WO2020151319A1 - Procédé et dispositif de vérification de mot de passe, appareil informatique et support de stockage - Google Patents

Procédé et dispositif de vérification de mot de passe, appareil informatique et support de stockage Download PDF

Info

Publication number
WO2020151319A1
WO2020151319A1 PCT/CN2019/117701 CN2019117701W WO2020151319A1 WO 2020151319 A1 WO2020151319 A1 WO 2020151319A1 CN 2019117701 W CN2019117701 W CN 2019117701W WO 2020151319 A1 WO2020151319 A1 WO 2020151319A1
Authority
WO
WIPO (PCT)
Prior art keywords
regular expression
verification
target
identification information
type identification
Prior art date
Application number
PCT/CN2019/117701
Other languages
English (en)
Chinese (zh)
Inventor
王建华
何四燕
赵鑫
Original Assignee
平安科技(深圳)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 平安科技(深圳)有限公司 filed Critical 平安科技(深圳)有限公司
Publication of WO2020151319A1 publication Critical patent/WO2020151319A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • G06F16/2455Query execution
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords

Definitions

  • This application relates to the field of artificial intelligence technology, in particular to a password verification method, device, computer equipment and storage medium
  • the embodiments of the present application provide a password verification method, device, computer equipment, and storage medium, to solve the problem that the front-end and back-end password verification results are different due to the difference between the front-end developers and the back-end developers in writing regular expressions.
  • the same problem affects the accuracy of password verification and the efficiency of the system.
  • a password verification method including:
  • the verification condition includes type identification information and parameter information
  • the regular expression is obtained by matching the type identification information with the description information in the regular database;
  • a password verification device includes:
  • the verification acquisition module is configured to acquire verification conditions input by the user, where the verification conditions include type identification information and parameter information;
  • the first matching module is used to obtain a regular expression by matching the type identification information with the description information in the regular database;
  • the first generating module is configured to generate a target regular expression corresponding to the verification condition according to the regular expression in combination with the parameter information;
  • the password acquisition module is used to acquire the login password entered by the user
  • the verification module is used to verify the login password by using the target regular expression to obtain a verification result.
  • a computer device including a memory, a processor, and computer readable instructions stored in the memory and capable of running on the processor, and the processor implements the above password verification method when the processor executes the computer readable instructions A step of.
  • a non-volatile computer-readable storage medium stores computer-readable instructions, and when the computer-readable instructions are executed by a processor, the password verification method is implemented step.
  • Figure 1 is a flowchart of a password verification method provided by an embodiment of the present application
  • step S2 is a flowchart of step S2 in the password verification method provided by the embodiment of the present application.
  • step S22 is a flowchart of step S22 in the password verification method provided by the embodiment of the present application.
  • FIG. 5 is a flowchart of processing different verification results in the password verification method provided by an embodiment of the present application.
  • step S72 is a flowchart of step S72 in the password verification method provided by the embodiment of the present application.
  • FIG. 7 is a flowchart of processing different current user states in the password verification method provided by the embodiment of the present application when the verification result is approved;
  • Figure 8 is a schematic diagram of a password verification device provided by an embodiment of the present application.
  • Fig. 9 is a basic structural block diagram of a computer device provided by an embodiment of the present application.
  • a password verification method is provided, which includes the following steps:
  • S1 Obtain verification conditions input by the user, where the verification conditions include type identification information and parameter information.
  • the verification condition when the user enters the verification condition on the client, the verification condition will be automatically saved in the preset record table.
  • the verification condition will be directly acquired, and the verification condition in the preset record table will be deleted after acquisition.
  • the client pre-sets the verification conditions for the user to choose, and the user selects the relevant verification conditions according to actual needs.
  • the preset record table is specifically used to store the verification conditions entered by the user, and it also records the type identification information and corresponding parameter information generated for the verification conditions according to the actual needs of the user. For example, if the verification condition entered by the user is "Include characters and length limit 8-16 bits", the corresponding type identification information "Can contain characters and length limit” will be generated for the verification conditions according to the actual needs of the user, and the corresponding parameters will be generated The message is "The maximum length is 16 and the minimum length is 8.”
  • S2 The regular expression is obtained by matching the type identification information with the description information in the regular database.
  • the regular database refers to a database dedicated to storing regular expressions, and different regular expressions are pre-stored in the regular database, and each regular expression has its corresponding description information, description information There is a mapping relationship with regular expressions. Obtain the type identification information corresponding to the verification condition according to step S1, and match the type identification information with the description information in the regular database. If the type identification information is the same as the description information, obtain the regular expression that has a mapping relationship with the description information formula.
  • Regular expressions are used to process strings. Some specific characters can be used to describe the rules of characters in the string, so as to match, extract or replace strings that meet a certain rule, and can also be used to find, delete and replace characters
  • the search speed is fast and accurate.
  • the description information in the regular database is "can contain characters and length limitation”
  • the regular expression corresponding to the description information is: "/ ⁇ [ ⁇ da-z ⁇ x21- ⁇ x2F ⁇ x3A- ⁇ x40 ⁇ x5B- ⁇ x60 ⁇ x7B- ⁇ x7E] ⁇ m,n ⁇ $/i”.
  • the symbol represents the beginning part of the match " ⁇ "
  • the symbol "$" matches the end part to ensure that there can be no other characters after it
  • " ⁇ d” means that it can contain numbers
  • "az” means that it can contain letters
  • " ⁇ x21- ⁇ "x2F ⁇ x3A- ⁇ x40 ⁇ x5B- ⁇ x60 ⁇ x7B- ⁇ x7E” can contain special characters
  • "m” represents the minimum length
  • "n” represents the maximum length.
  • the type identification information is "can contain characters and length limitation”
  • the type identification information is matched with the description information in the regular database, and the type identification information is the same as the description information, then the regular expression in the regular database is obtained: "/ ⁇ [ ⁇ da-z ⁇ x21- ⁇ x2F ⁇ x3A- ⁇ x40 ⁇ x5B- ⁇ x60 ⁇ x7B- ⁇ x7E] ⁇ m,n ⁇ $/i".
