CN102457484A - Method for checking user information by combining user name/password authentication and check code - Google Patents
Method for checking user information by combining user name/password authentication and check code Download PDFInfo
- Publication number
- CN102457484A CN102457484A CN2010105186884A CN201010518688A CN102457484A CN 102457484 A CN102457484 A CN 102457484A CN 2010105186884 A CN2010105186884 A CN 2010105186884A CN 201010518688 A CN201010518688 A CN 201010518688A CN 102457484 A CN102457484 A CN 102457484A
- Authority
- CN
- China
- Prior art keywords
- user
- password
- check code
- authentication
- checking
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a method for checking user information by combining user name/password authentication and a check code, and relates to actual application of a software system user information checking technology in the public security/traffic management industry. User identity authentication is realized by combining the user name/password authentication technology and the check code when a client system logs in; a password is managed by a user; a system manager generates a new six-bit day digital checking code every day before the user uses the system, and informs the user of the new six-bit day digital checking code; when logging into the system, the user cannot log in the system successfully until both the password and the check code are correct; therefore, compared with the security of a common management system, the security of the system can be improved greatly.
Description
Technical field
The present invention relates to the practical application of software systems user profile verification technique in public security traffic control industry; Both gather authenticating user identification when use realizing the FTP client FTP login to add check code through the usemame/password authentication techniques; Password has user oneself management; Before user's using system, generate system manager every day effective digit check sign indicating number and inform the user on new 6 same day; User password and check code when login system have only all correctly could successfully be logined, and like this with respect to common management system, fail safe can improve a lot.
Background technology
In the information system; Authentication means to the user also can be divided into these three kinds substantially; Only through proving that a people's identity is referred to as the single-factor authentication meeting of a condition; Because the identity of only using a kind of condition judgment user can prove a people's identity through making up two kinds of different conditions easily by counterfeit, is referred to as double factor authentication.
Whether identity identifying technology is from using hardware can be divided into software authentication and hardware identification, and the condition from authentication need be verified can be divided into single-factor authentication and double factor authentication.From authentication information, can be divided into static authentication and dynamic authentication.The development of identity identifying technology has been experienced from the software authentication to the hardware identification, authenticates to double factor authentication from single-factor, authenticates to the process of dynamic authentication from static state.Identification authentication mode commonly used mainly contains following several kinds in computer and the network system now:
1, usemame/password mode
1, usemame/password mode
Usemame/password is the most also to be the most frequently used identity identifying method, and it is based on the checking means of " what you know ".Each user's password is set by this user oneself, has only him just to know by oneself, as long as therefore can correctly input password, computer just thinks that he is exactly this user.Yet in fact; Because many users forget Password in order to prevent; Often adopt birthday such as own or household, telephone number etc. easily by significant character string that other people guess as password; Perhaps copy password at one and oneself think safe place, this all exists many potential safety hazards, very easily causes password to reveal.Enable promptly to guarantee that user cipher is not leaked; Because password is static data; And need be in calculator memory in proof procedure and transmission through network; And the authorization information that each proof procedure uses all is identical, and the trojan horse program or the audiomonitor in the network that are easy to reside in the calculator memory are intercepted and captured.Therefore the usemame/password mode is a kind of is the identification authentication mode that is absolutely unsafe.We can say and have no fail safe to say basically.
2, IC-card authentication
IC-card is a kind of card of built-in integrated circuit, has the data relevant with user identity in the card, and IC-card through special device fabrication, can be thought not reproducible hardware by special manufacturer.IC-card is carried by validated user, must IC-card be inserted special-purpose card reader during login and read information wherein, with checking user's identity.The IC-card authentication is based on the means of " what you have ", can be by not counterfeit through the not reproducible user identity that guarantees of IC-card hardware.Yet, still be easy to be truncated to user's authentication information through technology such as internal memory scanning or network monitorings because the data that at every turn from IC-card, read are still static.Therefore, still there is basic potential safety hazard in the mode of static checking.
