一种电子邮件的访问控制方法及邮件服务器 技术领域 E-mail access control method and mail server
本发明属于通信安全领域, 尤其涉及一种电子邮件的访问控制方法 及邮件服务器。 发明背景 The invention belongs to the field of communication security, and in particular relates to an access control method for an email and a mail server. Background of the invention
现今随着网络的发展与普及, 电子邮件(Email ) 已经成为重要的交 流工具, 它的安全性也越来越受到重视。 Nowadays, with the development and popularization of the Internet, e-mail has become an important communication tool, and its security has received more and more attention.
目前电子邮件的安全性是通过邮箱的登录密码来保证的, 电子邮件 是以明文(未加密) 的形式保存在邮件服务器上的, 当用户通过密码登 录邮箱后, 邮箱中包括已发送的邮件、 已接收的邮件等所有的邮件信息 将被一览无余, 使得用户电子邮件的安全性受到较大的威胁。 而用户邮 箱的登录密码容易被窃取, 如当用户选择了浏览器的记住密码功能时, 只要盗用用户的计算机密码, 即可自由登录用户的邮箱; 当用户登录邮 箱后暂时离开, 或者通过其它方式泄露了用户邮箱的登录密码时, 用户 邮箱中的电子邮件的安全性无法得到保证, 这对许多企业, 尤其是商务 人士可能造成无法挽回的损失。 发明内容 At present, the security of the email is guaranteed by the login password of the email. The email is stored in the plaintext (unencrypted) on the mail server. When the user logs in to the mailbox through the password, the email includes the sent email. All mail information, such as received mail, will be displayed at a glance, making the security of user emails more vulnerable. The login password of the user's mailbox is easily stolen. For example, when the user selects the password remember function of the browser, as long as the user's computer password is stolen, the user's mailbox can be freely logged in; when the user logs in to the mailbox, the user temporarily leaves, or passes other When the login password of the user's mailbox is revealed, the security of the email in the user's mailbox cannot be guaranteed, which may cause irreparable damage to many enterprises, especially business people. Summary of the invention
本发明实施例的目的在于提供一种电子邮件的访问控制方法及邮 件服务器, 旨在对电子邮箱中的电子邮件提供更好的安全保护。 An object of the embodiments of the present invention is to provide an email access control method and a mail server, which are intended to provide better security protection for emails in an email mailbox.
本发明实施例提供了一种电子邮件的访问控制方法,包括以下步骤: 接收对电子邮箱中至少一个文件夹的加密选定, 并接收输入的第一 密码, 使用第一密码对所选定的文件夹进行加密。
接收对已加密文件夹的访问请求, 并接收输入的第二密码, 判断第 二密码和第一密码是否相同,如果相同,允许对已加密文件夹进行访问。 An embodiment of the present invention provides an access control method for an email, comprising the steps of: receiving an encryption selection of at least one folder in an email box, and receiving the input first password, using the first password pair to select the selected The folder is encrypted. Receiving an access request to the encrypted folder, and receiving the input second password, determining whether the second password and the first password are the same, and if the same, allowing access to the encrypted folder.
本发明实施例还提供了一种邮件服务器, 包括以下构件: The embodiment of the invention further provides a mail server, which comprises the following components:
接口单元, 用于在加密时接收对电子邮箱中至少一个文件夹的加密 选定, 并接收输入的第一密码, 在访问时, 接收对已加密文件夹的访问 请求, 并接收输入的第二密码。 An interface unit, configured to receive an encryption selection of at least one folder in the email when encrypting, and receive the input first password, receive an access request to the encrypted folder, and receive the input second when accessing password.
控制单元, 用于使用第一密码对所选定的文件夹进行加密, 判断第 二密码和第一密码是否相同,如果相同,允许对已加密文件夹进行访问。 The control unit is configured to encrypt the selected folder by using the first password, determine whether the second password and the first password are the same, and if the same, allow access to the encrypted folder.
