CN104168261A - Method and device for dynamic cipher login - Google Patents
Method and device for dynamic cipher login Download PDFInfo
- Publication number
- CN104168261A CN104168261A CN201410313130.0A CN201410313130A CN104168261A CN 104168261 A CN104168261 A CN 104168261A CN 201410313130 A CN201410313130 A CN 201410313130A CN 104168261 A CN104168261 A CN 104168261A
- Authority
- CN
- China
- Prior art keywords
- dynamic password
- application
- account name
- interface channel
- service end
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Telephonic Communication Services (AREA)
- Telephone Function (AREA)
- Mobile Radio Communication Systems (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention provides a login method and a device based on a dynamic cipher. The login method based on the dynamic cipher comprises steps of receiving a request information transmitted by a first application, wherein the request information comprises an account name and the first application is the application for currently guiding the user to login, determining whether a long connection passageway corresponding to the account name exists, if yes, generating a dynamic cipher, wherein the long connection passageway is the connection passageway between the service port and a second application, and the second application is installed on a mobile device for receiving the dynamic cipher, transmitting the dynamic cipher to the second application according to the long connection passageway, receiving a first login certification request transmitted by the first application, wherein the first login certification request comprises the account name and the dynamic cipher, and performing login certification processing according to the account name and the dynamic cipher. The method can widen the range of the application of the dynamic cipher login.
Description
Technical field
The present invention relates to communication technical field, relate in particular to a kind of dynamic password login method and device.
Background technology
Traditional has become more and more dangerous based on account name and the login mode of the static password setting.In order to improve fail safe, can adopt dynamic password to login.In correlation technique, cell-phone number can be registered as to account name, or, by the account name of registration and cell-phone number binding, afterwards dynamic password is dealt on mobile phone by the mode of note, input dynamic password by user.
But this mode is because needs send to dynamic password on mobile phone, in the time that user can not use account name and cell-phone number binding or cell-phone number, user just can not obtain dynamic password, makes the use of this dynamic password login mode limited.
Summary of the invention
The present invention is intended to solve at least to a certain extent one of technical problem in correlation technique.
For this reason, one object of the present invention is to propose a kind of login method based on dynamic password, and the method can improve the scope of application of dynamic password login.
Another object of the present invention is to propose a kind of entering device based on dynamic password.
For achieving the above object, the login method based on dynamic password that first aspect present invention embodiment proposes, comprise: receive the request message that the first application sends, in described request message, comprise account name, described the first application is that current guiding user carries out the application of register; Judge whether to exist the long interface channel corresponding with described account name, and in the time there is described long interface channel, generate dynamic password, described long interface channel be service end and second application between interface channel, described second application be mounted on mobile device for receiving the application of dynamic password; According to described long interface channel, described dynamic password is sent to described the second application; Receive the first login authentication request that described the first application sends, in described the first login authentication request, comprise described account name and described dynamic password, and according to described account name and described dynamic password, user is carried out to login authentication processing.
The login method based on dynamic password that first aspect present invention embodiment proposes, by adopting interface channel that dynamic password is sent to mobile device, is not limited to send according to cell-phone number, effectively improves the scope of application of dynamic password login.
For achieving the above object, the login method based on dynamic password that second aspect present invention embodiment proposes, comprising: set up the long interface channel corresponding with account name with service end; According to described long interface channel, receive the dynamic password that described service end sends, described dynamic password is that described service end generates after the request message that comprises described account name that receives the first application transmission, and described the first application is that current guiding user carries out the application of register.
The login method based on dynamic password that second aspect present invention embodiment proposes, by adopting interface channel that dynamic password is sent to mobile device, is not limited to send service end according to cell-phone number, effectively improves the scope of application of dynamic password login.
For achieving the above object, the entering device based on dynamic password that third aspect present invention embodiment proposes, comprise: the first receiver module, the request message sending for receiving the first application, in described request message, comprise account name, described the first application is that current guiding user carries out the application of register; Processing module, for judging whether to exist the long interface channel corresponding with described account name, and in the time there is described long interface channel, generate dynamic password, described long interface channel be service end and second application between interface channel, described second application be mounted on mobile device for receiving the application of dynamic password; Sending module, for sending to described the second application according to described long interface channel by described dynamic password; Login module, the first login authentication request sending for receiving described the first application, comprises described account name and described dynamic password in described the first login authentication request, and according to described account name and described dynamic password, user is carried out to login authentication processing.
