WO2018103527A1 - Authentication method and authentication device - Google Patents

Authentication method and authentication device Download PDF

Info

Publication number
WO2018103527A1
WO2018103527A1 PCT/CN2017/112248 CN2017112248W WO2018103527A1 WO 2018103527 A1 WO2018103527 A1 WO 2018103527A1 CN 2017112248 W CN2017112248 W CN 2017112248W WO 2018103527 A1 WO2018103527 A1 WO 2018103527A1
Authority
WO
WIPO (PCT)
Prior art keywords
password
connection request
authentication
temporary password
temporary
Prior art date
Application number
PCT/CN2017/112248
Other languages
French (fr)
Chinese (zh)
Inventor
郝志坚
朱钰
郝谨贤
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2018103527A1 publication Critical patent/WO2018103527A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup

Definitions

  • the present disclosure relates to the field of communications, and in particular, to an authentication method and apparatus.
  • the router generally has a fixed login password, and the user can use the login password to connect to the router using the mobile terminal, so that the wifi network can be used by the mobile terminal.
  • it is inconvenient to inform the holder of some mobile terminals of the login password of the router which may cause the holder of the mobile terminal to establish a connection with the router through the terminal, for example, when a guest comes to the home.
  • the owner will be worried that the login password of the router will be leaked, and often the login password involves other more important usage scenarios, such as bank password, Alipay password, etc. The password is leaked, and there is a big security risk.
  • the present disclosure provides an authentication method and apparatus for solving the security risk caused by a fixed password leak of a router in the related art.
  • an authentication method including: receiving a connection request sent by a first device; determining whether an authentication password carried in the connection request is consistent with a login password; and determining that the authentication password and the login password are inconsistent And determining whether there is a temporary password; if there is a temporary password, determining whether the authentication password is consistent with the temporary password, and if the authentication password is consistent with the temporary password, determining that the first device passes the authentication and receives the connection request of the first device; otherwise, The connection request of the first device is rejected.
  • the method further includes: before receiving the connection request sent by the first device, and after the second device establishes a connection with the routing device by using the login password, receiving and storing the temporary password sent by the second device.
  • the method further includes: before receiving the connection request sent by the first device, and after the second device establishes a connection with the router by using the login password, receiving and storing the effective duration of the temporary password sent by the second device. Information, and the number of connectable devices corresponding to the temporary password sent by the second device.
  • the determining whether the temporary password exists includes: determining whether a valid temporary password exists at the current time point according to the valid usage duration information of the pre-stored temporary password.
  • the method further includes: if the authentication password is consistent with the temporary password, determining whether the number of devices connected to the routing device by using the temporary password exceeds the number of connectable devices corresponding to the temporary password; if And rejecting the connection request of the first device, if not, determining that the first device is authenticated and receiving the connection request of the first device.
  • an authentication apparatus including: a first receiving module, configured to receive a connection request sent by a first device; and a first determining module configured to determine whether an authentication password carried in the connection request is Consistent with the login password; the second determination module is configured to determine whether to save if the authentication password and the login password are inconsistent
  • the first connection module is configured to determine whether the authentication password is consistent with the temporary password if the temporary password exists, and if the authentication password is consistent with the temporary password, determine that the first device passes the authentication and receives the connection of the first device. Request, otherwise, reject the connection request from the first device.
  • the apparatus further includes: a second receiving module, configured to receive and store the second device after receiving the connection request sent by the first device, and after the second device establishes a connection with the routing device by using the login password The temporary password sent.
  • a second receiving module configured to receive and store the second device after receiving the connection request sent by the first device, and after the second device establishes a connection with the routing device by using the login password The temporary password sent.
  • the apparatus further includes: a third receiving module, configured to receive and store the second device after receiving the connection request sent by the first device, and after the second device establishes a connection with the router by using the login password.
  • the effective duration information of the temporary password, and the number of connectable devices corresponding to the temporary password sent by the second device is not limited to:
  • the second judging module is configured to: determine whether there is a valid temporary password at the current time point according to the valid usage duration information of the pre-stored temporary password.
  • the apparatus further includes: a third determining module, configured to determine, if the authentication password is consistent with the temporary password, whether the number of devices connected to the routing device by using the temporary password exceeds a connectable corresponding to the temporary password The number of devices; the second connection module is configured to reject the connection request of the first device if it is exceeded, and if not, determine that the first device passes the authentication and receives the connection request of the first device.
  • a third determining module configured to determine, if the authentication password is consistent with the temporary password, whether the number of devices connected to the routing device by using the temporary password exceeds a connectable corresponding to the temporary password The number of devices
  • the second connection module is configured to reject the connection request of the first device if it is exceeded, and if not, determine that the first device passes the authentication and receives the connection request of the first device.
  • a computer storage medium storing an execution instruction, the execution instruction being arranged to perform the method described above.
  • a temporary login password is set on the router side, so that the terminal device having the temporary login requirement can log in to the router through the temporary login password, and the security of the router login password is ensured to a certain extent.
  • FIG. 1 is a flowchart of an authentication method provided in a first embodiment of the present disclosure
  • FIG. 2 is a flowchart of an authentication method provided in a second embodiment of the present disclosure
  • FIG. 3 is a block diagram showing the structure of an authentication apparatus provided in a third embodiment of the present disclosure.
  • FIG. 1 is a flowchart of the method. As shown in FIG. 1, the method includes the following processing.
  • a connection request sent by the first device is received.
  • the first device may be a terminal/mobile terminal that needs to establish a connection with the routing device, and the first device needs to send a connection request carrying the authentication password to the routing device before establishing a connection with the routing device. So that the routing device authenticates the first device according to the authentication password.
  • step 102 it is determined whether the authentication password carried in the connection request is consistent with the login password.
  • the routing device After the routing device receives the connection request from the first device, it is first required to determine whether the current connection is a normal connection using the login password. Therefore, in step 102, the routing device determines the authentication carried in the connection request sent by the first device. The password is the same as the password stored on the router. If the password is the same, the current connection request from the first device is not a temporary request. In response to the connection request, the connection is established with the first device. Otherwise, go to step 103.
  • step 103 if it is determined that the authentication password does not match the login password, it is determined whether a temporary password exists.
  • the method provided in this embodiment further includes a process of setting a temporary password, including: before receiving the connection request sent by the first device, and after the second device establishes a connection with the routing device by using the login password, receiving and storing the second device to send
  • the temporary password in this embodiment, the second device may be a terminal device/mobile terminal device that establishes a connection with the router by using the original login password, and the temporary password may be specified by the user through the second device, and the second device is specified by the second device. Send to the router for storage.