在本发明实施例中, 根据输入的加密密码采用加密算法生成加密密 匙, 对用户选定的邮箱中的文件夹加密, 为该加密文件夹中的电子邮件 提供了除邮箱登录密码外的二次密码保护, 从而保证了邮箱中电子邮件 的安全性, 尤其是对用户的重要私密数据提供了充分的安全保障。 附图简要说明 In the embodiment of the present invention, an encryption key is generated according to the input encryption password, and the folder in the mailbox selected by the user is encrypted, and the email in the encrypted folder is provided with two passwords other than the email login password. The second password protection ensures the security of the email in the mailbox, especially the important security data of the user. BRIEF DESCRIPTION OF THE DRAWINGS
图 1是本发明实施例提供的电子邮件访问控制方法的实现流程图。 图 2是本发明实施例提供的加密文件夹的访问流程图。 FIG. 1 is a flowchart of an implementation of an email access control method according to an embodiment of the present invention. 2 is a flow chart of accessing an encrypted folder according to an embodiment of the present invention.
图 3是本发明实施例提供的电子邮件解密方法的实现流程图。 FIG. 3 is a flowchart of implementing an email decryption method according to an embodiment of the present invention.
图 4是本发明实施例提供的邮件服务器的结构图。 4 is a structural diagram of a mail server according to an embodiment of the present invention.
图 5是本发明实施例提供的扩展的邮件服务器的结构图。 实施本发明的方式 FIG. 5 is a structural diagram of an extended mail server according to an embodiment of the present invention. Mode for carrying out the invention
为了使本发明的目的、 技术方案及优点更加清楚明白, 以下结合附 图及实施例, 对本发明进行进一步详细说明。 应当理解, 此处所描述的 具体实施例仅仅用以解释本发明, 并不用于限定本发明。 In order to make the objects, the technical solutions and the advantages of the present invention more comprehensible, the present invention will be further described in detail below with reference to the accompanying drawings. It is understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
在本发明实施例中, 接收用户输入的加密密码, 即第一密码, 根据
该加密密码产生加密密匙对邮箱中用户选定的文件夹进行加密, 从而实 现了邮箱中该加密文件夹中的电子邮件的二次密码保护, 保证了用户电 子邮件的安全性。 In the embodiment of the present invention, the encrypted password input by the user, that is, the first password is received, according to The encrypted password generates an encryption key to encrypt the folder selected by the user in the mailbox, thereby realizing the secondary password protection of the email in the encrypted folder in the mailbox, thereby ensuring the security of the user's email.
图 1示出了本发明实施例提供的电子邮件的访问控制方法的实现流 程, 详述如下: FIG. 1 is a flowchart showing an implementation process of an access control method for an email provided by an embodiment of the present invention, which is described in detail as follows:
在步骤 S101 中, 接收对电子邮箱中至少一个文件夹的加密选定, 并接收输入的第一密码, 使用第一密码对所选定的文件夹进行加密。 In step S101, an encryption selection of at least one folder in the electronic mailbox is received, and the input first password is received, and the selected folder is encrypted using the first password.
步骤 S101 可以通过下列的方式进行: 接收用户输入的加密密码以 及用户选定的邮箱中的文件夹信息, 如文件夹的 ID。 其中用户选定的邮 箱中的文件夹中可以包含用户需要加密保护的电子邮件信息, 也可以为 空的文件夹。 Step S101 can be performed by: receiving an encrypted password input by the user and folder information in a mailbox selected by the user, such as an ID of the folder. The folder in the mailbox selected by the user may contain email information that the user needs to encrypt and protect, or an empty folder.