The entering device based on dynamic password that third aspect present invention embodiment proposes, by adopting interface channel that dynamic password is sent to mobile device, is not limited to send according to cell-phone number, effectively improves the scope of application of dynamic password login.
For achieving the above object, the entering device based on dynamic password that fourth aspect present invention embodiment proposes, comprising: set up module, for setting up the long interface channel corresponding with account name with service end; Receiver module, be used for according to described long interface channel, receive the dynamic password that described service end sends, described dynamic password is that described service end generates after the request message that comprises described account name that receives the first application transmission, and described the first application is that current guiding user carries out the application of register.
The entering device based on dynamic password that fourth aspect present invention embodiment proposes, by adopting interface channel that dynamic password is sent to mobile device, is not limited to send service end according to cell-phone number, effectively improves the scope of application of dynamic password login.
The aspect that the present invention is additional and advantage in the following description part provide, and part will become obviously from the following description, or recognize by practice of the present invention.
Brief description of the drawings
The present invention above-mentioned and/or additional aspect and advantage will become from the following description of the accompanying drawings of embodiments obviously and easily and understand, wherein:
Fig. 1 is the schematic flow sheet of the login method based on dynamic password of one embodiment of the invention proposition;
Fig. 2 is the schematic flow sheet of the login method based on dynamic password of another embodiment of the present invention proposition;
Fig. 3 is the schematic flow sheet of the login method based on dynamic password of another embodiment of the present invention proposition;
Fig. 4 is the structural representation of the entering device based on dynamic password of another embodiment of the present invention proposition;
Fig. 5 is the structural representation of the entering device based on dynamic password of another embodiment of the present invention proposition;
Fig. 6 is the structural representation of the entering device based on dynamic password of another embodiment of the present invention proposition;
Fig. 7 is the structural representation of the entering device based on dynamic password of another embodiment of the present invention proposition.
Embodiment
Describe embodiments of the invention below in detail, the example of described embodiment is shown in the drawings, and wherein same or similar label represents same or similar element or has the element of identical or similar functions from start to finish.Be exemplary below by the embodiment being described with reference to the drawings, only for explaining the present invention, and can not be interpreted as limitation of the present invention.On the contrary, embodiments of the invention comprise all changes, amendment and the equivalent within the scope of spirit and the intension that falls into additional claims.
Fig. 1 is the schematic flow sheet of the login method based on dynamic password of one embodiment of the invention proposition, and the method comprises:
S11: service end receives the request message that the first application sends, and comprises account name in described request message, described the first application is that current guiding user carries out the application of register.
This service end is account system service end specifically.
Wherein, the first application can be on PC equipment, can be on the intelligent terminals such as intelligent television also.
Optionally, account name can be name, cell-phone number or user name, and user name is the combination in any of numeral, letter and character for example.
Can in the time that needs obtain dynamic password, send a request message, for example, when user logins a website, need to obtain dynamic password, in the time that dynamic password is obtained in user's click, the first application sends a request message to service end, with request dynamic password.
S12: judge whether to exist the long interface channel corresponding with described account name, and in the time there is described long interface channel, generate dynamic password, described long interface channel be service end and second application between interface channel, described second application be mounted on mobile device for receiving the application of dynamic password.
Wherein, dynamic password is to generate according to default algorithm, and default algorithm can be random algorithm, and for example, the combination of random generating digital and/or letter is as dynamic password.
Further, generating after dynamic password, can set the expired time of dynamic password.
Concrete, account system service end can be set up the corresponding relation of account name and long interface channel in advance, to judge whether there be the long interface channel corresponding with the account name comprising in described request message.
Long interface channel is the interface channel between service end and the second application, and the second application is the application that on mobile device, user installs in advance and starts, and this second application can be called safe app.
Link connection is divided into long connection and short connection, and short connection refers to when communication two party has data interaction at every turn, just sets up once and connects, and after this secondary data is sent completely, disconnects this and connects, and re-establishes and connect and data interaction in the time that have data interaction next time again; Long connection refers to that communication two party is after this secondary data is sent completely, and also keeps connecting, and can directly not need to re-establish connection by these connection transmission data next time.