  • the router receives and stores the valid usage duration information of the temporary password sent by the second device, and receives and stores the number of connectable devices corresponding to the temporary password sent by the second device. Based on this, determining whether the temporary password exists currently may include: The effective use duration of the pre-stored temporary password determines whether there is a valid temporary password at the current time point.
  • step 104 if there is a temporary password, it is determined whether the authentication password is consistent with the temporary password. If the authentication password is consistent with the temporary password, it is determined that the first device passes the authentication and receives the connection request of the first device. Otherwise, the first password is rejected. The connection request for the device.
  • the method provided in this embodiment may further include: determining, when the routing device determines that the authentication password is consistent with the temporary password, whether the number of devices connected to the routing device by using the temporary password exceeds the temporary password. The number of connectable devices; if it is exceeded, the connection request of the first device is rejected, and if not, it is determined that the first device passes the authentication and receives the connection request of the first device.
  • the client when a guest requests a wifi password, the client may be notified of the temporary password according to the solution provided by the invention, so that the client can use the temporary password to log in to the routing device, thereby ensuring the security of the routing device login password.
  • the above-mentioned first embodiment describes the authentication method provided by the present disclosure by using several preferred embodiments.
  • the flow of information exchanged with the routing device by the first device and the second device during the entire authentication process is performed.
  • the following describes the authentication method provided by the present disclosure: Before describing the entire information interaction process, firstly, the three concepts of the first device, the second device, and the temporary password involved in this embodiment are briefly described.
  • the router is bound to a device, and the binding device is connected to the router by using the original password (that is, the login password), and the binding device is the second device, and the second device can control the router to pass the temporary password and other The device is connected.
  • the device connected to the routing device through the temporary password is the first device, and the temporary password has time and The limit on the number of uses.
  • FIG. 2 is a flow chart of an authentication method of an embodiment. As shown in FIG. 2, the method includes the following steps.
  • step 201 the second device is connected to the router through the original password of the router.
  • the second device sets the temporary password, the effective time of the temporary password, and the information of the number N of devices that are allowed to connect to the router using the temporary password, and transmits the information to the router.
  • step 203 the router receives the connection request sent by the first device.
  • step 204 the router determines whether the authentication password in the connection request is consistent with the original password. If yes, step 205 is performed, and if no, step 206 is performed.
  • the router accepts a connection request from the first device.
  • step 206 the router determines whether there is a temporary password at the current time according to the valid duration of the pre-stored temporary password. If not, step 207 is performed, and if yes, step 208 is performed.
  • the router rejects the connection request of the first device.
  • the router determines whether the authentication password in the request is consistent with the temporary password.
  • step 209 the router determines whether the number of devices connected using the temporary password exceeds the threshold N. If not, step 210 is performed.
  • connection request of the first device is accepted, and the number of devices connected using the temporary password is incremented by one.
  • a temporary login password is set on the router end, so that the terminal device having the temporary login requirement can log in to the router through the temporary login password, and the security of the router login password is ensured to a certain extent.
  • FIG. 3 is a structural block diagram of the device. As shown in FIG. 3, the device 30 includes the following components.
  • the device 30 includes a first receiving module 31 configured to receive a connection request sent by the first device.
  • the first device may be a terminal/mobile terminal that needs to establish a connection with the routing device, and the first device needs to send a connection request carrying the authentication password to the routing device before establishing a connection with the routing device. So that the routing device authenticates the first device according to the authentication password.
  • the device 30 further includes a first determining module 32 configured to determine whether the authentication password carried in the connection request is consistent with the login password.
  • the routing device After the routing device receives the connection request from the first device, it is first determined whether the current connection is a normal connection. Therefore, the routing device determines whether the authentication password and the login password carried in the connection request sent by the first device are consistent. In the case that the connection request sent by the first device is not a temporary requirement, the connection with the first device is established in response to the connection request.
  • the device 30 further includes a second determining module 33 configured to determine whether a temporary password exists if the authentication password is inconsistent with the login password.
  • the device 30 further includes a first connection module 34, configured to determine whether the authentication password is consistent with the temporary password if the temporary password exists, and determine that the first device passes the authentication and receives the first device if the authentication password is consistent with the temporary password.
  • the connection request otherwise, rejects the connection request of the first device.
  • the apparatus 30 may further include a second receiving module, configured to receive and store the second connection after receiving the connection request sent by the first device, and after the second device establishes the connection with the routing device by using the login password.
  • the temporary password sent by the device may be included in the apparatus 30.
  • the apparatus 30 may further include: a third receiving module, configured to receive and store the second connection after receiving the connection request sent by the first device, and after the second device establishes a connection with the router by using the login password The effective usage duration information of the temporary password sent by the device, and the number of connectable devices corresponding to the temporary password sent by the second device.
  • a third receiving module configured to receive and store the second connection after receiving the connection request sent by the first device, and after the second device establishes a connection with the router by using the login password The effective usage duration information of the temporary password sent by the device, and the number of connectable devices corresponding to the temporary password sent by the second device.
  • the second judging module is configured to: determine whether there is a valid temporary password at the current time point according to the effective use duration of the pre-stored temporary password.
  • the device 30 may further include: a third determining module, configured to determine whether the number of devices connected to the routing device using the temporary password exceeds the temporary password if the authentication password is consistent with the temporary password The number of connectable devices; and the second connection module, configured to reject the connection request of the first device if the number of devices connected to the routing device using the temporary password exceeds a preset value, and if not, the first connection is determined The device is authenticated and receives a connection request from the first device.
  • a third determining module configured to determine whether the number of devices connected to the routing device using the temporary password exceeds the temporary password if the authentication password is consistent with the temporary password The number of connectable devices
  • the second connection module configured to reject the connection request of the first device if the number of devices connected to the routing device using the temporary password exceeds a preset value, and if not, the first connection is determined The device is authenticated and receives a connection request from the first device.
  • a temporary login password is set on the router end, so that the terminal device having the temporary login requirement can log in to the router through the temporary login password, and the security of the router login password is ensured to a certain extent.
  • the present disclosure is applicable to the field of communications to enhance the security of router login passwords.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