  • the target regular expression corresponding to the verification condition is generated in combination with the parameter information.
  • the parameter information corresponding to the verification condition obtained in step S1 are imported into a preset conversion library for conversion processing, and the target regular expression corresponding to the verification condition is generated after the conversion processing .
  • the preset conversion library refers to a database specially used for combining parameter information with regular expressions to generate new regular expressions.
  • the obtained regular expression is "/ ⁇ [ ⁇ da-z ⁇ x21- ⁇ x2F ⁇ x3A- ⁇ x40 ⁇ x5B- ⁇ x60 ⁇ x7B- ⁇ x7E] ⁇ m,n ⁇ $/i"
  • N represents the maximum length
  • m represents the minimum length
  • the parameter information corresponding to the verification condition is "the maximum length is 16 and the minimum length is 8"
  • the maximum length of 16 in the parameter information corresponds to the " n”
  • the minimum length of 8 corresponds to the "m” in the regular expression, that is, n will take 16, and m will take 8.
  • the target regular expression is "/ ⁇ [ ⁇ da-z ⁇ x21- ⁇ x2F ⁇ x3A- ⁇ x40 ⁇ x5B- ⁇ x60 ⁇ x7B- ⁇ x7E] ⁇ 8,16 ⁇ $/i".
  • the client by detecting the user login status of the client, when the user clicks on the account login on the client, the client will generate a login instruction and obtain the user's login account and password from the preset database, and The login password is output to the preset password table.
  • the user's login account and login password are both in the form of character strings.
  • the preset database refers to a login account and a login password specially used for real-time recording of user input.
  • the preset password table is specifically used to store the login password entered by the user.
  • the target regular expression is used to verify the login password. If the login password meets the rule represented by the target regular expression, the verification result that the verification is successful is output. If the verified login password does not meet the rules represented by the target regular expression, the verification result that the verification failed is output.
  • the target regular expression is "/ ⁇ [ ⁇ w] ⁇ 8,16 ⁇ $/i", which represents a rule that can contain letters, numbers, underscores, and the character length is 8-16 digits.
  • the password table is preset
  • the login password in is "hello12345”, which is verified by directly using the target regular expression "/ ⁇ [ ⁇ w] ⁇ 8,16 ⁇ $/i”. Since the login password satisfies the rule represented by the regular expression, it means The login password is legal, and the verification result of successful verification is output.
  • the regular expression is obtained by matching the type identification information corresponding to the verification condition with the description information, the target regular expression is generated in combination with the parameter information corresponding to the verification condition, and the login password is verified using the target regular expression.
  • Obtain the verification results so as to automatically generate corresponding regular expressions according to the verification conditions selected by the user, avoiding the front-end and back-end generating different regular expressions due to the different writing methods of front-end developers and back-end developers.
  • different verification results appear, which effectively improves the accuracy of password verification and the efficiency of the system.
  • step S2 by matching the type identification information with the description information in the regular database, obtaining the regular expression includes the following steps:
  • the type identification information corresponding to the verification condition is acquired according to step S1, and the type identification information is matched with the description information in the regular database.
  • the matching is successful, and a regular expression that has a mapping relationship with the description information is obtained.
  • step S1 the type identification information corresponding to the verification condition is obtained, and the type identification information is matched with the description information in the regular database. If the type identification information is not the same as the description information, it indicates that the matching fails, and the mechanical word segmentation method is used Perform word segmentation processing on the type identification information, and obtain the target word segmentation after word segmentation processing.
  • Mechanical word segmentation methods mainly include four methods: forward maximum matching, forward minimum matching, reverse maximum matching, and reverse minimum matching.
  • this proposal adopts the forward maximum matching algorithm.
  • the description information "bac” exists in the regular database. If the type identification information corresponding to the verification condition is "bca”, the type identification information is matched with the description information in the regular database, because the type identification information "bca” and the description information If the "bac” is not the same, it means that the matching fails, and the mechanical word segmentation method is used to segment the type identification information.
  • the description information that is the same as the target word segmentation is queried from the regular database.
  • the description information is obtained.
  • There is a regular expression of the mapping relationship between the information, and the regular expression is determined as the initial regular expression.
  • the description information corresponding to all target word segmentation is pre-stored in the regular database, and the regular expression corresponding to the target word segmentation of a single character is empty.
  • the description information "ABC” exists in the regular database, and the corresponding regular expression is "/ ⁇ [ ⁇ w] ⁇ 5,10 ⁇ $/i", for the target participle "ABC”, Query the same description information as the target participle "ABC” from the regular database, and get the regular expression as "/ ⁇ [ ⁇ w] ⁇ 5,10 ⁇ $/i", and determine the regular expression as the initial regular expression formula.
  • step S24 all the initial regular expressions obtained in step S24 are imported into the preset combination library for synthesis processing, and the synthesized regular expression after the synthesis processing is obtained, and the synthesized regular expression is the regular expression. , And save the synthesized synthesis processing state to the preset record table.
  • the preset synthesis rule refers to a legal writing rule that is expressed using regular expressions set according to the actual needs of the user.
  • the preset combination library refers to a database specially used for synthesizing initial regular expressions.
  • the preset record table refers to a data table specially used to record the synthesis processing state, where the synthesis processing state includes synthesized and unsynthesized. If the synthesis regular expression is produced, the synthesis processing state is synthesized, otherwise it is not synthesized.
  • the description information in the regular database is "Contains only numbers”, and its corresponding regular expression is: “ ⁇ [0-9]+$”, the description information is "Contains only letters”, and its corresponding regular expression
  • the expression is: “ ⁇ [A-Za-z]+$”, if the target participle is "only numbers” and “only letters”, then the regular expressions " ⁇ [0-9]+$” and " ⁇ [A-Za-z]+$” is imported into the preset combination library for synthesis processing, and the regular expression generated according to the preset synthesis rules is: " ⁇ [A-Za-z0-9]+$".