然后根据用户输入的加密密码采用相应的加密算法产生加密密匙, 对用户选定的邮箱中的文件夹进行加密。 在本发明实施例中, 所采用的 相应的加密算法可以是公开密匙算法(如 RSA加密算法)、数据加密标 准( Digital Encryption Standard, DES )算法、 数字签名算法(如 ElGamal 加密算法、 DSA加密算法) 、 MD5加密算法或者 FLOWFISH加密算法 等。 当对该文件夹加密后, 访问该文件夹中的任何电子邮件都需要输入 该文件夹的加密密码, 从而使用户邮箱中的电子邮件得到二次加密保 护, 保证了该加密文件夹中的电子邮件的安全性。 Then, according to the encrypted password input by the user, a corresponding encryption algorithm is used to generate an encryption key, and the folder in the mailbox selected by the user is encrypted. In the embodiment of the present invention, the corresponding encryption algorithm may be a public key algorithm (such as RSA encryption algorithm), a data encryption standard (DES) algorithm, a digital signature algorithm (such as ElGamal encryption algorithm, DSA encryption). Algorithm), MD5 encryption algorithm or FLOWFISH encryption algorithm. When the folder is encrypted, accessing any email in the folder requires entering the encrypted password of the folder, so that the email in the user's mailbox is twice encrypted, and the electronic in the encrypted folder is guaranteed. The security of the mail.
在邮件服务器上对应每一个文件夹设置一个访问控制属性, 该访问 控制属性可以设置为文件夹是否需要使用密码进行访问。 当用户选择某 一个文件夹进行加密时, 向邮件服务器发送对要加密的文件夹的选定以 及加密密码。 邮件服务器设置访问控制属性为通过密码访问, 并将接收 到的加密密码, 即第一密码通过加密算法生成一个加密密钥, 即第一密 钥, 存储该第一密钥。 进一步地, 邮件服务器会对应第一密钥存储第一
密码。 Set an access control attribute for each folder on the mail server. The access control attribute can be set to whether the folder needs to be accessed with a password. When the user selects a folder for encryption, the mail server is sent a selection of the folder to be encrypted and an encrypted password. The mail server sets the access control attribute to be accessed by the password, and the received encrypted password, that is, the first password, generates an encryption key, that is, the first key, by the encryption algorithm, and stores the first key. Further, the mail server stores the first key corresponding to the first key. Password.
在步骤 S102 中, 接收对已加密文件夹的访问请求, 并接收输入的 第二密码, 判断第二密码和第一密码是否相同, 如果相同, 允许对已加 密文件夹进行访问。 In step S102, an access request to the encrypted folder is received, and the input second password is received, and it is determined whether the second password and the first password are the same. If the same, the access to the encrypted folder is allowed.
图 2示出了本发明实施例提供的对已加密文件夹进行访问的处理流 程。 FIG. 2 shows a processing flow for accessing an encrypted folder according to an embodiment of the present invention.
如图 2所示, 用户选择所要访问的文件夹, 如果该文件夹未加密, 则用户可以正常浏览或者操作电子邮件, 如果该文件夹已加密, 则提示 用户输入加密密码;验证用户输入的加密密码是否正确,如果密码错误, 则转入错误处理过程, 如提示用户密码错误等, 如果正确则用户可以正 常浏览或者操作电子邮件。 As shown in Figure 2, the user selects the folder to be accessed. If the folder is not encrypted, the user can browse or operate the email normally. If the folder is encrypted, the user is prompted to input an encrypted password; verify the encryption input by the user. If the password is correct, go to the error handling process, such as prompting the user for a wrong password. If it is correct, the user can browse or operate the email normally.
具体来说, 邮件服务器接收到用户发送的访问请求, 判断该文件夹 是否需要通过密码访问, 如果需要, 要求用户输入正确的加密密码。 邮 件服务器接收用户输入的密码, 即第二密码, 通过加密的时候使用的加 密算法生成一个加密密钥, 即第二密钥。 比较第二密钥和存储的第一密 钥, 如果两者相同, 允许用户访问该文件夹。 Specifically, the mail server receives the access request sent by the user, determines whether the folder needs to be accessed by the password, and if necessary, requires the user to input the correct encrypted password. The mail server receives the password entered by the user, that is, the second password, and generates an encryption key, that is, the second key, by the encryption algorithm used when encrypting. Compare the second key with the stored first key, and if the two are the same, allow the user to access the folder.