An authentication method and an authentication device, for solving security hazards in the related technology caused by divulgement of the fixed password of a router. The method comprises: receiving a connection request sent by a first device; determining whether the authentication password carried in the connection request is consistent with the login password; if the authentication password is determined to be inconsistent with the login password, determining whether there is a temporary password; if there is a temporary password, determining whether the authentication password is consistent with the temporary password; when the authentication password is consistent with the temporary password, determining that the first device passes the authentication and receives the connection request sent by the first device; and otherwise, refusing the connection request sent by the first device. This solution ensures the security of the login password of a router to a certain extent.

Description

认证方法和认证装置Authentication method and authentication device 技术领域Technical field
本公开涉及通讯领域,特别是涉及一种认证方法及装置。The present disclosure relates to the field of communications, and in particular, to an authentication method and apparatus.
背景技术Background technique
目前,路由器一般都具有一个固定的登陆密码,用户使用该登陆密码可以使用移动终端与路由器相连,从而可以通过移动终端使用wifi网络。然而在一些特定的场景下,不便于将路由器的登陆密码告知某些移动终端的持有者,这样则会导致移动终端的持有者无法通过终端与路由器建立连接,例如,当有客人来家里做客的情况下,如果告知客人路由器的登陆密码,则主人则会担心该路由器的登陆密码会被泄漏,而往往该登陆密码涉及到其它更重要的使用场景,如银行密码、支付宝密码等,如果该密码被泄露,则存在的很大的安全隐患。At present, the router generally has a fixed login password, and the user can use the login password to connect to the router using the mobile terminal, so that the wifi network can be used by the mobile terminal. However, in some specific scenarios, it is inconvenient to inform the holder of some mobile terminals of the login password of the router, which may cause the holder of the mobile terminal to establish a connection with the router through the terminal, for example, when a guest comes to the home. In the case of a guest, if the guest's login password is notified to the guest, the owner will be worried that the login password of the router will be leaked, and often the login password involves other more important usage scenarios, such as bank password, Alipay password, etc. The password is leaked, and there is a big security risk.
发明内容Summary of the invention
本公开提供一种认证方法及装置,用以解决相关技术中路由器的固定密码泄露导致的安全隐患问题。The present disclosure provides an authentication method and apparatus for solving the security risk caused by a fixed password leak of a router in the related art.
根据本公开的一个方面,提供了一种认证方法,包括:接收第一设备发送的连接请求;判断连接请求中携带的认证密码是否与登陆密码一致;在判断认证密码与登陆密码不一致的情况下,判断是否存在临时密码;如果存在临时密码,则判断认证密码与临时密码是否一致,在认证密码与临时密码一致的情况下,确定第一设备认证通过,接收第一设备的连接请求,否则,拒绝第一设备的连接请求。According to an aspect of the present disclosure, an authentication method is provided, including: receiving a connection request sent by a first device; determining whether an authentication password carried in the connection request is consistent with a login password; and determining that the authentication password and the login password are inconsistent And determining whether there is a temporary password; if there is a temporary password, determining whether the authentication password is consistent with the temporary password, and if the authentication password is consistent with the temporary password, determining that the first device passes the authentication and receives the connection request of the first device; otherwise, The connection request of the first device is rejected.
在一实施例中,上述方法还包括:在接收第一设备发送的连接请求之前,且在第二设备通过登陆密码与路由设备建立连接之后,接收并存储第二设备发送的临时密码。In an embodiment, the method further includes: before receiving the connection request sent by the first device, and after the second device establishes a connection with the routing device by using the login password, receiving and storing the temporary password sent by the second device.
在一实施例中,上述方法还包括:在接收第一设备发送的连接请求之前,且在第二设备通过登陆密码与路由器建立连接之后,接收并存储第二设备发送的临时密码的有效使用时长信息,以及接收并存储第二设备发送的临时密码对应的可连接设备的个数。In an embodiment, the method further includes: before receiving the connection request sent by the first device, and after the second device establishes a connection with the router by using the login password, receiving and storing the effective duration of the temporary password sent by the second device. Information, and the number of connectable devices corresponding to the temporary password sent by the second device.
其中,判断是否存在临时密码,包括:根据预先存储的临时密码的有效使用时长信息判断当前时间点是否存在有效的临时密码。The determining whether the temporary password exists includes: determining whether a valid temporary password exists at the current time point according to the valid usage duration information of the pre-stored temporary password.
在一实施例中,上述方法还包括:在认证密码与临时密码一致的情况下,判断使用临时密码与路由设备连接的设备的个数是否超过临时密码对应的可连接设备的个数;如果超过,则拒绝第一设备的连接请求,如果未超过,则确定第一设备认证通过,接收第一设备的连接请求。In an embodiment, the method further includes: if the authentication password is consistent with the temporary password, determining whether the number of devices connected to the routing device by using the temporary password exceeds the number of connectable devices corresponding to the temporary password; if And rejecting the connection request of the first device, if not, determining that the first device is authenticated and receiving the connection request of the first device.
根据本公开的第二个方面,提供了一种认证装置,包括:第一接收模块,设置为接收第一设备发送的连接请求;第一判断模块,设置为判断连接请求中携带的认证密码是否与登陆密码一致;第二判断模块,设置为在判断认证密码与登陆密码不一致的情况下,判断是否存 在临时密码;第一连接模块,设置为如果存在临时密码,则判断认证密码与临时密码是否一致,在认证密码与临时密码一致的情况下,确定第一设备认证通过,接收第一设备的连接请求,否则,拒绝第一设备的连接请求。According to a second aspect of the present disclosure, an authentication apparatus is provided, including: a first receiving module, configured to receive a connection request sent by a first device; and a first determining module configured to determine whether an authentication password carried in the connection request is Consistent with the login password; the second determination module is configured to determine whether to save if the authentication password and the login password are inconsistent In the temporary password, the first connection module is configured to determine whether the authentication password is consistent with the temporary password if the temporary password exists, and if the authentication password is consistent with the temporary password, determine that the first device passes the authentication and receives the connection of the first device. Request, otherwise, reject the connection request from the first device.