  • the type identification information is matched with the description information. If the matching is successful, the regular expression corresponding to the description information is obtained. If the matching fails, the type identification information is segmented to obtain the target word segmentation, and then the corresponding word segmentation is searched according to the target word segmentation. The initial regular expression, and finally the initial regular expression is synthesized to obtain a new regular expression, so as to realize the automatic generation of the regular expression, and can analyze the type identification information when the corresponding regular expression is not matched , And synthesize the corresponding regular expressions according to the analysis results, avoid manual intervention to write regular expressions, ensure that the front-end and back-end generate regular expressions of the same rule, and further ensure the accuracy of password verification.
  • step S22 that is, if the matching fails, performing word segmentation processing on the type identification information, and obtaining the target word segmentation includes:
  • the string index value refers to the position specifically used to locate the character to start scanning. If the character string index value is 0, it means that the first character is the position to start scanning the character.
  • the maximum length value is the maximum range specifically used for scanning characters. If the maximum length value is 2, it means scanning at most 2 characters, and if the maximum length value is 3, it means scanning at most 3 characters.
  • the type identification information will be scanned from left to right according to the preset string index value and maximum length value.
  • the character with the maximum length value is scanned, it will start scanning from The character up to the maximum length value is identified as the target character, and the target character is extracted.
  • the type identification information is "including numbers and letters”
  • the maximum length value is 4
  • the initial value of the string index is 0, and the type identification information is scanned from left to right, that is, the character scanned to the maximum length value is " Contains number”
  • the maximum length value character "including number” is identified as the target character, and the target character is extracted.
  • the preset string index value can be 0, the preset maximum length value can be 2, and the specific value range can be set according to the actual needs of the user, and there is no limitation here.
  • a legal character that is the same as the target character is queried from a preset dictionary library.
  • the preset dictionary database refers to a database specially used for storing legal characters set by the user.
  • the target character is determined as the target word segmentation, and the string index value is updated to the current string index value plus the current maximum length value, based on the updated string index value and maximum length value, from The target characters are extracted from the type identification information for query until the word segmentation operation of the type identification information is completed.
  • the query finds that the target character is the same as the legal character in the preset dictionary library, the query is successful, the target character is determined as the target word segmentation, and the string index value is updated to the string index in the current step S221 The value plus the maximum length value in the current step S221, and based on the updated string index value and maximum length value, extract the target character from the type identification information for query until the word segmentation operation on the type identification information is completed.
  • step S221 if the target character "contains a number" matches the character in the preset dictionary library, the target character "contains a number” is confirmed as the target segmentation, and the string index value Update to the current string index value 0 plus the current maximum length value 4, that is, the string index value will be updated to 4, and based on the updated string index value and maximum length value, the target character is extracted from the type identification information for query , That is, for the type identification information "including numbers and letters", scan from the "and” character until the word segmentation operation for the type identification information is completed.
  • a valid character that is the same as the target character is queried from the preset dictionary library.
  • the query fails.
  • the maximum length value is updated to the maximum length value in the current step S221 minus 1, and based on the updated string index value and maximum length value, the target character is extracted from the type identification information for query until the completion of the type identification information Until the word segmentation operation.
  • the maximum length value is updated to the current maximum length value 4 minus 1, which is the maximum The length value is updated to 3, and based on the updated string index value and maximum length value, the target character is extracted from the type identification information for query until the word segmentation operation of the type identification information is completed.
  • the type identification information is segmented by the preset string index value and maximum length value, and the target segmentation is obtained by matching the string index value and maximum length value with legal characters.
  • the target segmentation is obtained by matching the string index value and maximum length value with legal characters.
  • the password verification method further includes the following steps:
  • step S24 by detecting the synthesis processing state in the preset record table in step S24, when it is detected that the synthesis processing state is synthesized, the same description information as the type identification information is generated.
  • the synthesized regular expression is: " ⁇ [A-Za-z0-9]+$"
  • the type identification information is " Contains numbers and letters”
  • the generated description information is also "contains numbers and letters”.
  • the mapping relationship between the description information and the regular expression synthesized in step S25 is established in the regular database, that is, after the mapping relationship is established, the regular database can be queried The regular expression corresponding to the description information.
  • the mapping relationship between the regular expression " ⁇ [A-Za-z0-9]+$" and the description information "including numbers and letters” is established, and the mapping relationship is added
  • the description information in the regular database is "including numbers and letters”
  • the corresponding regular expression is " ⁇ [A-Za-z0-9]+$".
  • the corresponding description information is generated according to the synthesized regular expression, and then the mapping relationship between the description information and the regular expression is established and added to the regular database, thereby realizing continuous improvement in the regular database. Expand the range of matching regular expressions in the regular database, and further improve the success rate of matching and the accuracy of password verification.
  • the password verification method further includes the following steps:
  • the verification result is sent to the target user in a preset manner, prompting the target user to input illegal characters in the login password.
  • the preset method may be directly in Message prompts on the client login page can also be set according to the actual needs of the user.
  • the number of failed verification failures is recorded, and the number of failures is saved in the preset log table, and the number of failures in the preset log table is obtained in real time, and the obtained number of failures is compared with the preset threshold. For comparison, if the number of failures is equal to the preset threshold, the login account corresponding to the current login password will be frozen according to the preset time, that is, the login account cannot be logged in within the preset time, and the account information will be frozen.