为了达到更好的密码保护效果, 本发明实施例在步骤 S101 中, 接 收用户输入的加密密码以及用户选定的邮箱中的文件夹信息的同时, 接 收用户输入的密码取回信息, 如密码取回问题、 保密邮箱地址等并存储 该密码取回信息。 在步骤 S101之后的任意时刻还可以包括下述步骤: 当用户丢失上述加密文件夹的加密密码时, 依据上述密码取回信息 取回该加密文件夹的加密密码。 In order to achieve a better password protection effect, in step S101, the embodiment of the present invention receives the encrypted password input by the user and the folder information in the mailbox selected by the user, and receives the password retrieval information input by the user, such as the password. Go back to the question, keep the email address, etc. and store the password to retrieve the information. At any time after step S101, the following steps may be further included: When the user loses the encrypted password of the encrypted folder, the encrypted password of the encrypted folder is retrieved according to the password retrieval information.
具体来说, 用户向邮件服务器发送一条密码取回请求。 邮件服务器 要求用户输入密码取回信息, 如果用户输入的信息与存储的密码取回信 息一致, 邮件服务器将第一密码发送给用户。 例如用户设置的密码取回
信息为保密邮箱地址, 邮件服务器会要求用户输入正确的保密邮箱地 址, 并将用户输入的保密邮箱地址与密码取回信息中的保密邮箱地址进 行比较, 如果两者一致, 邮件服务器将第一密码发送给用户。 Specifically, the user sends a password retrieval request to the mail server. The mail server requires the user to input the password retrieval information. If the information input by the user is consistent with the stored password retrieval information, the mail server sends the first password to the user. For example, the password set by the user is retrieved. The information is a secret email address, and the mail server will ask the user to enter the correct secret email address, and compare the secret email address entered by the user with the secret email address in the password retrieval information. If the two are consistent, the mail server will use the first password. Send to the user.
当需要加密保护的电子邮件未包含在该加密文件夹中时, 为了实现 对该需要保护的电子邮件进行加密保护, 该电子邮件加密方法还可以包 括下述步骤: When an email requiring encryption protection is not included in the encrypted folder, in order to encrypt and protect the email to be protected, the email encryption method may further include the following steps:
接收该加密文件夹以外的需要加密保护的电子邮件转移指令, 并根 据该转移指令将该需要加密保护的电子邮件转移至加密文件夹。 Receiving an email transfer instruction other than the encrypted folder that requires encryption protection, and transferring the encrypted-protected email to the encrypted folder according to the transfer instruction.
为了避免因用户登录邮箱并在浏览加密文件夹的过程中暂时离开 或者因用户退出登录, 而导致加密文件夹中的电子邮件数据被非法用户 窃取, 在本发明实施例中, 还可以包括下述步骤: In the embodiment of the present invention, the following may be included in the embodiment of the present invention, in order to prevent the user from logging in to the mailbox and temporarily leaving during the browsing of the encrypted folder, or the user is logged out, and the email data in the encrypted folder is stolen by the user. Steps:
当用户停止浏览该加密文件夹一段时间 (如 2分钟)后, 或者用户 退出邮箱的登录后, 自动根据步骤 S101 中接收的加密密码将该加密文 件夹锁定。 当用户重新登录邮箱或者重新浏览和操作邮箱中该加密文件 夹中的电子邮件时, 需要重新输入该加密文件夹的加密密码。 After the user stops browsing the encrypted folder for a period of time (such as 2 minutes), or after the user logs out of the mailbox, the encrypted folder is automatically locked according to the encrypted password received in step S101. When the user logs back in to the mailbox or revisits and manipulates the email in the encrypted folder in the mailbox, the encrypted password for the encrypted folder needs to be re-entered.
