein again.
The embodiment of the present invention further provides an electronic device, which includes a memory, a processor, and a computer program that is stored in the memory and can be run on the processor, and when the processor executes the computer program, the login authentication method provided in any of the above embodiments is implemented.
The embodiment of the invention also provides a computer readable medium, on which a computer program is stored, and the program is executed by a processor to implement the login authentication method provided by any one of the above embodiments.
Referring now to FIG. 6, shown is a block diagram of a computer system 600 suitable for use with the electronic device implementing an embodiment of the present invention. The electronic device shown in fig. 6 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiment of the present invention.
As shown in fig. 6, the computer system 600 includes a Central Processing Unit (CPU) 601 that can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM) 602 or a program loaded from a storage section 608 into a Random Access Memory (RAM) 603. In the RAM 603, various programs and data necessary for the operation of the system 600 are also stored. The CPU 601, ROM 602, and RAM 603 are connected to each other via a bus 604. An input/output (I/O) interface 605 is also connected to bus 604.
The following components are connected to the I/O interface 605: an input portion 606 including a keyboard, a mouse, and the like; an output portion 607 including a display such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; a storage section 608 including a hard disk and the like; and a communication section 609 including a network interface card such as a LAN card, a modem, or the like. The communication section 609 performs communication processing via a network such as the internet. The driver 610 is also connected to the I/O interface 605 as needed. A removable medium 611 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 610 as necessary, so that a computer program read out therefrom is mounted in the storage section 608 as necessary.
In particular, according to the embodiments of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network through the communication section 609, and/or installed from the removable medium 611. The computer program performs the above-described functions defined in the system of the present invention when executed by the Central Processing Unit (CPU) 601.
It should be noted that the computer readable medium shown in the present invention can be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present invention, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In the present invention, however, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The modules and/or units described in the embodiments of the present invention may be implemented by software, and may also be implemented by hardware. The described modules and/or units may also be provided in a processor, and may be described as: a processor includes a first authentication module, a second authentication module, and a third authentication module. Wherein the names of the modules do not in some cases constitute a limitation of the module itself.
As another aspect, the present invention also provides a computer-readable medium, which may be contained in the apparatus described in the above embodiments; or may be separate and not incorporated into the device.
The above-described embodiments should not be construed as limiting the scope of the invention. Those skilled in the art will appreciate that various modifications, combinations, sub-combinations, and substitutions can occur, depending on design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (10)

1. A login authentication method, comprising:
responding to a login request initiated by a user input login account to a service system, carrying out biological feature acquisition on the user by using a preset input device, and unlocking the preset input device based on the biological feature of the user;
acquiring a signature login code from the unlocked preset input device, wherein the signature login code is obtained by inputting the login code into the preset input device and signing the login code by using a private key stored in the preset input device; and
submitting the login request carrying the signature login code to a server of the business system so that the server of the business system checks the signature login code by using a public key corresponding to the private key and verifies the corresponding login code after the signature check is passed.
2. The login authentication method according to claim 1, further comprising:
and receiving a login response fed back by the server of the service system, wherein the login response is generated by the server of the service system according to a verification result of the corresponding login code.
3. The login authentication method of claim 1, wherein the process of unlocking the preset input device based on the user biometric characteristic comprises:
performing user identification based on the user biometric features; and
and when the user identification is passed, unlocking the preset input equipment based on the user biological characteristics.
4. The login authentication method according to claim 1,
and the signature login code is obtained by inputting the login code by the preset input equipment, encrypting the input login code to obtain an encrypted login code and then signing the encrypted login code by using a private key stored in the preset input equipment.
5. The login authentication method of claim 4, wherein the authentication of the corresponding login code after passing the verification comprises: and after the signature verification is passed, decrypting the corresponding encrypted login code to obtain the corresponding login code.
6. The login authentication method according to claim 1, further comprising:
waking up a service soft keyboard;
the process of inputting the registration code by the preset input device comprises the following steps: and the preset input equipment clicks the service soft keyboard to input the registration code.
7. The login authentication method of claim 1, wherein the login code comprises a login password and/or a login authentication code.
8. A login authentication apparatus, comprising:
the first verification module is used for responding to a login request initiated by a user input login account to a service system, utilizing preset input equipment to carry out biological feature acquisition on the user, and unlocking the preset input equipment based on the biological features of the user;
the second verification module is used for acquiring a signature login code from the unlocked preset input equipment, inputting the login code into the preset input equipment through the signature login code, and signing the login code by using a private key stored in the preset input equipment to obtain the signature login code; and
and the third verification module is used for submitting the login request carrying the signature login code to the server of the business system so as to enable the server of the business system to verify the signature login code by using the public key corresponding to the private key and verify the corresponding login code after the signature verification is passed.
9. An electronic device comprising a memory, a processor and a computer program stored on said memory and executable on said processor, wherein said processor implements a login authentication method according to any one of claims 1 to 7 when executing said program.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out a login authentication method according to any one of claims 1 to 7.
CN202310020045.4A 2023-01-06 2023-01-06 Login verification method and device, electronic equipment and storage medium Pending CN115967581A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310020045.4A CN115967581A (en) 2023-01-06 2023-01-06 Login verification method and device, electronic equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310020045.4A CN115967581A (en) 2023-01-06 2023-01-06 Login verification method and device, electronic equipment and storage medium