  • the form of short message is sent to the mobile phone number of the short message receiver preset by the login account; if the number of failures is less than the preset threshold, no processing is performed, that is, the login account is allowed to continue logging in.
  • the preset log table is specifically used to record the number of failed verifications.
  • the preset threshold may be 10 specifically, or it may be set according to the actual needs of the user, and there is no limitation here.
  • the number of failures in the preset log table will be reset to zero after the preset time when the login account is not frozen, that is, the number of failures will be refreshed to 0 after the preset time.
  • the verification result is a successful verification
  • the user password of the login account corresponding to the login password is queried from the preset user library, and the login password is verified by using the user password to obtain the audit result.
  • the preset user database refers to a database specifically used to store user accounts and user passwords.
  • the verification fails, the result of the failure is fed back to the target user, and if the verification succeeds, the login password is verified, so that the login password can be further verified under the premise of ensuring the accuracy of the password verification and avoid Password verification is not allowed to increase the workload of password review, thereby improving the efficiency of the system and the success rate of password review.
  • step S72 that is, if the verification result is successful, the user identity verification is performed on the login password, and the verification result obtained includes:
  • the login account corresponding to the current login password is queried from the preset database, and the queried login account is obtained.
  • S722 Query the legal account that is the same as the login account from the preset user database, where the preset user database includes the legal account and the legal password corresponding to the legal account.
  • the user account that is the same as the login account is queried from the preset user database, where the user account is a legal account, and the user password corresponding to the user account is a legal The legal password corresponding to the account.
  • S723 Obtain the corresponding legal password based on the found legal account, and use the legal password to verify the login password to obtain the audit result.
  • a legal account that is the same as the login account is queried from the preset user database in step S722, it means that the query is successful, the legal password corresponding to the legal account is obtained, and the legal password is matched with the login password.
  • the legal password is the same as the login password, it means the matching is successful and the audit result of the user identity audit is output; when the legal password is not the same as the login password, it means the matching failed and the user identity audit failed the audit result is output.
  • the legal account in the preset user database is "hello", and the legal password corresponding to the legal account is "123456".
  • the login account is "hello”
  • the login password corresponding to the login account is "123456”.
  • the login password is matched with the legal password "123456”. Since the login password is the same as the legal password, the match is successful, and the user is output
  • the audit result of the identity audit passed; if the login password corresponding to the login account is "654321”, the login password "654321” will be matched with the legal password "123456". Since the login password is not the same as the legal password, it means the match failed, and the user is output The result of the audit that failed the identity audit.
  • step S722 if the legal account that is the same as the login account is not queried from the preset user database in step S722, it means that the login account has not been registered, the legitimate account cannot be queried, and the audit result of the failed audit is output to On the user login interface, the user is prompted to re-enter the correct login account.
  • the legal account existing in the preset user library is "123”
  • the login account is "456”
  • the login account "456” is different from the legal account "123” in the preset user library, it means that from the default user The database did not find the same legal account as the login account.
  • the corresponding login account is obtained according to the login password
  • the legal password corresponding to the legal account is obtained by querying the legal account that is the same as the login account
  • the legal password is used to verify the login password.
  • Audit to obtain the audit result so as to realize further identity audit of the login password after the login password verification is successful, improve the legitimacy of the login password audit, and further improve the accuracy of the password verification.
  • the password verification method further includes the following steps:
  • the audited login account is matched with the legal account in the preset status information table to obtain the current user status corresponding to the legal account.
  • the preset status information table is specifically used to record the legal account and the current user status corresponding to the legal account.
  • the current user status corresponding to the legal account is queried from the preset status information table. If the current user status is queried as online, the login account that is the same as the legal account is prohibited Log in.
  • the current user status corresponding to the legal account is queried from the preset status information table. If the current user status is queried as offline, the login account that is the same as the legal account is allowed to perform Log in.
  • the current user status of the login account is detected, and the result of prohibiting or allowing the login account to log in is executed according to the current user status, so as to achieve the premise that the password verification is accurate
  • the login authority of the login account can be restricted according to the user's execution status to ensure the uniqueness of online users.
  • a password verification device is provided, and the password verification device corresponds to the password verification method in the above-mentioned embodiment one-to-one.
  • the password verification device includes a verification acquisition module 81, a first matching module 82, a first generation module 83, a password acquisition module 84 and a verification module 85.
  • the detailed description of each functional module is as follows:
  • the verification acquisition module 81 is configured to acquire the verification conditions input by the user, where the verification conditions include type identification information and parameter information;
  • the first matching module 82 is configured to obtain a regular expression by matching the type identification information with the description information in the regular database;
  • the first generating module 83 is configured to generate a target regular expression corresponding to the verification condition according to the regular expression and the parameter information;
  • the password obtaining module 84 is used to obtain the login password entered by the user;
  • the verification module 85 is used to verify the login password by using the target regular expression to obtain the verification result.
  • the first matching module 82 includes:
  • the second matching submodule is used to match the type identification information with the description information in the regular database
  • the second matching success sub-module is used to obtain the regular expression corresponding to the description information if the matching is successful;
  • the second matching failure sub-module is used to perform word segmentation processing on the type identification information if the matching fails to obtain the target word segmentation;
  • the initial regular acquisition sub-module is used to obtain the initial regular expression corresponding to each target segmentation from the regular database based on the target segmentation;