具体来说, 邮件服务器可以对应已加密的文件夹设置一个定时器, 当邮件服务器未接收到对已加密的文件夹进行操作的信息时启动定时 器。 在定时器超时前, 如果接收到用户对已加密的文件夹进行操作的信 息, 定时器重置; 在定时器超时后, 拒绝用户对文件夹的操作。 定时器 的时间可以由用户设定, 也可以由邮件服务器设定。 当邮件服务器接收 到用户退出登录的消息后, 同样将已加密文件夹锁定。 Specifically, the mail server can set a timer corresponding to the encrypted folder, and the timer is started when the mail server does not receive information on the operation of the encrypted folder. Before the timer expires, if the user receives information on the operation of the encrypted folder, the timer is reset; after the timer expires, the user's operation on the folder is rejected. The time of the timer can be set by the user or by the mail server. When the mail server receives the message that the user has logged out, the encrypted folder is also locked.
可以理解, 用户可以采用上述电子邮件加密方法有选择性的对邮箱 中的文件夹或者电子邮件进行加密, 同时可以为不同的加密文件夹设置 不同的密码, 从而为用户的重要私密数据提供了充分的安全保障。 It can be understood that the user can selectively encrypt the folder or email in the mailbox by using the above-mentioned email encryption method, and can set different passwords for different encrypted folders, thereby providing sufficient important data for the user. Security.
采用上述方法对选定的邮箱中的文件夹进行加密后, 用户在不知道
该文件夹的加密密码时, 无法对该加密文件夹中的任何电子邮件进行任 何操作,如浏览等。在用户通过加密密码打开并浏览该电子邮件过程中, 如果用户暂时离开, 通过对该加密文件夹进行锁定, 保证了电子邮件的 安全性。 After encrypting the folder in the selected mailbox by the above method, the user does not know When the folder is encrypted, you cannot perform any operations on any email in the encrypted folder, such as browsing. In the process of the user opening and browsing the email through the encrypted password, if the user temporarily leaves, the security of the email is ensured by locking the encrypted folder.
在实际应用过程中, 用户可以通过邮箱的文件夹管理页面, 选择需 要加密的文件夹, 按要求(如两次输入密码)输入加密密码后可对选定 的邮箱的文件夹进行加密。 In the actual application process, the user can select the folder to be encrypted through the folder management page of the mailbox, and input the encrypted password according to the requirements (such as entering the password twice) to encrypt the folder of the selected mailbox.
图 3示出了本发明实施例提供的电子邮件的解密方法的实现流程, 详述如下: FIG. 3 is a flowchart showing an implementation process of a method for decrypting an email provided by an embodiment of the present invention, which is described in detail as follows:
在步骤 S301 中, 接收用户输入的解密密码以及用户选定的邮箱中 的加密文件夹信息。 在实际应用过程中, 用户通过邮箱中的文件夹管理 页面, 选择已加密的文件夹, 并输入解密密码, 该解密密码为对该文件 夹进行加密时, 用户输入的加密密码。 In step S301, the decryption password input by the user and the encrypted folder information in the mailbox selected by the user are received. In the actual application process, the user selects the encrypted folder through the folder management page in the mailbox, and inputs a decryption password, which is the encrypted password input by the user when the folder is encrypted.
本步骤的过程与访问已加密文件夹的具体过程相类似, 在此不再赘 述。 The process of this step is similar to the specific process of accessing an encrypted folder, and will not be described here.
在步骤 S302 中, 根据该加密密码对选定的加密文件夹进行解密。 对该加密文件夹进行解密后, 该加密文件夹的状态与加密前一致, 邮箱 用户可以随意的浏览或者操作该邮箱中被解密后的文件夹中的任何电 子邮件。 In step S302, the selected encrypted folder is decrypted based on the encrypted password. After the encrypted folder is decrypted, the state of the encrypted folder is the same as before the encryption, and the mailbox user can browse or manipulate any email in the decrypted folder in the mailbox.
具体来说, 解密可以是将访问控制属性设置为不通过密码进行访 问, 并删除存储的第一密钥。 更进一步的, 删除存储的密码取回信息以 及加密密码。 Specifically, the decryption may be to set the access control attribute to be accessed without a password and delete the stored first key. Further, the stored password retrieval information and the encrypted password are deleted.
图 4示出了本发明实施例提供的邮件服务器的结构, 为了更好的说 明, 仅示出了与本发明实施例相关的部分。 FIG. 4 shows the structure of a mail server according to an embodiment of the present invention. For better description, only parts related to the embodiment of the present invention are shown.
如图 4所示, 接口单元 410用于在加密时接收对电子邮箱中至少一
个文件夹的加密选定, 并接收输入的第一密码。 在访问控制时, 接收对 已加密文件夹的访问请求, 并接收输入的第二密码。 控制单元 420用于 使用第一密码对所选定的文件夹进行加密, 判断第二密码和第一密码是 否相同, 如果相同, 允许对已加密文件夹进行访问。 As shown in FIG. 4, the interface unit 410 is configured to receive at least one of the email addresses when encrypting. The encryption of the folders is selected and the first password entered is received. At the time of access control, an access request to the encrypted folder is received, and the entered second password is received. The control unit 420 is configured to encrypt the selected folder by using the first password, determine whether the second password and the first password are the same, and if the same, allow access to the encrypted folder.
图 5是扩展后的邮件服务器的结构示意图。 FIG. 5 is a schematic structural diagram of an extended mail server.
如图 5所示, 控制单元 420包括以下模块: 属性设置模块 421用于 设置所选定的文件夹的访问控制属性为通过密码访问; 密钥生成模块 422用于将接口单元 410接收到的第一密码通过加密算法生成第一密钥。 服务器进一步包括存储单元 430, 用于存储密钥生成模块 422生成的第 一密钥。 As shown in FIG. 5, the control unit 420 includes the following modules: The attribute setting module 421 is configured to set an access control attribute of the selected folder to be accessed by a password; and the key generation module 422 is configured to receive the interface unit 410. A password is generated by an encryption algorithm to generate a first key. The server further includes a storage unit 430 for storing the first key generated by the key generation module 422.
密钥生成模块 422进一步用于将 410接口单元接收到的访问请求中 携带的第二密码通过加密算法生成第二密钥。 控制单元 420进一步包括 访问控制模块 423 , 用于判断密钥生成模块 422生成的第二密钥和存储 单元 430存储的第一密钥是否相同, 如果相同, 允许对该文件夹进行操 作。 The key generation module 422 is further configured to generate a second key by using an encryption algorithm for the second password carried in the access request received by the 410 interface unit. The control unit 420 further includes an access control module 423 for determining whether the second key generated by the key generation module 422 and the first key stored by the storage unit 430 are the same, and if the same, the folder is allowed to operate.
接口单元 410进一步用于接收密码取回信息。 存储单元 430进一步 用于存储接口单元 410接收到的密码取回信息。 接口单元 410进一步用 于接收密码取回请求。 服务器进一步包括密码取回单元 440, 用于要求 输入密码取回信息, 判断输入的密码取回信息与存储单元 430存储的密 码取回信息是否相同, 如果相同, 发送存储单元 430存储的第一密码。 The interface unit 410 is further configured to receive password retrieval information. The storage unit 430 is further configured to store the password retrieval information received by the interface unit 410. Interface unit 410 is further operative to receive a password retrieval request. The server further includes a password retrieval unit 440, configured to request input of password retrieval information, and determine whether the input password retrieval information is the same as the password retrieval information stored by the storage unit 430. If the same, the first password stored by the storage unit 430 is sent. .
接口单元 410进一步用于接收对已加密文件夹的解密请求。 属性设 置模块 421进一步用于设置已加密文件夹的访问控制属性为不通过密码 进行访问。 存储单元 422进一步用于删除存储的第一密钥。 The interface unit 410 is further for receiving a decryption request for the encrypted folder. The attribute setting module 421 is further configured to set the access control attribute of the encrypted folder to be accessed without a password. The storage unit 422 is further configured to delete the stored first key.
以上所述的服务器进一步包括定时器 450, 用于设置定时时间, 接 口单元 410未接收到对已加密的文件夹进行操作的信息, 定时器 450开
始计时, 如果在定时器 450超时前, 接收到对已加密的文件夹进行操作 的信息, 定时器 450重新开始计时。 服务器还进一步包括锁定单元 460, 用于当定时器 450超时后, 用于当定时器超时后, 拒绝对已加密文件夹 的操作。 The server described above further includes a timer 450 for setting a timing time, and the interface unit 410 does not receive information for operating the encrypted folder, and the timer 450 is opened. At the beginning, if information about the operation of the encrypted folder is received before the timer 450 times out, the timer 450 restarts timing. The server further includes a locking unit 460, configured to reject the operation of the encrypted folder when the timer expires after the timer 450 times out.
从上面的技术方案可以看出, 通过对邮箱中的文件夹进行加密, 从 而使用户邮箱中的电子邮件得到二次加密保护, 保证了该加密文件夹中 的电子邮件的安全性。 同时, 由于用户没有邮件服务器的管理权限, 邮 件服务器的运行不受用户控制, 因此也增加了加密文件夹中电子邮件的 安全性。 As can be seen from the above technical solution, by encrypting the folder in the mailbox, the email in the user mailbox is twice encrypted, and the security of the email in the encrypted folder is ensured. At the same time, since the user does not have the management authority of the mail server, the operation of the mail server is not controlled by the user, so the security of the email in the encrypted folder is also increased.
综上所述, 在本发明实施例中, 根据用户输入的加密密码生成加密 密匙, 对用户选定的邮箱中的文件夹加密, 从而使该加密文件夹中的电 子邮件被二次加密, 同时可以将需要加密保护的电子邮件转移至该加密 文件夹, 使用户邮箱中的电子邮件的安全性得到保护, 同时当用户停止 浏览或操作该加密文件夹一段时间后, 或者用户退出邮箱登录时, 自动 根据用户输入的加密密码重新对该加密文件夹加密, 当用户重新浏览或 者重新登录邮箱时, 需要重新输入密码, 使得用户在离开一段时间后, 电子邮件也不会被窃取, 进一步保证了用户电子邮件的安全性。 另外, 当用户忘记加密文件夹的密码时, 用户可以通过输入的密码取回信息取 回该加密密码。 当用户不需要对电子邮件加密时, 通过本发明实施例提 供的电子邮件解密方法可以解除该电子邮件的密码, 应用方便、 自如。 In summary, in the embodiment of the present invention, an encryption key is generated according to an encrypted password input by a user, and a folder in a mailbox selected by the user is encrypted, so that the email in the encrypted folder is secondarily encrypted. At the same time, the email that needs to be encrypted and protected can be transferred to the encrypted folder, so that the security of the email in the user's mailbox is protected, and when the user stops browsing or operating the encrypted folder for a period of time, or when the user logs out of the mailbox, The encrypted folder is automatically re-encrypted according to the encrypted password input by the user. When the user re-browss or re-login to the mailbox, the password needs to be re-entered, so that the user will not be stolen after leaving the user for a certain period of time, further ensuring that the email is not stolen. User email security. In addition, when the user forgets the password of the encrypted folder, the user can retrieve the encrypted password by using the entered password retrieval information. When the user does not need to encrypt the email, the email decryption method provided by the embodiment of the present invention can cancel the password of the email, and the application is convenient and free.
以上所述仅为本发明的较佳实施例而已, 并不用以限制本发明, 凡 在本发明的精神和原则之内所作的任何修改、 等同替换和改进等, 均应 包含在本发明的保护范围之内。
The above is only the preferred embodiment of the present invention, and is not intended to limit the present invention. Any modifications, equivalent substitutions and improvements made within the spirit and principles of the present invention should be included in the protection of the present invention. Within the scope.