在一实施例中,上述装置还包括:第二接收模块,设置为在接收第一设备发送的连接请求之前,且在第二设备通过登陆密码与路由设备建立连接之后,接收并存储第二设备发送的临时密码。In an embodiment, the apparatus further includes: a second receiving module, configured to receive and store the second device after receiving the connection request sent by the first device, and after the second device establishes a connection with the routing device by using the login password The temporary password sent.
在一实施例中,上述装置还包括:第三接收模块,设置为在接收第一设备发送的连接请求之前,且在第二设备通过登陆密码与路由器建立连接之后,接收并存储第二设备发送的临时密码的有效使用时长信息,以及接收并存储第二设备发送的临时密码对应的可连接设备的个数。In an embodiment, the apparatus further includes: a third receiving module, configured to receive and store the second device after receiving the connection request sent by the first device, and after the second device establishes a connection with the router by using the login password. The effective duration information of the temporary password, and the number of connectable devices corresponding to the temporary password sent by the second device.
其中,上述第二判断模块设置为:根据预先存储的临时密码的有效使用时长信息判断当前时间点是否存在有效的临时密码。The second judging module is configured to: determine whether there is a valid temporary password at the current time point according to the valid usage duration information of the pre-stored temporary password.
在一实施例中,上述装置还包括:第三判断模块,设置为在认证密码与临时密码一致的情况下,判断使用临时密码与路由设备连接的设备的个数是否超过临时密码对应的可连接设备的个数;第二连接模块,设置为如果超过,则拒绝第一设备的连接请求,如果未超过,则确定第一设备认证通过,接收第一设备的连接请求。In an embodiment, the apparatus further includes: a third determining module, configured to determine, if the authentication password is consistent with the temporary password, whether the number of devices connected to the routing device by using the temporary password exceeds a connectable corresponding to the temporary password The number of devices; the second connection module is configured to reject the connection request of the first device if it is exceeded, and if not, determine that the first device passes the authentication and receives the connection request of the first device.
根据本公开的第三个方面,还提供一种计算机存储介质,所述计算机存储介质存储有执行指令,所述执行指令设置为执行上述的方法。According to a third aspect of the present disclosure, there is also provided a computer storage medium storing an execution instruction, the execution instruction being arranged to perform the method described above.
本公开本实施例提供的方案,在路由器端设置临时登陆密码,使得具有临时登陆需求的终端设备可以通过临时登陆密码登陆路由器,在一定程度上确保了路由器登陆密码的安全性。In the solution provided by the embodiment of the present disclosure, a temporary login password is set on the router side, so that the terminal device having the temporary login requirement can log in to the router through the temporary login password, and the security of the router login password is ensured to a certain extent.
附图说明DRAWINGS
图1是本公开第一实施例中提供的认证方法的流程图;1 is a flowchart of an authentication method provided in a first embodiment of the present disclosure;
图2是本公开第二实施例中提供的认证方法的流程图;2 is a flowchart of an authentication method provided in a second embodiment of the present disclosure;
图3是本公开第三实施例中提供的认证装置的结构框图。3 is a block diagram showing the structure of an authentication apparatus provided in a third embodiment of the present disclosure.
具体实施方式detailed description
下面将结合本公开实施例中的附图,对本公开实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本公开一部分实施例,而不是全部的实施例。基于本公开中的实施例,本领域普通技术人员在没有作出创造性劳动的前提下所获得的所有其他实施例,都属于本公开保护的范围。The technical solutions in the embodiments of the present disclosure are clearly and completely described in the following with reference to the accompanying drawings in the embodiments of the present disclosure. It is obvious that the described embodiments are only a part of the embodiments of the present disclosure, and not all of the embodiments. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments of the present disclosure without departing from the inventive scope are the scope of the disclosure.
第一实施例First embodiment
本实施例提供了一种认证方法,该方法可以由路由设备执行,图1是该方法的流程图,如图1所示,该方法包括如下处理。This embodiment provides an authentication method, which can be performed by a routing device. FIG. 1 is a flowchart of the method. As shown in FIG. 1, the method includes the following processing.
在步骤101,接收第一设备发送的连接请求。 At step 101, a connection request sent by the first device is received.
在本实施例中,该第一设备可以是临时需要与路由设备建立连接的终端/移动终端,该第一设备在与路由设备建立连接之前,需要将携带有认证密码的连接请求发送至路由设备,以使路由设备根据认证密码对该第一设备进行鉴权。In this embodiment, the first device may be a terminal/mobile terminal that needs to establish a connection with the routing device, and the first device needs to send a connection request carrying the authentication password to the routing device before establishing a connection with the routing device. So that the routing device authenticates the first device according to the authentication password.
在步骤102,判断连接请求中携带的认证密码是否与登陆密码一致。In step 102, it is determined whether the authentication password carried in the connection request is consistent with the login password.
在路由设备接收到来自第一设备的连接请求后,首先需要判断当前连接是否是使用登陆密码的正常连接,故,在该步骤102中,路由设备判断第一设备发送的连接请求中携带的认证密码与路由器端保存的登陆密码是否一致,如果一致,则说明当前第一设备发出的连接请求并非临时需求,则响应该连接请求,与第一设备建立连接,否则,执行步骤103。After the routing device receives the connection request from the first device, it is first required to determine whether the current connection is a normal connection using the login password. Therefore, in step 102, the routing device determines the authentication carried in the connection request sent by the first device. The password is the same as the password stored on the router. If the password is the same, the current connection request from the first device is not a temporary request. In response to the connection request, the connection is established with the first device. Otherwise, go to step 103.
在步骤103,在判断认证密码与登陆密码不一致的情况下,判断是否存在临时密码。In step 103, if it is determined that the authentication password does not match the login password, it is determined whether a temporary password exists.
本实施例提供的方法还包括临时密码的设定过程,包括:在接收第一设备发送的连接请求之前,且在第二设备通过登陆密码与路由设备建立连接之后,接收并存储第二设备发送的临时密码,在本实施例中,该第二设备可以是使用原始登陆密码与路由器建立连接的终端设备/移动终端设备,临时密码可以由用户通过该第二设备指定,并由该第二设备发送给路由器进行存储。The method provided in this embodiment further includes a process of setting a temporary password, including: before receiving the connection request sent by the first device, and after the second device establishes a connection with the routing device by using the login password, receiving and storing the second device to send The temporary password, in this embodiment, the second device may be a terminal device/mobile terminal device that establishes a connection with the router by using the original login password, and the temporary password may be specified by the user through the second device, and the second device is specified by the second device. Send to the router for storage.
路由器接收并存储第二设备发送的临时密码的有效使用时长信息,以及接收并存储第二设备发送的临时密码对应的可连接设备的个数,基于此,判断当前是否存在临时密码可以包括:根据预先存储的临时密码的有效使用时长判断当前时间点是否存在有效的临时密码。The router receives and stores the valid usage duration information of the temporary password sent by the second device, and receives and stores the number of connectable devices corresponding to the temporary password sent by the second device. Based on this, determining whether the temporary password exists currently may include: The effective use duration of the pre-stored temporary password determines whether there is a valid temporary password at the current time point.
在步骤104,如果存在临时密码,则判断认证密码与临时密码是否一致,在认证密码与临时密码一致的情况下,确定第一设备认证通过,接收第一设备的连接请求,否则,拒绝第一设备的连接请求。In step 104, if there is a temporary password, it is determined whether the authentication password is consistent with the temporary password. If the authentication password is consistent with the temporary password, it is determined that the first device passes the authentication and receives the connection request of the first device. Otherwise, the first password is rejected. The connection request for the device.
在一实施例中,本实施例提供的方法还可以包括:在路由设备判断出认证密码与临时密码一致的情况下,判断使用临时密码与路由设备连接的设备的个数是否超过临时密码对应的可连接设备的个数;如果超过,则拒绝第一设备的连接请求,如果未超过,则确定第一设备认证通过,接收第一设备的连接请求。In an embodiment, the method provided in this embodiment may further include: determining, when the routing device determines that the authentication password is consistent with the temporary password, whether the number of devices connected to the routing device by using the temporary password exceeds the temporary password. The number of connectable devices; if it is exceeded, the connection request of the first device is rejected, and if not, it is determined that the first device passes the authentication and receives the connection request of the first device.
基于本公开实施例提供的方法,当有客人索要wifi密码时,可根据该发明提供的方案,告知客户临时密码,这样客户可以使用临时密码登陆路由设备,从而确保路由设备登陆密码的安全性。According to the method provided by the embodiment of the present disclosure, when a guest requests a wifi password, the client may be notified of the temporary password according to the solution provided by the invention, so that the client can use the temporary password to log in to the routing device, thereby ensuring the security of the routing device login password.
第二实施例Second embodiment
上述第一实施例通过几种优选的实施例方式来对本公开提供的认证方法进行了说明,本实施例则通过第一设备、第二设备在整个认证过程中与路由设备的信息交互的流程,来对本公开提供的认证方法进行说明:在对整个信息交互流程进行说明之前,首先对本实施例中所涉及到的第一设备、第二设备以及临时密码这三个概念进行简要说明。The above-mentioned first embodiment describes the authentication method provided by the present disclosure by using several preferred embodiments. In this embodiment, the flow of information exchanged with the routing device by the first device and the second device during the entire authentication process is performed. The following describes the authentication method provided by the present disclosure: Before describing the entire information interaction process, firstly, the three concepts of the first device, the second device, and the temporary password involved in this embodiment are briefly described.
将路由器与一设备进行绑定,该绑定设备通过原始密码(即上述登陆密码)与路由器进行连接,该绑定设备即为上述第二设备,该第二设备可以控制路由器通过临时密码与其它设备进行连接,通过临时密码与路由设备相连的设备即为第一设备,临时密码则具有时间和使 用次数的限制。The router is bound to a device, and the binding device is connected to the router by using the original password (that is, the login password), and the binding device is the second device, and the second device can control the router to pass the temporary password and other The device is connected. The device connected to the routing device through the temporary password is the first device, and the temporary password has time and The limit on the number of uses.
图2是实施例的认证方法的流程,如图2所示,该方法包括以下步骤。2 is a flow chart of an authentication method of an embodiment. As shown in FIG. 2, the method includes the following steps.
在步骤201,第二设备通过路由器的原始密码与路由器连接。In step 201, the second device is connected to the router through the original password of the router.
在步骤202,第二设备设定临时密码、临时密码的有效时间和允许使用该临时密码与路由器连接的设备数量N的信息,并将该信息发送至路由器。At step 202, the second device sets the temporary password, the effective time of the temporary password, and the information of the number N of devices that are allowed to connect to the router using the temporary password, and transmits the information to the router.
在步骤203,路由器端接收第一设备发送来的连接请求。In step 203, the router receives the connection request sent by the first device.
在步骤204,路由器判断连接请求中的认证密码与原始密码是否一致,如果一致,执行步骤205,如果否,执行步骤206。In step 204, the router determines whether the authentication password in the connection request is consistent with the original password. If yes, step 205 is performed, and if no, step 206 is performed.
在步骤205,路由器接受第一设备的连接请求。At step 205, the router accepts a connection request from the first device.
在步骤206,路由器根据预先存储的临时密码的有效时长,判断当前时刻是否存在临时密码,如果不存在,执行步骤207,如果存在,执行步骤208。In step 206, the router determines whether there is a temporary password at the current time according to the valid duration of the pre-stored temporary password. If not, step 207 is performed, and if yes, step 208 is performed.
在步骤207,路由器拒绝第一设备的连接请求。At step 207, the router rejects the connection request of the first device.
在步骤208,路由器判断请求中的认证密码与临时密码是否一致。At step 208, the router determines whether the authentication password in the request is consistent with the temporary password.
在步骤209,路由器判断使用临时密码连接的设备的数量是否超过阈值N,如果否,则执行步骤210。In step 209, the router determines whether the number of devices connected using the temporary password exceeds the threshold N. If not, step 210 is performed.
在步骤210,接受第一设备的连接请求,使用该临时密码连接的设备数加1。At step 210, the connection request of the first device is accepted, and the number of devices connected using the temporary password is incremented by one.
本实施例提供的方案,在路由器端设置临时登陆密码,使得具有临时登陆需求的终端设备可以通过临时登陆密码登陆路由器,在一定程度上确保了路由器登陆密码的安全性。In the solution provided by this embodiment, a temporary login password is set on the router end, so that the terminal device having the temporary login requirement can log in to the router through the temporary login password, and the security of the router login password is ensured to a certain extent.
第三实施例Third embodiment
本实施例提供了一种认证装置,图3是该装置的结构框图,如图3所示,该装置30包括如下组成部分。The embodiment provides an authentication device, and FIG. 3 is a structural block diagram of the device. As shown in FIG. 3, the device 30 includes the following components.
装置30包括第一接收模块31,设置为接收第一设备发送的连接请求。The device 30 includes a first receiving module 31 configured to receive a connection request sent by the first device.
在本实施例中,该第一设备可以是临时需要与路由设备建立连接的终端/移动终端,该第一设备在与路由设备建立连接之前,需要将携带有认证密码的连接请求发送至路由设备,以使路由设备根据认证密码对该第一设备进行鉴权。In this embodiment, the first device may be a terminal/mobile terminal that needs to establish a connection with the routing device, and the first device needs to send a connection request carrying the authentication password to the routing device before establishing a connection with the routing device. So that the routing device authenticates the first device according to the authentication password.
装置30还包括第一判断模块32,设置为判断连接请求中携带的认证密码是否与登陆密码一致。The device 30 further includes a first determining module 32 configured to determine whether the authentication password carried in the connection request is consistent with the login password.
在路由设备接收到来自第一设备的连接请求后,首先需要判断当前连接是否是正常连接,故,路由设备判断第一设备发送的连接请求中携带的认证密码与登陆密码是否一致,如果一致的情况下,说明当前第一设备发出的连接请求并非临时需求,则响应该连接请求,与第一设备建立连接。After the routing device receives the connection request from the first device, it is first determined whether the current connection is a normal connection. Therefore, the routing device determines whether the authentication password and the login password carried in the connection request sent by the first device are consistent. In the case that the connection request sent by the first device is not a temporary requirement, the connection with the first device is established in response to the connection request.
装置30还包括第二判断模块33,设置为在判断认证密码与登陆密码不一致的情况下,判断是否存在临时密码。The device 30 further includes a second determining module 33 configured to determine whether a temporary password exists if the authentication password is inconsistent with the login password.
装置30还包括第一连接模块34,设置为如果存在临时密码,则判断认证密码与临时密码是否一致,在认证密码与临时密码一致的情况下,确定第一设备认证通过,接收第一设备 的连接请求,否则,拒绝第一设备的连接请求。The device 30 further includes a first connection module 34, configured to determine whether the authentication password is consistent with the temporary password if the temporary password exists, and determine that the first device passes the authentication and receives the first device if the authentication password is consistent with the temporary password. The connection request, otherwise, rejects the connection request of the first device.
在一实施例中,上述装置30还可以包括第二接收模块,设置为在接收第一设备发送的连接请求之前,且在第二设备通过登陆密码与路由设备建立连接之后,接收并存储第二设备发送的临时密码。In an embodiment, the apparatus 30 may further include a second receiving module, configured to receive and store the second connection after receiving the connection request sent by the first device, and after the second device establishes the connection with the routing device by using the login password. The temporary password sent by the device.
在一实施例中,上述装置30还可以包括:第三接收模块,设置为在接收第一设备发送的连接请求之前,且在第二设备通过登陆密码与路由器建立连接之后,接收并存储第二设备发送的临时密码的有效使用时长信息,以及接收并存储第二设备发送的临时密码对应的可连接设备的个数。In an embodiment, the apparatus 30 may further include: a third receiving module, configured to receive and store the second connection after receiving the connection request sent by the first device, and after the second device establishes a connection with the router by using the login password The effective usage duration information of the temporary password sent by the device, and the number of connectable devices corresponding to the temporary password sent by the second device.
其中,上述第二判断模块设置为:根据预先存储的临时密码的有效使用时长判断当前时间点是否存在有效的临时密码。The second judging module is configured to: determine whether there is a valid temporary password at the current time point according to the effective use duration of the pre-stored temporary password.
在一实施例中,上述装置30还可以包括:第三判断模块,设置为在认证密码与临时密码一致的情况下,判断使用临时密码与路由设备连接的设备的个数是否超过临时密码对应的可连接设备的个数;以及第二连接模块,设置为如果使用临时密码与路由设备连接的设备的个数超过预设值,则拒绝第一设备的连接请求,如果未超过,则确定第一设备认证通过,接收第一设备的连接请求。In an embodiment, the device 30 may further include: a third determining module, configured to determine whether the number of devices connected to the routing device using the temporary password exceeds the temporary password if the authentication password is consistent with the temporary password The number of connectable devices; and the second connection module, configured to reject the connection request of the first device if the number of devices connected to the routing device using the temporary password exceeds a preset value, and if not, the first connection is determined The device is authenticated and receives a connection request from the first device.
本实施例提供的方案,在路由器端设置临时登陆密码,使得具有临时登陆需求的终端设备可以通过临时登陆密码登陆路由器,在一定程度上确保了路由器登陆密码的安全性。In the solution provided by this embodiment, a temporary login password is set on the router end, so that the terminal device having the temporary login requirement can log in to the router through the temporary login password, and the security of the router login password is ensured to a certain extent.
尽管为示例目的,已经公开了本公开的优选实施例,本领域的技术人员将意识到各种改进、增加和取代也是可能的,因此,本公开的范围应当不限于上述实施例。While the preferred embodiment of the present disclosure has been disclosed for purposes of illustration, those skilled in the art will recognize that various modifications, additions and substitutions are possible, and the scope of the present disclosure should not be limited to the embodiments described above.
工业实用性Industrial applicability
本公开适用于通讯领域,用以增强路由器登陆密码的安全性。 The present disclosure is applicable to the field of communications to enhance the security of router login passwords.