  • the synthesis sub-module is used to synthesize the initial regular expression corresponding to each target word segmentation according to the preset synthesis rule to obtain the regular expression.
  • the second matching failure submodule includes:
  • the extraction unit is configured to extract the target character from the type identification information according to the preset maximum length value of the string index value if the matching fails;
  • the query unit is used to query the legal characters that are the same as the target character from the preset dictionary library;
  • the query success unit is used to determine the target character as the target word segmentation if the query is successful, and update the string index value to the current string index value plus the current maximum length value, based on the updated string index value and maximum Length value, extract the target character from the type identification information for query until the word segmentation operation of the type identification information is completed;
  • the query failure unit is used to decrement the maximum length value if the query fails, and based on the updated string index value and maximum length value, extract the target character from the type identification information for query until the word segmentation of the type identification information is completed Operation so far.
  • the password verification device further includes:
  • the second generation module is used to generate description information that is the same as the type identification information when the synthesized regular expression is detected;
  • the establishment module is used to establish the mapping relationship between the description information and the regular expression in the regular database.
  • the password verification device further includes:
  • the verification failure module is used to send the verification result to the target user if the verification result is a verification failure
  • the verification success module is used to perform user identity verification on the login password if the verification result is successful, and obtain the verification result.
  • the successful verification module includes:
  • the login account acquisition submodule is used to obtain the login account corresponding to the login password from the preset database if the verification result is successful;
  • the legal account acquisition submodule is used to query the legal account that is the same as the login account from the preset user database, where the preset user database includes the legal account and the legal password corresponding to the legal account;
  • the audit sub-module is used to obtain the corresponding legal password based on the queried legal account, and use the legal password to audit the login password to obtain the audit result.
  • the password verification device further includes:
  • the audit passed module is used to detect the current user status of the login account if the audit result is passed, where the current user status includes online status and offline status;
  • the prohibition module is used to prohibit the login account from logging in when it is detected that the current user status is online;
  • the permission module is used to allow the login account to log in when it is detected that the current user status is offline.
  • FIG. 9 is a block diagram of the basic structure of the computer device 90 in an embodiment of this application.
  • the computer device 90 includes a memory 91, a processor 92, and a network interface 93 that are communicatively connected to each other through a system bus. It should be pointed out that FIG. 9 only shows a computer device 90 with components 91-93, but it should be understood that it is not required to implement all of the illustrated components, and more or fewer components may be implemented instead. Among them, those skilled in the art can understand that the computer device here is a device that can automatically perform numerical calculation and/or information processing in accordance with pre-set or stored instructions.
  • Its hardware includes, but is not limited to, a microprocessor, a dedicated Integrated Circuit (Application Specific Integrated Circuit, ASIC), Programmable Gate Array (Field-Programmable Gate Array, FPGA), Digital Processor (Digital Signal Processor, DSP), embedded equipment, etc.
  • ASIC Application Specific Integrated Circuit
  • ASIC Application Specific Integrated Circuit
  • FPGA Field-Programmable Gate Array
  • DSP Digital Processor
  • the computer device may be a computing device such as a desktop computer, a notebook, a palmtop computer, and a cloud server.
  • the computer device can interact with the user through a keyboard, a mouse, a remote control, a touch panel, or a voice control device.
  • the memory 91 includes at least one type of readable storage medium.
  • the readable storage medium includes flash memory, hard disk, multimedia card, card-type memory (for example, SD or DX memory, etc.), random access memory (RAM), static memory Random access memory (SRAM), read only memory (ROM), electrically erasable programmable read only memory (EEPROM), programmable read only memory (PROM), magnetic memory, magnetic disks, optical disks, etc.
  • the memory 91 may be an internal storage unit of the computer device 90, such as a hard disk or memory of the computer device 90.
  • the memory 91 may also be an external storage device of the computer device 90, such as a plug-in hard disk equipped on the computer device 90, a smart memory card (Smart Media Card, SMC), and a secure digital (Secure Digital, SD) card, flash card (Flash Card), etc.
  • the memory 91 may also include both an internal storage unit of the computer device 90 and an external storage device thereof.
  • the memory 91 is generally used to store an operating system and various application software installed in the computer device 90, such as computer-readable instructions of the password verification method.
  • the memory 91 can also be used to temporarily store various types of data that have been output or will be output.
  • the processor 92 may be a central processing unit (Central Processing Unit, CPU), a controller, a microcontroller, a microprocessor, or other data processing chips.
  • the processor 92 is generally used to control the overall operation of the computer device 90.
  • the processor 92 is configured to execute computer-readable instructions or process data stored in the memory 91, for example, computer-readable instructions for executing the password verification method.
  • the network interface 93 may include a wireless network interface or a wired network interface, and the network interface 93 is generally used to establish a communication connection between the computer device 90 and other electronic devices.
  • This application also provides another implementation manner, that is, to provide a non-volatile computer-readable storage medium, the non-volatile computer-readable storage medium stores a password information entry process, and the password information entry
  • the process may be executed by at least one processor, so that the at least one processor executes the steps of any one of the aforementioned cryptographic verification methods.
  • the technical solution of this application essentially or the part that contributes to the existing technology can be embodied in the form of a software product, and the computer software product is stored in a storage medium (such as ROM/RAM, magnetic disk, The optical disc) includes several instructions to enable a computer device (which may be a mobile phone, a computer, a server, an air conditioner, or a network device, etc.) to execute the method described in each embodiment of the present application.
  • a computer device which may be a mobile phone, a computer, a server, an air conditioner, or a network device, etc.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Computational Linguistics (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Document Processing Apparatus (AREA)

Abstract

La présente invention concerne un procédé et un dispositif de vérification de mot de passe, un appareil informatique et un support de stockage. Le procédé de vérification de mot de passe comprend les étapes consistant à : acquérir une condition de vérification entrée par un utilisateur, la condition de vérification comprenant des informations d'identifiant de type et des informations de paramètre (S1) ; acquérir une expression régulière par mise en correspondance des informations d'identifiant de type avec des informations de description dans une base de données d'expressions régulières (S2) ; générer, selon l'expression régulière en combinaison avec les informations de paramètre, une expression régulière cible correspondant à l'état de vérification (S3) ; acquérir un mot de passe d'ouverture de session entré par l'utilisateur (S4) ; et vérifier le mot de passe d'ouverture de session en utilisant l'expression régulière cible de façon à acquérir un résultat de vérification (S5). Dans le procédé, une expression régulière correspondante est automatiquement générée selon une condition de vérification sélectionnée par un utilisateur, ce qui permet d'éviter la génération d'expressions régulières différentes en raison d'une intervention manuelle, et d'améliorer efficacement la précision de vérification de mot de passe et l'efficacité de fonctionnement d'un système.
PCT/CN2019/117701 2019-01-24 2019-11-12 Procédé et dispositif de vérification de mot de passe, appareil informatique et support de stockage WO2020151319A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201910070228.0A CN109933973B (zh) 2019-01-24 2019-01-24 密码校验方法、装置、计算机设备及存储介质
CN201910070228.0 2019-01-24