Publications (1)

Publication Number Publication Date
CN115967581A true CN115967581A (en) 2023-04-14

Family

ID=87363272

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310020045.4A Pending CN115967581A (en) 2023-01-06 2023-01-06 Login verification method and device, electronic equipment and storage medium

Country Status (1)

Country Link
CN (1) CN115967581A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116629887A (en) * 2023-07-20 2023-08-22 鼎铉商用密码测评技术(深圳)有限公司 Registration method, authentication method, device and storage medium based on biological characteristics

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116629887A (en) * 2023-07-20 2023-08-22 鼎铉商用密码测评技术(深圳)有限公司 Registration method, authentication method, device and storage medium based on biological characteristics

Similar Documents

Publication Publication Date Title
CN111614637B (en) Secure communication method and system based on software cryptographic module
CN107070667B (en) Identity authentication method
US20220191012A1 (en) Methods For Splitting and Recovering Key, Program Product, Storage Medium, and System
US10313317B2 (en) Systems and methods for securely managing biometric data
WO2017000829A1 (en) Method for checking security based on biological features, client and server
US9189612B2 (en) Biometric verification with improved privacy and network performance in client-server networks
US11394712B2 (en) Secure account access
CN105373924B (en) System for providing safe payment function for terminal equipment
CN111431719A (en) Mobile terminal password protection module, mobile terminal and password protection method
US20150082390A1 (en) Method and a system for secure login to a computer, computer network, and computer website using biometrics and a mobile computing wireless electronic communication device
CN109150535A (en) A kind of identity identifying method, equipment, computer readable storage medium and device
CN109067766A (en) A kind of identity identifying method, server end and client
WO2018072588A1 (en) Approval signature verification method, mobile device, terminal device, and system
CN112232814A (en) Encryption and decryption method of payment key, payment authentication method and terminal equipment
WO1999012144A1 (en) Digital signature generating server and digital signature generating method
CN109462572B (en) Multi-factor authentication method, system, storage medium and security gateway based on encryption card and UsbKey
CN113872989B (en) SSL protocol-based authentication method, SSL protocol-based authentication device, computer equipment and storage medium
KR101792220B1 (en) Method, mobile terminal, device and program for providing user authentication service of combining biometric authentication
CN115967581A (en) Login verification method and device, electronic equipment and storage medium
CN108959883B (en) Network identity real-name authentication method based on quick response matrix code
CN110995661B (en) Network card platform
CN112862484A (en) Secure payment method and device based on multi-terminal interaction
CN111600701A (en) Private key storage method and device based on block chain and storage medium
CN114584324B (en) Identity authorization method and system based on block chain
WO2023004491A2 (en) Methods and systems for generating and validating uses of digital credentials and other documents

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination