TW202137032A - Dynamic password system and method for obtaining dynamic password - Google Patents

Dynamic password system and method for obtaining dynamic password Download PDF

Info

Publication number
TW202137032A
TW202137032A TW109110345A TW109110345A TW202137032A TW 202137032 A TW202137032 A TW 202137032A TW 109110345 A TW109110345 A TW 109110345A TW 109110345 A TW109110345 A TW 109110345A TW 202137032 A TW202137032 A TW 202137032A
Authority
TW
Taiwan
Prior art keywords
account
information
community
real
time password
Prior art date
Application number
TW109110345A
Other languages
Chinese (zh)
Other versions
TWI772768B (en
Inventor
李孝琪
劉乃文
劉安祥
李名瀚
Original Assignee
中興保全科技股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中興保全科技股份有限公司 filed Critical 中興保全科技股份有限公司
Priority to TW109110345A priority Critical patent/TWI772768B/en
Publication of TW202137032A publication Critical patent/TW202137032A/en
Application granted granted Critical
Publication of TWI772768B publication Critical patent/TWI772768B/en

Links

Images

Landscapes

  • Preparation Of Compounds By Using Micro-Organisms (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

A dynamic password system includes an account management host, a service host and a chat bot account. The account management host includes an account database and a dynamic password module. The account database includes a plurality of account information, wherein each of the account information includes a community account and real-time password information. The dynamic password module changes the real-time password information of each account information according to a change rules. The service host is connected to the account management host. When the service host receives the community account and a query instruction, the service host checks whether the community account exists in the account database and obtains the real-time password information corresponding the community account. The chat bot account is set on an instant messaging server. When a mobile device is connected the instant messaging server, the chat bot account sent the query instruction and the community account to the service host, and obtains the real-time password information corresponding to the community account.

Description

動態密碼系統與取得動態密碼的方法Dynamic password system and method for obtaining dynamic password

一種密碼系統,尤其是一種動態密碼系統。A cryptographic system, especially a dynamic cryptographic system.

在一些企業中,員工每日上班在開啟工作電腦時,需要登入企業內部的區域網路,使用內部區域網路中的資源或訊息,以進行個人的工作。每一個員工有其專屬的工作帳號與登入密碼,當登入內部區域網路後取得其部門權限或個人權限。In some companies, employees need to log in to the company's internal local network when they turn on their work computers every day when they go to work, and use the resources or messages in the internal local network to perform personal work. Each employee has his own work account and login password. After logging in to the intranet, he obtains his or her departmental authority or personal authority.

因此,為了確保內部區域網路的安全性,避免工作帳號被他人冒用,通常會建議員工定期變更登入密碼。然而,由於惰性,多數人在未發生意外前,並不會變更登入密碼,再者,反覆變更的密碼不易記憶,使用上非常不便。Therefore, in order to ensure the security of the internal local area network and avoid fraudulent use of work accounts by others, it is usually recommended that employees change their login passwords on a regular basis. However, due to inertia, most people will not change the login password before an accident occurs. Moreover, the password that is changed repeatedly is not easy to remember, and it is very inconvenient to use.

鑑於上述問題,本發明提供一種動態密碼系統包含帳號管理主機、服務主機以及聊天機器人帳號。帳號管理主機包含:帳號資料庫,包含複數帳號資訊,每帳號資訊包含社群帳號與即時密碼資訊;及動態密碼模組,依照變更規則變更每帳號資訊之即時密碼資訊。服務主機連接帳號管理主機,於接收社群帳號與詢問指令時,比對社群帳號是否存在於帳號資料庫,並依據詢問指令取得對應社群帳號的即時密碼資訊。聊天機器人帳號,設置於即時通訊伺服器,當行動裝置連接即時通訊伺服器,以一個社群帳號傳送詢問指令予聊天機器人帳號,聊天機器人帳號傳送社群帳號與詢問指令至服務主機,並自服務主機取得對應社群帳號的即時密碼資訊。In view of the foregoing problems, the present invention provides a dynamic password system including an account management host, a service host, and a chat robot account. The account management host includes: account database, including plural account information, each account information includes community account and real-time password information; and dynamic password module, which changes the real-time password information of each account information according to the change rules. The service host is connected to the account management host, and when receiving the community account and the inquiry instruction, it checks whether the community account exists in the account database, and obtains the real-time password information of the corresponding community account according to the inquiry instruction. The chat bot account is set on the instant messaging server. When the mobile device is connected to the instant messaging server, a social account is used to send inquiry commands to the chat bot account. The chat bot account sends the community account and inquiry instructions to the service host and serves itself. The host obtains the real-time password information of the corresponding community account.

本發明也提供一種取得動態密碼的方法,包含以下步驟:建立複數帳號資訊,每一個帳號資訊包含社群帳號與即時密碼資訊;依照變更規則變更每帳號資訊之即時密碼資訊;以一個社群帳號傳送詢問指令予聊天機器人帳號;以聊天機器人帳號傳送社群帳號與查詢指令;以服務主機接收社群帳號與查詢指令,依據查詢指令取得對應社群帳號的即時密碼資訊;以聊天機器人帳號接收對應社群帳號的即時密碼資訊,並傳送即時密碼資訊至社群帳號。The present invention also provides a method for obtaining dynamic passwords, which includes the following steps: creating plural account information, each account information including community account and real-time password information; changing the real-time password information of each account information according to the change rule; using a community account Send inquiry commands to the chatbot account; send community accounts and query commands through the chatbot account; receive community accounts and query commands through the service host, obtain the real-time password information of the corresponding community accounts according to the query instructions; receive the correspondence through the chatbot account Real-time password information of the community account, and send real-time password information to the community account.

透過本發明所揭示的動態密碼系統與取得動態密碼的方法,使用者無需安裝額外的應用程式或是經過繁複的身分驗證程序,便可取得專屬使用者的即時密碼資訊。換言之,由於使用者已於創建社群帳號時驗證身分,透過社群帳號傳送詢問指令,可省略再次驗證身分的程序。並且,使用者於應用程序介面輸入文字即可查詢密碼,操作方式相當直覺。Through the dynamic password system and the method for obtaining the dynamic password disclosed in the present invention, the user does not need to install additional applications or go through complicated identity verification procedures to obtain the real-time password information of the exclusive user. In other words, since the user has already verified the identity when creating the community account, sending the inquiry command through the community account can omit the process of re-verifying the identity. Moreover, the user can query the password by entering text in the application interface, and the operation method is quite intuitive.

以下舉出具體實施例以詳細說明本發明之內容,並以圖式作為輔助說明。說明書中提及之符號係參閱符號說明。Specific embodiments are listed below to illustrate the content of the present invention in detail, and the drawings are used as an auxiliary description. The symbols mentioned in the manual refer to the symbol description.

請參閱圖1所示,圖1為本發明一實施例之動態密碼之系統方塊圖(一)。本發明之動態密碼系統主要包含帳號管理主機1、服務主機2以及聊天機器人帳號31。Please refer to FIG. 1. FIG. 1 is a block diagram (1) of a dynamic password system according to an embodiment of the present invention. The dynamic password system of the present invention mainly includes an account management host 1, a service host 2, and a chat robot account 31.

帳號管理主機1主要包含帳號資料庫11與動態密碼模組13。於一實施態樣,帳號資料庫11包含複數帳號資訊,每一個帳號資訊包含一個社群帳號41與一個對應社群帳號41的即時密碼資訊。在此,社群帳號41可為各種即時通訊軟體(Instant Messenger)之帳號,例如是Messenger、LINE、Wechat或WhatsApp等,也可以是社群網路軟體(Social Network APP)之帳號,例如是Facebook或Instagram等,然而本發明不以此為限。例如在帳號資訊的帳號資訊中,社群帳號41可以是員工甲的LINE帳號,即時密碼資訊則可以是員工甲的工作電腦的登入密碼,並非是員工甲的LINE的密碼。The account management host 1 mainly includes an account database 11 and a dynamic password module 13. In an implementation aspect, the account database 11 includes plural account information, and each account information includes a social account 41 and real-time password information corresponding to the social account 41. Here, the social account 41 can be an account of various instant messaging software (Instant Messenger), such as Messenger, LINE, Wechat or WhatsApp, etc., or it can be an account of social network software (Social Network APP), such as Facebook Or Instagram, etc., but the present invention is not limited to this. For example, in the account information of the account information, the community account 41 can be employee A's LINE account, and the real-time password information can be the login password of employee A's work computer, not the password of employee A's LINE.

然而,於另一實施態樣中,每一個帳號資訊除了包含一個社群帳號41與一個對應社群帳號41的即時密碼資訊,更可包含一個對應社群帳號41的身分資訊,身分資訊例如是員工編號或是身分證字號等,也就是說,例如在帳號資訊的帳號資訊中,社群帳號41可以是員工甲的LINE帳號,身分資訊例如是員工甲的員工編號或是身分證字號,即時密碼資訊則可以是員工甲的工作電腦的登入密碼,因此,在帳號資料庫11中,可利用員工甲的社群帳號41查詢(或取得)員工甲的身分資訊(例如員工編號或是身分證字號)與員工甲的即時密碼資訊(例如工作電腦的登入密碼),亦可利用員工甲的身分資訊查詢(或取得)員工甲的社群帳號41與即時密碼資訊。However, in another implementation aspect, each account information includes not only a social account 41 and a real-time password information corresponding to the social account 41, but also the identity information of a corresponding social account 41. The identity information is, for example, Employee ID or ID number, etc., that is to say, in the account information of account information, the social account 41 can be employee A’s LINE account, and the identity information is, for example, employee A’s employee number or ID number, in real time The password information can be the login password of employee A’s work computer. Therefore, in the account database 11, employee A’s social account 41 can be used to query (or obtain) employee A’s identity information (such as employee number or identity card) Font size) and employee A’s real-time password information (such as the login password of the work computer), and employee A’s identity information can also be used to query (or obtain) employee A’s social account 41 and real-time password information.

動態密碼模組13,依照變更規則變更每帳號資訊之即時密碼資訊。在此,變更規則例如是密碼設定規則,如密碼必須由大寫字母加上數字共八位等。並且,動態密碼模組13可以是於定期地依照變更規則變更每個帳號資訊之即時密碼資訊,舉例來說,動態密碼模組13於每日早上5點變更每一個帳號所對應的密碼。此外,動態密碼模組13也可以不定期地依照變更規則變更即時密碼資訊,例如,隨機於間隔3、4、5或6小時變更每一個帳號所對應的密碼。避免不法人士取得密碼後盜用內部網路的資訊,或是破壞內部網路的資訊。The dynamic password module 13 changes the real-time password information of each account information according to the change rules. Here, the change rule is, for example, a password setting rule, for example, the password must consist of a capital letter plus a number, a total of eight digits, etc. In addition, the dynamic password module 13 can periodically change the real-time password information of each account information according to the change rule. For example, the dynamic password module 13 changes the password corresponding to each account at 5 o'clock every morning. In addition, the dynamic password module 13 can also change the real-time password information from time to time according to the change rules, for example, randomly change the password corresponding to each account at an interval of 3, 4, 5, or 6 hours. Prevent illegal persons from stealing information on the internal network after obtaining the password, or destroying the information on the internal network.

聊天機器人帳號31,設置於即時通訊伺服器3。在此,即時通訊伺服器3為前述通訊軟體或社群網路軟體之伺服器,而聊天機器人帳號31為設置於前述即時通訊軟體或社群網路軟體的聊天機器人的帳號。使用者(例如企業的員工)的社群帳號41與聊天機器人帳號31建立連接關係後(即在前述即時通訊軟體或社群網路軟體中加聊天機器人為好友),可透過應用程序介面(API,Application Interface)與社群帳號41互動。The chat robot account 31 is set on the instant messaging server 3. Here, the instant communication server 3 is a server of the aforementioned communication software or social network software, and the chat robot account 31 is an account of a chat robot set in the aforementioned instant communication software or social network software. After establishing a connection between the social account 41 of the user (such as an employee of an enterprise) and the chatbot account 31 (that is, adding the chatbot as a friend in the aforementioned instant messaging software or social network software), they can use the application program interface (API , Application Interface) interact with community account 41.

請參閱圖1與圖3A所示,圖3A為本發明一實施例之動態密碼系統之行動裝置的外觀示意圖(一)。使用者例如企業的員工甲,當其過社群帳號41傳送詢問指令,舉例來說,員工甲於行動裝置4的LINE聊天介面輸入「我要密碼」或「密碼」等文字,接著,聊天機器人帳號31根據詢問指令傳送員工甲之社群帳號41(即員工甲的LINE ID)與詢問指令至即時通訊伺服器3,再由即時通訊伺服器3自服務主機2取得對應員工甲之社群帳號41的即時密碼資訊。在此,服務主機2例如是企業內部網路的主機,而行動裝置4例如是行動電話、平板電腦等,又或是智慧型手錶等其他可攜式電子裝置。Please refer to FIG. 1 and FIG. 3A. FIG. 3A is a schematic diagram (1) of the appearance of a mobile device of a dynamic password system according to an embodiment of the present invention. A user, such as employee A of a company, sends an inquiry command through the social account 41. For example, employee A enters the text "I want a password" or "password" on the LINE chat interface of mobile device 4, and then the chat robot Account 31 sends employee A’s social account 41 (ie employee A’s LINE ID) and the query command to IM server 3 according to the query command, and then IM server 3 obtains the corresponding social account of employee A from service host 2 41 real-time password information. Here, the service host 2 is, for example, the host of an enterprise intranet, and the mobile device 4 is, for example, a mobile phone, a tablet computer, etc., or other portable electronic devices such as a smart watch.

接下來,服務主機2接收社群帳號41與詢問指令後,依據員工甲的社群帳號41取得帳號管理主機1內對應社群帳號41的即時密碼資訊,並傳送至即時通訊伺服器3,聊天機器人帳號31即可取得即時密碼資訊後,顯示於員工甲於行動裝置4的LINE聊天介面(即安裝在行動裝置4上之通訊軟體),此時,員工甲取得即時密碼資訊而可進行登入工作電腦的程序,並於員工甲的工作電腦登入後,進入內部區域網路並依據其部門權限或個人權限取得工作訊息。Next, after the service host 2 receives the social account 41 and the inquiry command, it obtains the real-time password information of the corresponding social account 41 in the account management host 1 according to the social account 41 of employee A, and sends it to the instant messaging server 3 for chat After the robot account 31 can obtain the real-time password information, it will be displayed on the LINE chat interface of employee A on mobile device 4 (ie the communication software installed on mobile device 4). At this time, employee A can obtain the real-time password information and can log in Computer program, and after employee A’s work computer is logged in, he enters the internal area network and obtains work information according to his departmental authority or personal authority.

由前述可知,多個使用者(意即多個員工)可分別以其社群帳號41與同一個聊天機器人帳號31建立連接(意即加為好友),不同使用者以不同的社群帳號41透過聊天機器人帳號31取得其個人的即時密碼資訊。由於社群帳號41具有綁定功能,例如綁定手機門號,因此,使用者是無法使用他人的社群帳號41取得非屬本人的即時密碼資訊,可避免遭到同事或他人盜取即時密碼資訊。From the foregoing, it can be seen that multiple users (meaning multiple employees) can use their community accounts 41 to establish a connection with the same chatbot account 31 (meaning add as friends), and different users use different community accounts 41. Get their personal real-time password information through the chatbot account 31. Because the community account 41 has binding functions, such as binding a mobile phone number, users cannot use another’s community account 41 to obtain real-time password information that is not their own, which can avoid the theft of real-time passwords by colleagues or others News.

因此,透過本發明所揭示的動態密碼系統,使用者無需安裝額外的應用程式或是經過繁複的身分驗證程序,便可取得自己的即時密碼資訊,並且,任何人均無法使用他人的社群帳號41取得非屬本人的即時密碼資訊。再者,使用者於應用程序介面輸入文字即可查詢密碼,操作方式相當直覺。Therefore, through the dynamic password system disclosed in the present invention, users can obtain their own real-time password information without installing additional applications or going through complicated identity verification procedures, and no one can use another's social account 41 Obtain real-time password information that is not yours. In addition, the user can query the password by entering text in the application interface, and the operation method is quite intuitive.

請參閱圖2所示,圖2為本發明一實施例之動態密碼之系統方塊圖(二)。於一實施態樣,使用者可經由行動裝置4掃描條碼資訊5,使社群帳號41與聊天機器人帳號31建立連接關係。在此,行動裝置4更可包含掃描模組42,掃描條碼資訊5後,取得聊天機器人帳號31的ID後,能聊天機器人帳號31建立連接關係並與聊天機器人帳號31互動。在此,條碼資訊5可以印刷於員工手冊、海報、貼紙等印刷品上,抑或是以郵件發送並顯示於顯示屏幕上。Please refer to FIG. 2. FIG. 2 is a block diagram (2) of a dynamic password system according to an embodiment of the present invention. In an implementation aspect, the user can scan the barcode information 5 via the mobile device 4 to establish a connection relationship between the social account 41 and the chat robot account 31. Here, the mobile device 4 may further include a scanning module 42. After scanning the barcode information 5 and obtaining the ID of the chat robot account 31, the chat robot account 31 can establish a connection relationship and interact with the chat robot account 31. Here, the barcode information 5 can be printed on prints such as employee handbooks, posters, stickers, etc., or sent by mail and displayed on the display screen.

請再參閱圖2所示。於一實施態樣,帳號資料庫11於建立一個新的社群帳號時,自動產生對應社群帳號41之ID的即時密碼資訊。在此,帳號管理主機1更可包含密碼產生模組15,自動地產生對應於社群帳號41的即時密碼資訊。舉例來說,當有新進員工,並將其社群帳號41(例如是LINE ID)建立於帳號資料庫11的同時,密碼產生模組15便會自動地產生對應新進員工社群帳號41的即時密碼資訊,惟本發明不以此為限,帳號資料庫11於建立一個新的社群帳號41時,也可由使用者(例如新進員工或資訊管理人員)自行設定對應的即時密碼資訊。Please refer to Figure 2 again. In an implementation aspect, the account database 11 automatically generates real-time password information corresponding to the ID of the community account 41 when a new community account is created. Here, the account management host 1 may further include a password generation module 15 to automatically generate real-time password information corresponding to the community account 41. For example, when there is a new employee and their community account 41 (such as LINE ID) is created in the account database 11, the password generation module 15 will automatically generate a real-time corresponding to the new employee’s community account 41. Password information, but the present invention is not limited to this. When the account database 11 creates a new community account 41, users (such as new employees or information management personnel) can also set corresponding real-time password information by themselves.

請參閱圖3B所示,為本發明一實施例之動態密碼系統之行動裝置的外觀示意圖(二)。於一實施態樣,使用者也可以選擇退出本發明的動態密碼系統,詳細而言,使用者透過社群帳號41傳送退出指令,例如於行動裝置4的LINE聊天介面輸入「我要退出」或「退出」等文字,接著聊天機器人帳號31根據退出指令傳送網路位址,使用者可透過網路位址連接至網頁,並於網頁操作退出的程序,並於退出之後,動態密碼模組13不再變更其帳號資訊之即時密碼資訊,或是於退出之後,聊天機器人帳號31不再提供即時密碼資訊之查詢或取得功能。Please refer to FIG. 3B, which is a schematic diagram (2) of the appearance of a mobile device of a dynamic password system according to an embodiment of the present invention. In an implementation aspect, the user can also choose to opt out of the dynamic password system of the present invention. Specifically, the user sends an opt-out command through the social account 41, such as inputting "I want to quit" on the LINE chat interface of the mobile device 4 or "Logout" and other text, and then the chatbot account 31 sends the network address according to the logout command. The user can connect to the web page through the network address and operate the exit procedure on the web page. After logout, the dynamic password module 13 No longer change the real-time password information of its account information, or after logging out, the chatbot account 31 no longer provides the function of querying or obtaining real-time password information.

請參閱圖4所示,圖4為本發明的其中一些實施例之取得動態密碼的方法的步驟流程圖。取得動態密碼的方法,包含以下步驟:Please refer to FIG. 4, which is a flowchart of the method for obtaining a dynamic password according to some embodiments of the present invention. The method of obtaining a dynamic password includes the following steps:

步驟S01:建立複數帳號資訊,每一個帳號資訊包含社群帳號41與即時密碼資訊。Step S01: Create plural account information, and each account information includes community account 41 and real-time password information.

複數帳號資訊係建立於帳號資料庫11,每一個帳號資訊包含一個社群帳號41與一個對應社群帳號41的即時密碼資訊,其同於前述說明,故於此不再累述。The plural account information is established in the account database 11. Each account information includes a community account 41 and a real-time password information corresponding to the community account 41, which are the same as the above description, so it will not be repeated here.

步驟S02:依照變更規則變更每帳號資訊之即時密碼資訊。Step S02: Change the real-time password information of each account information according to the change rule.

係透過帳號管理主機1的動態密碼模組13變更即時密碼資訊。動態密碼模組13可定期或不定期變更每帳號資訊之即時密碼資訊,其相同於前文舉例說明,故於此不再累述。The real-time password information is changed through the dynamic password module 13 of the account management host 1. The dynamic password module 13 can periodically or irregularly change the real-time password information of each account information, which is the same as the previous example, so it will not be repeated here.

步驟S03:以一個社群帳號41傳送詢問指令予聊天機器人帳號31。Step S03: Use a community account 41 to send an inquiry command to the chat robot account 31.

使用者以行動裝置4將其社群帳號41與聊天機器人帳號31建立連結後(即在前述即時通訊軟體或社群網路軟體中加聊天機器人為好友),傳送詢問指令予聊天機器人帳號31,例如使用者於行動裝置4的LINE聊天介面輸入「我要密碼」或「密碼」等文字。在此,行動裝置4、聊天機器人帳號31同於前述說明,故於此不再累述。After the user establishes a link between his social account 41 and the chat robot account 31 with the mobile device 4 (that is, the chat robot is added as a friend in the aforementioned instant messaging software or social network software), the user sends an inquiry command to the chat robot account 31. For example, the user enters the text "I want a password" or "password" on the LINE chat interface of the mobile device 4. Here, the mobile device 4 and the chat robot account 31 are the same as the above description, so they will not be repeated here.

步驟S04:以聊天機器人帳號31傳送社群帳號41與詢問指令。Step S04: Use the chat robot account 31 to transmit the community account 41 and the inquiry instruction.

聊天機器人帳號31係設置於即時通訊伺服器3,詢問指令係透過聊天機器人帳號31傳送至即時通訊伺服器3,即時通訊伺服器3進一步傳送前述社群帳號41與詢問指令於服務主機2,其相同於前述說明,故於此不再累述。The chat bot account 31 is set on the instant messaging server 3. The query command is sent to the instant messaging server 3 through the chat bot account 31. The instant messaging server 3 further sends the aforementioned social account 41 and query command to the service host 2. It is the same as the above description, so it will not be repeated here.

步驟S05:以服務主機2接收社群帳號41之ID與詢問指令,依據詢問指令取得對應社群帳號41的即時密碼資訊。Step S05: The service host 2 receives the ID of the community account 41 and the query instruction, and obtains the real-time password information of the corresponding community account 41 according to the query instruction.

服務主機2接收社群帳號41與詢問指令後,依據社群帳號41取得帳號管理主機1內對應社群帳號41的即時密碼資訊,並傳送至即時通訊伺服器3,其相同於前述說明,故於此不再累述。After receiving the community account 41 and the inquiry command, the service host 2 obtains the real-time password information of the corresponding community account 41 in the account management host 1 according to the community account 41, and sends it to the instant messaging server 3, which is the same as the above description, so I will not repeat it here.

步驟S06:以聊天機器人帳號31接收對應社群帳號41的即時密碼資訊,並傳送即時密碼資訊至社群帳號41。Step S06: Use the chat robot account 31 to receive the real-time password information corresponding to the community account 41, and send the real-time password information to the community account 41.

服務主機2傳送對應社群帳號41的即時密碼資訊於即時通訊伺服器3,顯示於行動裝置4包含聊天機器人帳號31與社群帳號41的聊天室,意即,傳送即時密碼資訊至社群帳號41。此時,使用者取得即時密碼資訊而可進行後續的登入程序,其相同於前述說明,故於此不再累述。The service host 2 sends the real-time password information corresponding to the social account 41 to the instant messaging server 3 and displays it on the mobile device 4 in the chat room containing the chat robot account 31 and the social account 41, which means that the real-time password information is sent to the social account 41. At this time, the user obtains the real-time password information and can perform the subsequent login procedure, which is the same as the above description, so it will not be repeated here.

於一實施態樣,於前述步驟S01,建立複數帳號資訊之步驟中,更包含步驟:自動產生對應社群帳號41的即時密碼資訊,換言之,建立複數帳號資訊於帳號管理主機1的同時,會自動產生對應社群帳號41的即時密碼資訊。In an implementation aspect, in the step S01, the step of creating plural account information, it further includes the step of automatically generating real-time password information corresponding to the social account 41. In other words, creating plural account information at the same time as the account management host 1 The real-time password information corresponding to the community account 41 is automatically generated.

在此,如前所述,帳號管理主機1更可包含密碼產生模組15,產生專屬於社群帳號41之ID的即時密碼資訊。須說明的是,然而本發明不以此為限,也可由使用者自行設定密碼。Here, as mentioned above, the account management host 1 may further include a password generation module 15 to generate real-time password information of the ID unique to the community account 41. It should be noted that, however, the present invention is not limited to this, and the password can also be set by the user.

於一實施態樣,於前述步驟S03以一個社群帳號41傳送詢問指令予聊天機器人帳號31之步驟前,可以包含步驟:掃描條碼資訊5,而使社群帳41號與聊天機器人帳號31建立連接關係。In an implementation aspect, before the step of sending an inquiry command to the chat robot account 31 with a social account 41 in the aforementioned step S03, it may include the step of scanning the barcode information 5, and the social account 41 and the chat robot account 31 are established Connection relationship.

行動裝置4更可包含掃描模組42,掃描條碼資訊5後,取得聊天機器人帳號31的ID,而能與聊天機器人帳號31互動,其同於前述說明,故於此不再累述。The mobile device 4 may further include a scanning module 42. After scanning the barcode information 5, the ID of the chat robot account 31 is obtained, and the chat robot account 31 can be interacted with. This is the same as the above description, so it will not be repeated here.

綜上所述,透過本發明所揭示的動態密碼與取得動態密碼的方法,使用者無需安裝額外的應用程式或是經過繁複的身分驗證程序,便可取得自己的即時密碼資訊,並且,任何人均無法使用他人的社群帳號41取得非屬本人的即時密碼資訊。再者,使用者於應用程序介面輸入文字即可查詢密碼,操作方式相當直覺。In summary, through the dynamic password and the method for obtaining the dynamic password disclosed in the present invention, users can obtain their own real-time password information without installing additional applications or going through complicated identity verification procedures. It is not possible to use another's social account 41 to obtain real-time password information that is not his own. In addition, the user can query the password by entering text in the application interface, and the operation method is quite intuitive.

雖然本發明的技術內容已經以較佳實施例揭露如上,然其並非用以限定本發明,任何熟習此技藝者,在不脫離本發明之精神所作些許之更動與潤飾,皆應涵蓋於本發明的範疇內,因此本發明之保護範圍當視後附之申請專利範圍所界定者為準。Although the technical content of the present invention has been disclosed in the preferred embodiments as above, it is not intended to limit the present invention. Anyone who is familiar with this technique and makes some changes and modifications without departing from the spirit of the present invention should be covered by the present invention. Therefore, the scope of protection of the present invention shall be subject to the scope of the attached patent application.

1:帳號管理主機 11:帳號資料庫 13:動態密碼模組 15:密碼產生模組 2:服務主機 3:即時通訊伺服器 31:聊天機器人帳號 4:行動裝置 41:社群帳號 42:掃描模組 5:條碼資訊 S01、S02、S03、S04、S05、S06:步驟1: Account management host 11: Account database 13: Dynamic password module 15: Password generation module 2: service host 3: instant messaging server 31: Chatbot account 4: mobile device 41: Community Account 42: Scanning module 5: Barcode information S01, S02, S03, S04, S05, S06: steps

[圖1] 為本發明一實施例之動態密碼之系統方塊圖(一)。 [圖2] 為本發明一實施例之動態密碼之系統方塊圖(二)。 [圖3A] 為本發明一實施例之動態密碼系統之行動裝置的外觀示意圖(一)。 [圖3B] 為本發明一實施例之動態密碼系統之行動裝置的外觀示意圖(二)。 [圖4] 為本發明的其中一些實施例之取得動態密碼的方法的步驟流程圖。[Figure 1] is a system block diagram (1) of a dynamic password according to an embodiment of the present invention. [Figure 2] is a system block diagram (2) of a dynamic password according to an embodiment of the present invention. [Fig. 3A] is a schematic diagram (1) of the appearance of a mobile device of a dynamic password system according to an embodiment of the present invention. [Figure 3B] is a schematic diagram (2) of the external appearance of a mobile device of a dynamic password system according to an embodiment of the present invention. [Figure 4] is a flowchart of the steps of the method for obtaining a dynamic password in some embodiments of the present invention.

1:帳號管理主機1: Account management host

11:帳號資料庫11: Account database

13:動態密碼模組13: Dynamic password module

2:服務主機2: service host

3:即時通訊伺服器3: instant messaging server

31:聊天機器人帳號31: Chatbot account

4:行動裝置4: mobile device

41:社群帳號41: Community Account

Claims (9)

一種動態密碼系統,包含: 一帳號管理主機,包含: 一帳號資料庫,包含複數帳號資訊,每一該帳號資訊包含一社群帳號與一即時密碼資訊;及 一動態密碼模組,依照一變更規則變更每一該帳號資訊之該即時密碼資訊; 一服務主機,連接該帳號管理主機,於接收該社群帳號與一詢問指令時,比對該社群帳號是否存在於該帳號資料庫,並依據該詢問指令取得對應該社群帳號的該即時密碼資訊;及 一聊天機器人帳號,設置於一即時通訊伺服器,當一行動裝置連接該即時通訊伺服器,以一個該社群帳號傳送一詢問指令予該聊天機器人帳號,該聊天機器人帳號傳送該社群帳號與該詢問指令至該服務主機,並自該服務主機取得對應該社群帳號的該即時密碼資訊。A dynamic password system, including: An account management host, including: An account database, including plural account information, each of which includes a community account and a real-time password information; and A dynamic password module to change the real-time password information of each account information according to a change rule; A service host, connected to the account management host, when receiving the community account and an inquiry command, compare whether the community account exists in the account database, and obtain the real-time information corresponding to the community account according to the inquiry command. Password information; and A chat bot account is set on an instant messaging server. When a mobile device is connected to the instant messaging server, a query command is sent to the chat bot account with a community account, and the chat bot account sends the community account and The inquiry command is sent to the service host, and the real-time password information corresponding to the community account is obtained from the service host. 如請求項1所述之動態密碼系統,其中每一該帳號資訊更包含一身分資訊,該身分資訊對應該社群帳號。In the dynamic password system described in claim 1, each of the account information further includes an identity information, and the identity information corresponds to a community account. 如請求項1所述之動態密碼系統,其中該動態密碼模組依照該變更規則定期或不定期變更每一該帳號資訊之該即時密碼資訊。The dynamic password system according to claim 1, wherein the dynamic password module periodically or irregularly changes the real-time password information of each account information according to the change rule. 如請求項1所述之動態密碼系統,其中該行動裝置掃描一條碼資訊而使該社群帳號與該聊天機器人帳號建立連接關係。The dynamic password system according to claim 1, wherein the mobile device scans a piece of code information to establish a connection relationship between the social account and the chat robot account. 如請求項1所述之動態密碼系統,其中該帳號資料庫於建立一個新的該社群帳號時,自動產生對應該社群帳號的該即時密碼資訊。The dynamic password system according to claim 1, wherein the account database automatically generates the real-time password information corresponding to the community account when a new community account is created. 一種取得動態密碼的方法,包含: 建立複數帳號資訊,每一該帳號資訊包含一社群帳號與一即時密碼資訊; 依照一變更規則變更每一該帳號資訊之該即時密碼資訊; 以一個該社群帳號傳送一詢問指令予一聊天機器人帳號; 以該聊天機器人帳號傳送該社群帳號與該詢問指令; 以一服務主機接收該社群帳號與該詢問指令,依據該詢問指令取得對應該社群帳號的該即時密碼資訊;以及 以該聊天機器人帳號接收對應該社群帳號的該即時密碼資訊,並傳送該即時密碼資訊至該社群帳號。A method for obtaining dynamic passwords, including: Create plural account information, each of which includes a community account and a real-time password information; Change the real-time password information of each account information according to a change rule; Use a community account to send an inquiry command to a chatbot account; Use the chatbot account to send the community account and the inquiry instruction; A service host receives the community account and the query command, and obtains the real-time password information corresponding to the community account according to the query command; and Use the chat robot account to receive the real-time password information corresponding to the community account, and send the real-time password information to the community account. 如請求項6所述之取得動態密碼的方法,其中於建立該些帳號資訊之步驟中,自動產生對應該社群帳號的該即時密碼資訊。The method for obtaining a dynamic password as described in claim 6, wherein in the step of creating the account information, the real-time password information corresponding to the community account is automatically generated. 如請求項6所述之取得動態密碼的方法,其中於依照該變更規則變更之步驟中,係依照該變更規則定期或不定期變更每一該帳號資訊之該即時密碼資訊。The method for obtaining a dynamic password as described in claim 6, wherein in the step of changing according to the change rule, the real-time password information of each account information is changed regularly or irregularly according to the change rule. 如請求項6所述之取得動態密碼的方法,其中於以一個該社群帳號傳送該詢問指令之步驟前,更包含:掃描一條碼資訊而使該社群帳號與該聊天機器人帳號建立連接關係。The method for obtaining a dynamic password as described in claim 6, wherein before the step of sending the inquiry command with a community account, it further includes: scanning a piece of code information to establish a connection relationship between the community account and the chatbot account .
TW109110345A 2020-03-26 2020-03-26 Dynamic password system and method for obtaining dynamic password TWI772768B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW109110345A TWI772768B (en) 2020-03-26 2020-03-26 Dynamic password system and method for obtaining dynamic password

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW109110345A TWI772768B (en) 2020-03-26 2020-03-26 Dynamic password system and method for obtaining dynamic password

Publications (2)

Publication Number Publication Date
TW202137032A true TW202137032A (en) 2021-10-01
TWI772768B TWI772768B (en) 2022-08-01

Family

ID=79601319

Family Applications (1)

Application Number Title Priority Date Filing Date
TW109110345A TWI772768B (en) 2020-03-26 2020-03-26 Dynamic password system and method for obtaining dynamic password

Country Status (1)

Country Link
TW (1) TWI772768B (en)

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101166091B (en) * 2006-10-19 2010-08-11 阿里巴巴集团控股有限公司 A dynamic password authentication method and service end system
TW201002025A (en) * 2008-06-20 2010-01-01 Otp Systems Corp Method and system of using OTP dynamic password verification combined with a pay platform
TWI357752B (en) * 2008-07-09 2012-02-01 Chunghwa Telecom Co Ltd Network user id verification system and method
CN107508742B (en) * 2017-07-25 2018-07-24 深圳市爱的网络科技有限公司 A kind of social intercourse system, terminal and computer readable storage medium

Also Published As

Publication number Publication date
TWI772768B (en) 2022-08-01

Similar Documents

Publication Publication Date Title
US8266443B2 (en) Systems and methods for secure and authentic electronic collaboration
US8850536B2 (en) Methods and systems for identity verification in a social network using ratings
JP5133248B2 (en) Offline authentication method in client / server authentication system
JP3956130B2 (en) Authentication device, authentication system, authentication method, program, and recording medium
CN201467167U (en) Password encoder and password protection system
US20150312252A1 (en) Method of allowing establishment of a secure session between a device and a server
US9112847B2 (en) Authentication method
CN111433770B (en) Method and apparatus for user authentication and computer readable medium
JP2007058469A (en) Authentication system, authentication server, authentication method, and authentication program
US20170019398A1 (en) System And Method For Providing A One-Time Key For Identification
CN101291227A (en) Password inputting method, device and system
CN105208013A (en) Cross-device high-security non-password login method
JP4913624B2 (en) Authentication system and authentication method
WO2020012343A1 (en) System and method for confirming instructions over a communication channel
TWI772768B (en) Dynamic password system and method for obtaining dynamic password
CN104021322A (en) Electronic signature method, electronic signature equipment and electronic signature client
JP2011164837A (en) Authentication system and authentication method
US10701105B2 (en) Method for website authentication and for securing access to a website
US8533802B2 (en) Authentication system and related method
CN107169341A (en) Picture password generation method and picture password generating means
TWM580720U (en) System for assisting a network service user in setting password for the first time
KR20080109580A (en) Server certification system and method thereof
JP6080282B1 (en) Authentication processing system, authentication auxiliary server, and web display program
CN101242276A (en) A method for solving Internet honesty issue
US20130104209A1 (en) Authentication system