Publications (1)

Publication Number Publication Date
WO2020151319A1 true WO2020151319A1 (fr) 2020-07-30

Family

ID=66985213

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/117701 WO2020151319A1 (fr) 2019-01-24 2019-11-12 Procédé et dispositif de vérification de mot de passe, appareil informatique et support de stockage

Country Status (2)

Country Link
CN (1) CN109933973B (fr)
WO (1) WO2020151319A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114372247A (zh) * 2022-01-17 2022-04-19 瀚云科技有限公司 一种报表的查看方法、装置、电子设备及可读存储介质
CN117714213A (zh) * 2024-02-05 2024-03-15 云上(江西)密码服务科技有限公司 基于商用密码评测要求的证据链自动校验方法及系统

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109933973B (zh) * 2019-01-24 2024-01-19 平安科技(深圳)有限公司 密码校验方法、装置、计算机设备及存储介质
CN110458184B (zh) * 2019-06-26 2023-06-30 平安科技(深圳)有限公司 光学字符识别辅助方法、装置、计算机设备及存储介质
CN111949836A (zh) * 2020-07-31 2020-11-17 上海中通吉网络技术有限公司 正则表达式的应用方法及系统
CN112686019A (zh) * 2020-12-25 2021-04-20 深圳市元征科技股份有限公司 车辆传感器数据解析方法、设备及存储介质
US20220407877A1 (en) * 2021-06-21 2022-12-22 International Business Machines Corporation Detecting data leakage
CN114244519B (zh) * 2021-11-19 2023-05-23 建信金融科技有限责任公司 密码的校验方法、装置、计算机设备和存储介质

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150067836A1 (en) * 2013-08-30 2015-03-05 Cavium, Inc. System and Method to Traverse a Non-Deterministic Finite Automata (NFA) Graph Generated for Regular Expression Patterns with Advanced Features
CN105187632A (zh) * 2015-08-06 2015-12-23 北京金山安全软件有限公司 一种手机号码的确定方法及装置
CN107423056A (zh) * 2017-06-30 2017-12-01 北京五八信息技术有限公司 输入内容验证方法及装置
CN108804487A (zh) * 2017-12-28 2018-11-13 中国移动通信集团公司 一种提取目标字符的方法及装置
CN109933973A (zh) * 2019-01-24 2019-06-25 平安科技(深圳)有限公司 密码校验方法、装置、计算机设备及存储介质

Family Cites Families (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104935558B (zh) * 2014-03-21 2018-01-30 四三九九网络股份有限公司 一种网络用户快捷注册与登录方法及系统
CN104038344B (zh) * 2014-06-19 2017-03-22 电子科技大学 一种基于正则表达式的身份验证方法
CN104407849B (zh) * 2014-10-31 2017-10-17 福建六壬网安股份有限公司 一种带通配符正则表达式的有穷自动机生成方法
CN104580197A (zh) * 2014-12-31 2015-04-29 北京奇虎科技有限公司 密码检测方法和密码检测系统
US10242062B2 (en) * 2015-02-20 2019-03-26 Threatstop, Inc. Normalization and extraction of log data
CN105718787A (zh) * 2016-02-15 2016-06-29 上海斐讯数据通信技术有限公司 路由器密码复杂度校验方法
CN107608981B (zh) * 2016-07-11 2021-11-12 深圳市丰驰顺行信息技术有限公司 基于正则表达式的字符匹配方法及系统
CN106326363B (zh) * 2016-08-11 2019-09-17 海信集团有限公司 一种基于正则表达式的匹配方法及装置
CN106973043B (zh) * 2017-03-14 2019-12-17 广州视源电子科技股份有限公司 一种密码验证系统和密码验证方法
CN107196899B (zh) * 2017-03-21 2020-05-22 北京神州泰岳软件股份有限公司 设备弱口令管理方法及装置
CN108667678A (zh) * 2017-03-29 2018-10-16 中国移动通信集团设计院有限公司 一种基于大数据的运维日志安全检测方法及装置
US10552122B2 (en) * 2017-05-02 2020-02-04 Mastercard International Incorporated Systems and methods for customizable regular expression generation
CN108011863B (zh) * 2017-08-23 2020-12-15 北京车和家信息技术有限责任公司 识别暴力破解的方法及装置
CN108304372B (zh) * 2017-09-29 2021-08-03 腾讯科技(深圳)有限公司 实体提取方法和装置、计算机设备和存储介质
CN107992481B (zh) * 2017-12-25 2021-05-04 鼎富智能科技有限公司 一种基于多叉树的正则表达式匹配方法、装置及系统
CN108062422B (zh) * 2018-01-22 2020-06-26 中国平安人寿保险股份有限公司 一种分页查询的排序方法、智能终端、系统及存储介质
CN108829765A (zh) * 2018-05-29 2018-11-16 平安科技(深圳)有限公司 一种信息查询方法、装置、计算机设备及存储介质
CN109086343A (zh) * 2018-07-11 2018-12-25 中国联合网络通信集团有限公司 信息处理方法、客服服务器及主动式客服系统