3, dynamic password
The dynamic password technology be a kind of user's of letting password according to time or the continuous dynamic change of access times, the only expendable technology of each password.It adopts a kind of specialized hardware that is referred to as dynamic token, and built-in power, password generate chip and display screen, and password generates the special cryptographic algorithm of chip operation, generates current password and is presented on the display screen according to current time or access times.Certificate server adopts the identical current valid password of algorithm computation.When using, the user only need the current password input client computer that show on the dynamic token can be realized the affirmation of identity.Because each password that uses must be produced by dynamic token, has only validated user just to hold this hardware, so need only password authentification through just thinking that this user's identity is reliable.And the each password that uses of user is all inequality, even the hacker has intercepted and captured password one time, also can't utilize this password to come the identity of counterfeit validated user.
The dynamic password technology adopts the method for one-time pad, has guaranteed the fail safe of user identity effectively.If but the time of client hardware and server or number of times can not keep good synchronously, just the problem that validated user can't land possibly take place.And also need through keyboard input a lot of irregular password when the user logins at every turn, will redo in case misunderstand or input by mistake, user's use is very inconvenient.
4, biological characteristic authentication
Biological characteristic authentication is meant the technology that adopts everyone unique biological characteristic to come identifying user identity.Common have fingerprint recognition, an iris recognition etc.In theory; Biological characteristic authentication is reliable identity authentication mode; Because its direct end user's physical features is represented everyone digital identity, different people has the possibility of identical biological characteristic and can ignore, therefore hardly maybe be by counterfeit.
Biological characteristic authentication receives the influence of biometrics identification technology maturity till now based on biometrics identification technology, adopts biological characteristic authentication also to have bigger limitation.At first, the accuracy of living things feature recognition and stability are still waiting to improve, if particularly user's body receives the influence of sick and wounded or spot, often cause and can't normally discern, the situation that causes validated user to land.Secondly, because that research and development drop into is big less with output, the cost of biological characteristic authentication system is very high, only is suitable for very high occasion of some security requirements such as uses such as bank, army at present, also can't accomplish the large tracts of land popularization.
5, USB Key authentication
Identification authentication mode based on USB Key is a kind of convenience that grew up in recent years, safe, economic identity identifying technology; Its adopts the combine double strong factor certification mode of one-time pad of software and hardware, has solved the contradiction between fail safe and the ease for use well.USB Key is a kind of hardware device of USB interface, and its built-in single-chip microcomputer or intelligent card chip can be stored user's key or digital certificate, utilizes the built-in cryptographic algorithm of USB Key to realize the authentication to user identity.Mainly contain two kinds of application models based on USB Key identity authorization system: one is based on impact/corresponding certification mode, and two are based on the certification mode of PKI system.
Summary of the invention
The objective of the invention is to: to the characteristics of software systems identity identifying technology, adopt double factor authentication method, promptly the usemame/password authentication techniques add the dynamic check sign indicating number and make the identity validity that is used for confirming login user simultaneously, reach the purpose of secure access.
Embodiment
Embodiment one
Vehicle administration office's post test system, this system adopts the development mode of C/S, when the system user login system, input user name, password and the same day effective check code and come start-up system, when whole checkings through after just can get into system, improved fail safe greatly.
The process of present embodiment is:
The system manager generates the new concurrent message of effective 6 bit value check codes on the same day to system user and gives the user when going to work every day.When the client login system, must input user name, password and check code, when confirming that user name, password and check code three do not have the system of being allowed for access of causing delay.