Claims (11)

  1. 一种认证方法,,包括:An authentication method, including:
    接收第一设备发送的连接请求;Receiving a connection request sent by the first device;
    判断所述连接请求中携带的认证密码是否与登陆密码一致;Determining whether the authentication password carried in the connection request is consistent with the login password;
    在判断所述认证密码与登陆密码不一致的情况下,判断是否存在临时密码;When it is determined that the authentication password is inconsistent with the login password, it is determined whether a temporary password exists;
    如果存在临时密码,则判断所述认证密码与所述临时密码是否一致,在所述认证密码与所述临时密码一致的情况下,确定所述第一设备认证通过,接收所述第一设备的连接请求,否则,拒绝所述第一设备的连接请求。If the temporary password is present, it is determined whether the authentication password is consistent with the temporary password, and if the authentication password is consistent with the temporary password, determining that the first device is authenticated and receiving the first device The connection request, otherwise, rejects the connection request of the first device.
  2. 根据权利要求1所述的方法,其中,所述方法还包括:The method of claim 1 wherein the method further comprises:
    在接收所述第一设备发送的连接请求之前,且在第二设备通过所述登陆密码与路由设备建立连接之后,接收并存储所述第二设备发送的临时密码。Before receiving the connection request sent by the first device, and after the second device establishes a connection with the routing device by using the login password, receiving and storing the temporary password sent by the second device.
  3. 根据权利要求1所述的方法,其中,所述方法还包括:The method of claim 1 wherein the method further comprises:
    在接收第一设备发送的连接请求之前,且在第二设备通过所述登陆密码与路由器建立连接之后,接收并存储所述第二设备发送的所述临时密码的有效使用时长信息,以及接收并存储所述第二设备发送的所述临时密码对应的可连接设备的个数。Before receiving the connection request sent by the first device, and after the second device establishes a connection with the router through the login password, receiving and storing the valid usage duration information of the temporary password sent by the second device, and receiving and And storing the number of connectable devices corresponding to the temporary password sent by the second device.
  4. 根据权利要求3所述的方法,其中,所述判断是否存在临时密码,包括:The method of claim 3, wherein the determining whether there is a temporary password comprises:
    根据预先存储的临时密码的有效使用时长信息判断当前时间点是否存在有效的临时密码。Judging whether there is a valid temporary password at the current time point according to the valid usage duration information of the pre-stored temporary password.
  5. 根据权利要求3所述的方法,其中,所述方法还包括:The method of claim 3, wherein the method further comprises:
    在所述认证密码与所述临时密码一致的情况下,判断使用所述临时密码与路由设备连接的设备的个数是否超过所述临时密码对应的可连接设备的个数;And determining, in the case that the authentication password is consistent with the temporary password, whether the number of devices connected to the routing device by using the temporary password exceeds the number of connectable devices corresponding to the temporary password;
    如果超过,则拒绝所述第一设备的连接请求,如果未超过,则确定所述第一设备认证通过,接收所述第一设备的连接请求。If yes, the connection request of the first device is rejected, and if not, it is determined that the first device is authenticated to pass, and the connection request of the first device is received.
  6. 一种认证装置,,包括:An authentication device, comprising:
    第一接收模块,设置为接收第一设备发送的连接请求;a first receiving module, configured to receive a connection request sent by the first device;
    第一判断模块,设置为判断所述连接请求中携带的认证密码是否与登陆密码一致;The first determining module is configured to determine whether the authentication password carried in the connection request is consistent with the login password;
    第二判断模块,设置为在判断所述认证密码与登陆密码不一致的情况下,判断是否存在临时密码;The second determining module is configured to determine whether a temporary password exists if the authentication password is inconsistent with the login password;
    第一连接模块,设置为如果存在临时密码,则判断所述认证密码与所述临时密码是否一致,在所述认证密码与所述临时密码一致的情况下,确定所述第一设备认证通过,接收所述第一设备的连接请求,否则,拒绝所述第一设备的连接请求。The first connection module is configured to determine, if the temporary password exists, whether the authentication password is consistent with the temporary password, and if the authentication password is consistent with the temporary password, determining that the first device is authenticated, Receiving a connection request of the first device, otherwise rejecting a connection request of the first device.
  7. 根据权利要求6所述的装置,其中,所述装置还包括:The apparatus of claim 6 wherein said apparatus further comprises:
    第二接收模块,设置为在接收所述第一设备发送的连接请求之前,且在第二设备通过所述登陆密码与路由设备建立连接之后,接收并存储所述第二设备发送的临时密码。The second receiving module is configured to receive and store the temporary password sent by the second device after receiving the connection request sent by the first device, and after the second device establishes a connection with the routing device by using the login password.
  8. 根据权利要求6所述的装置,其中,所述装置还包括: The apparatus of claim 6 wherein said apparatus further comprises:
    第三接收模块,设置为在接收第一设备发送的连接请求之前,且在第二设备通过所述登陆密码与路由器建立连接之后,接收并存储所述第二设备发送的所述临时密码的有效使用时长信息,以及接收并存储所述第二设备发送的所述临时密码对应的可连接设备的个数。The third receiving module is configured to receive and store the validity of the temporary password sent by the second device after receiving the connection request sent by the first device, and after the second device establishes a connection with the router by using the login password Using the duration information, and receiving and storing the number of connectable devices corresponding to the temporary password sent by the second device.
  9. 根据权利要求8所述的装置,其中,所述第二判断模块设置为:The apparatus of claim 8 wherein said second determining module is configured to:
    根据预先存储的临时密码的有效使用时长信息判断当前时间点是否存在有效的临时密码。Judging whether there is a valid temporary password at the current time point according to the valid usage duration information of the pre-stored temporary password.
  10. 根据权利要求8所述的装置,其中,所述装置还包括:The apparatus of claim 8 wherein said apparatus further comprises:
    第三判断模块,设置为在所述认证密码与所述临时密码一致的情况下,判断使用所述临时密码与路由设备连接的设备的个数是否超过所述临时密码对应的可连接设备的个数;The third determining module is configured to determine, if the authentication password is consistent with the temporary password, whether the number of devices connected to the routing device by using the temporary password exceeds the number of connectable devices corresponding to the temporary password number;
    第二连接模块,设置为如果超过,则拒绝所述第一设备的连接请求,如果未超过,则确定所述第一设备认证通过,接收所述第一设备的连接请求。The second connection module is configured to reject the connection request of the first device if it is exceeded, and if not, determine that the first device passes the authentication and receives the connection request of the first device.
  11. 一种计算机存储介质,所述计算机存储介质存储有执行指令,所述执行指令设置为执行权利要求1至5中任一项所述的方法。 A computer storage medium storing execution instructions, the execution instructions being arranged to perform the method of any one of claims 1 to 5.
PCT/CN2017/112248 2016-12-06 2017-11-22 Authentication method and authentication device WO2018103527A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201611110113.2A CN108616885A (en) 2016-12-06 2016-12-06 a kind of authentication method and device
CN201611110113.2 2016-12-06