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150067836A1 (en) * 2013-08-30 2015-03-05 Cavium, Inc. System and Method to Traverse a Non-Deterministic Finite Automata (NFA) Graph Generated for Regular Expression Patterns with Advanced Features
CN105187632A (zh) * 2015-08-06 2015-12-23 北京金山安全软件有限公司 一种手机号码的确定方法及装置
CN107423056A (zh) * 2017-06-30 2017-12-01 北京五八信息技术有限公司 输入内容验证方法及装置
CN108804487A (zh) * 2017-12-28 2018-11-13 中国移动通信集团公司 一种提取目标字符的方法及装置
CN109933973A (zh) * 2019-01-24 2019-06-25 平安科技(深圳)有限公司 密码校验方法、装置、计算机设备及存储介质

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114372247A (zh) * 2022-01-17 2022-04-19 瀚云科技有限公司 一种报表的查看方法、装置、电子设备及可读存储介质
CN117714213A (zh) * 2024-02-05 2024-03-15 云上(江西)密码服务科技有限公司 基于商用密码评测要求的证据链自动校验方法及系统
CN117714213B (zh) * 2024-02-05 2024-04-26 云上(江西)密码服务科技有限公司 基于商用密码评测要求的证据链自动校验方法及系统

Also Published As

Publication number Publication date
CN109933973A (zh) 2019-06-25
CN109933973B (zh) 2024-01-19

Similar Documents

Publication Publication Date Title
WO2020151319A1 (fr) Procédé et dispositif de vérification de mot de passe, appareil informatique et support de stockage
WO2020155740A1 (fr) Procédé et appareil de demande d'informations, et dispositif informatique et support d'informations
US11044261B2 (en) Detecting compromised credentials in a credential stuffing attack
US9690923B2 (en) Method, apparatus and system for verifying terminal
CA3022443C (fr) Methodes, dispositifs et systemes pour proceder a l`enrichissement des donnees afin d`ameliorer la detection de la fraude
CN108924118B (zh) 一种撞库行为检测方法及系统
CN107239953A (zh) 基于区块链的快速数据存储方法及系统
US10169567B1 (en) Behavioral authentication of universal serial bus (USB) devices
WO2018094764A1 (fr) Procédé et dispositif de vérification de correspondance de chaîne de motifs en fonction d'un service en nuage
US20200311250A1 (en) Graphic Pattern-Based Authentication with Adjustable Challenge Level
CN112380833B (zh) 一种逐句段对比的相似文本查找方法及装置
CN109492382B (zh) 一种单输入框登录验证方法
KR20160135239A (ko) 인증 코드를 생성하기 위한 방법 및 시스템
US11409770B2 (en) Multi-distance similarity analysis with tri-point arbitration
CN106098069B (zh) 一种身份认证方法、及终端设备
CN111797217B (zh) 基于faq匹配模型的信息查询方法、及其相关设备
US20220400133A1 (en) Information leakage detection method and device using the same
WO2020258500A1 (fr) Procédé et appareil d'aide à la reconnaissance optique de caractères, dispositif informatique et support de stockage
CN110457916B (zh) 一种电子合同加密方法、装置及终端设备
CN104580109A (zh) 生成点选验证码的方法及装置
CN115297104B (zh) 文件上传方法、装置、电子设备和存储介质
US20210406269A1 (en) Data storage selection based on data importance
CN111679862A (zh) 云主机关机方法、装置、电子设备及介质
CN116599666B (zh) 密码字典生成方法、装置、计算机设备和存储介质
KR102576825B1 (ko) 기업의 감사보고서를 기초로 공시용 요약보고서를 작성하여 제공할 수 있는 문서 제공 서버 및 그 동작 방법

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19911868

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19911868

Country of ref document: EP

Kind code of ref document: A1

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 16/11/2021)

122 Ep: pct application non-entry in european phase

Ref document number: 19911868

Country of ref document: EP

Kind code of ref document: A1