Claims (2)
1. make the user name cipher authentication add the method that user profile is verified in both set of check code, it is characterized in that:
The check code checking all generates new user's check code---check code regenerates every day---every day, avoid because of the user lose password illegally used by others and guarantee to have the user by the people at using system;
2. add the method that user profile is verified in both set of check code according to the said user name cipher authentication that makes of claim 1, it is characterized in that: all generate new user's check code every day through design and make the information system safety and reliability.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010105186884A CN102457484A (en) | 2010-10-26 | 2010-10-26 | Method for checking user information by combining user name/password authentication and check code |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010105186884A CN102457484A (en) | 2010-10-26 | 2010-10-26 | Method for checking user information by combining user name/password authentication and check code |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102457484A true CN102457484A (en) | 2012-05-16 |
Family
ID=46040151
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2010105186884A Pending CN102457484A (en) | 2010-10-26 | 2010-10-26 | Method for checking user information by combining user name/password authentication and check code |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102457484A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103634467A (en) * | 2013-11-22 | 2014-03-12 | 华为技术有限公司 | Privacy protecting method and mobile terminal |
| CN108351933A (en) * | 2015-10-22 | 2018-07-31 | 甲骨文国际公司 | The access server authenticity examination that end user starts |
| CN112001812A (en) * | 2020-08-15 | 2020-11-27 | 湖南钜达程水务有限公司 | Intelligent water affair comprehensive management system, method and storage medium |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101106455A (en) * | 2007-08-20 | 2008-01-16 | 北京飞天诚信科技有限公司 | Identity authentication method and intelligent secret key device |
| CN101447872A (en) * | 2007-11-27 | 2009-06-03 | 阿里巴巴集团控股有限公司 | User identity authentication method, system thereof and identifying code generating maintenance subsystem |
-
2010
- 2010-10-26 CN CN2010105186884A patent/CN102457484A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101106455A (en) * | 2007-08-20 | 2008-01-16 | 北京飞天诚信科技有限公司 | Identity authentication method and intelligent secret key device |
| CN101447872A (en) * | 2007-11-27 | 2009-06-03 | 阿里巴巴集团控股有限公司 | User identity authentication method, system thereof and identifying code generating maintenance subsystem |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103634467A (en) * | 2013-11-22 | 2014-03-12 | 华为技术有限公司 | Privacy protecting method and mobile terminal |
| CN108351933A (en) * | 2015-10-22 | 2018-07-31 | 甲骨文国际公司 | The access server authenticity examination that end user starts |
| CN108351933B (en) * | 2015-10-22 | 2022-04-22 | 甲骨文国际公司 | Method and system for end-user initiated access server plausibility check |
| CN112001812A (en) * | 2020-08-15 | 2020-11-27 | 湖南钜达程水务有限公司 | Intelligent water affair comprehensive management system, method and storage medium |
| CN112001812B (en) * | 2020-08-15 | 2023-02-28 | 中国建筑第五工程局有限公司 | Intelligent water affair comprehensive management system, method and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106330850B (en) | Security verification method based on biological characteristics, client and server | |
| CN101051908B (en) | Dynamic cipher certifying system and method | |
| JP4420201B2 (en) | Authentication method using hardware token, hardware token, computer apparatus, and program | |
| CN102456102A (en) | Method for carrying out identity recertification on particular operation of information system by using Usb key technology | |
| CN104683114B (en) | Based on the identity identifying method of finger print information | |
| CN103414562B (en) | User authority control method and device based on URL fingerprint techniques | |
| CN108965222A (en) | Identity identifying method, system and computer readable storage medium | |
| CN113132404B (en) | Identity authentication method, terminal and storage medium | |
| CN106789059A (en) | A kind of long-range two-way access control system and method based on trust computing | |
| US20220141207A1 (en) | A One-Click Login Procedure | |
| CN104104671B (en) | Establish the unified dynamic authorization code system of business entity's account | |
| CN111340987A (en) | Internet of things door lock communication method, device and system and computer storage medium | |
| Singhal et al. | Software tokens based two factor authentication scheme | |
| CN102694776A (en) | Authentication system and method based on dependable computing | |
| CN102457484A (en) | Method for checking user information by combining user name/password authentication and check code | |
| CN111600701A (en) | Private key storage method and device based on block chain and storage medium | |
| CN105897708A (en) | Information protection method and mobile terminal | |
| CN103049686A (en) | Method for verifying information of database and user through universal serial bus (Usb) key | |
| US20030088794A1 (en) | Method and system for rendering secure pin entry | |
| KR20200004666A (en) | Biometric information authentication system using machine learning and block chain and its method | |
| CN103684795A (en) | Dynamic password token device and identity authentication method thereof and dynamic password token system | |
| CN203968128U (en) | Dynamic cipher token apparatus and dynamic password token system | |
| Bechelli et al. | Biometrics authentication with smartcard | |
| CN110784395B (en) | Mail safety login method and system based on FIDO authentication | |
| KR20180034199A (en) | Unified login method and system based on single sign on service |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20120516 |