Publications (1)

Publication Number Publication Date
WO2018103527A1 true WO2018103527A1 (en) 2018-06-14

Family

ID=62491484

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/112248 WO2018103527A1 (en) 2016-12-06 2017-11-22 Authentication method and authentication device

Country Status (2)

Country Link
CN (1) CN108616885A (en)
WO (1) WO2018103527A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112351424A (en) * 2020-07-28 2021-02-09 深圳Tcl新技术有限公司 Wireless networking management method, system, device and computer readable storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101369893A (en) * 2008-10-06 2009-02-18 中国移动通信集团设计院有限公司 Method for local area network access authentication of casual user
CN105357740A (en) * 2015-09-23 2016-02-24 惠州Tcl移动通信有限公司 Wireless network access method and wireless access node
CN105530224A (en) * 2014-09-30 2016-04-27 中国电信股份有限公司 Method and device for terminal authentication
CN105847058A (en) * 2016-03-31 2016-08-10 乐视控股(北京)有限公司 Wireless password setting method and device

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101369893A (en) * 2008-10-06 2009-02-18 中国移动通信集团设计院有限公司 Method for local area network access authentication of casual user
CN105530224A (en) * 2014-09-30 2016-04-27 中国电信股份有限公司 Method and device for terminal authentication
CN105357740A (en) * 2015-09-23 2016-02-24 惠州Tcl移动通信有限公司 Wireless network access method and wireless access node
CN105847058A (en) * 2016-03-31 2016-08-10 乐视控股(北京)有限公司 Wireless password setting method and device

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112351424A (en) * 2020-07-28 2021-02-09 深圳Tcl新技术有限公司 Wireless networking management method, system, device and computer readable storage medium
CN112351424B (en) * 2020-07-28 2024-03-12 深圳Tcl新技术有限公司 Wireless networking management method, system, device and computer readable storage medium

Also Published As

Publication number Publication date
CN108616885A (en) 2018-10-02

Similar Documents

Publication Publication Date Title
US10356588B2 (en) Network access method, device, and system
US9426132B1 (en) Methods and apparatus for rules-based multi-factor verification
US9462003B2 (en) Bidirectional authorization system, client and method
JP5714768B2 (en) Connection of mobile devices, internet connection means and cloud services
CN106656952B (en) Authentication method, device and system for login equipment
CN105162777B (en) A kind of wireless network login method and device
CN106161385B (en) Remote control method and device for equipment
CN107086979B (en) User terminal verification login method and device
WO2016078419A1 (en) Open authorization method, device and open platform
CN104158808A (en) Portal authentication method based on APP application and device
CN105656850B (en) Data processing method, related device and system
CN105721468B (en) Communication method and device
JP2007310512A (en) Communication system, service providing server, and user authentication server
WO2015027776A1 (en) Method and apparatus for adding friends
TWI680687B (en) Communication method and device
US8108904B1 (en) Selective persistent storage of controller information
WO2016155220A1 (en) Single sign-on method, system and terminal
CN107888592A (en) A kind of VPN login authentication methods and device
WO2017088548A1 (en) Communication method based on social identity, and server
CN105991640B (en) Handle the method and device of HTTP request
CN109561413B (en) Bluetooth authentication and authorization method and system of BLE equipment
US20150358575A1 (en) Wireless camera, wireless network video recorder (nvr), and method for registering wireless camera with wireless nvr
CN107493293A (en) A kind of method of sip terminal access authentication
WO2018099407A1 (en) Account authentication login method and device
CN110730446A (en) Login method, terminal and computer storage medium

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17879272

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17879272

Country of ref document: EP

Kind code of ref document: A1