S13: described dynamic password is sent to described the second application according to described long interface channel.
Wherein, account system service end can be issued the application on mobile device by service end by dynamic password by long interface channel, and this application can be called safe app, and safe app can represent to user after receiving dynamic password.
S14: receive the first login authentication request that described the first application sends, comprise described account name and described dynamic password in described the first login authentication request, and according to described account name and described dynamic password, user is carried out to login authentication processing.
Wherein, user can be known dynamic password according to the displaying of the second application, in the dynamic password input frame of the login interface of the first application, input dynamic password afterwards, described the first application is that current guiding user carries out the application of register, in addition, user can also input account name at login interface, and the first application afterwards sends to account system service end to authenticate this dynamic password and account name.
Account system service end finds corresponding dynamic password and expired time according to account name from the information of preserving in advance, if do not exceed expired time while receiving the first login authentication request, and the dynamic password receiving is consistent with the dynamic password obtaining from the information of preserving, by the certification of dynamic password, otherwise by certification.
Further, after by certification, can carry out login process to user, return to login sessions (session) to client, and delete the corresponding relation of account name and dynamic password, with the dynamic password that cancels.When not by certification, can return to error message to the first application.
The present embodiment, by adopting long interface channel that dynamic password is sent to mobile device, is not limited to send according to cell-phone number, effectively improves the scope of application of dynamic password login.
Fig. 2 is the schematic flow sheet of the login method based on dynamic password of another embodiment of the present invention proposition, and the method comprises:
S21: set up the long interface channel corresponding with account name with service end.
This service end is account system service end specifically.
Particularly, user starts preassembled application on its mobile device, can be safe app, and input account name and static password, trigger safe app and send the second login authentication request to account system service end, wherein, in the second login authentication request, comprise account name and the static password that user arranges.
Wherein, user can register to account system service end in advance, and account system service end is preserved log-on message, and log-on message comprises account name and static password.
Account system service termination is received after the second login authentication request, by account name and password in the second login authentication request, contrasts certification with account name and the password of user's registered in advance of preserving.
If account name and password that account system service termination is received, consistent with the account name obtaining from log-on message and static password, by login authentication, if account name and static password appoint have one inconsistent, or all inconsistent, not by login authentication.
Further, if account name and static password not by login authentication, the corresponding error message of safe app prompting user, for example, you do not exist by the account name of input! Or for example, your static password of input is wrong!
Further, safe app prompting user inputs account name and/or static password again.
Wherein, long connection can be by setting up after login authentication, or long connection can be also that other account names are set up after by login authentication.
Specifically, after by login authentication, connection when service end maintenance app sends account name and static password, obtains long connection, and preserves the corresponding relation of this length connection and account name.Or, app is sending another account name and static password to service end before, service end is passed through after certification this another account name, can set up should the long of another account name connecting, when this account name passes through after checking, also this account name can be corresponded on long connection of having set up.That is to say, can be each the corresponding long connection of account name, or, the corresponding long connection of multiple account names.
S22: according to described long interface channel, receive the dynamic password that described service end sends, described dynamic password is that described service end generates after the request message that comprises described account name that receives the first application transmission, and described the first application is that current guiding user carries out the application of register.
Wherein, dynamic password is to generate according to default algorithm, and default algorithm can be random algorithm, and for example, the combination of random generating digital and/or letter is as dynamic password.
Concrete, account system service termination is received the request message that the first application sends, can judge whether to have existed the long interface channel corresponding with account name in request message, in the time there is the long interface channel corresponding with described account name, according to preset algorithm generation dynamic password.
Long interface channel be on account system service end and mobile device user install in advance and the application that starts between interface channel, this application can be called safe app.
Link connection is divided into long connection and short connection, and short connection refers to when communication two party has data interaction at every turn, just sets up once and connects, and after this secondary data is sent completely, disconnects this and connects, and re-establishes and connect and data interaction in the time that have data interaction next time again; Long connection refers to that communication two party is after this secondary data is sent completely, and also keeps connecting, and can directly not need to re-establish connection by these connection transmission data next time.
Wherein, mobile device receives by long interface channel the dynamic password that account system service end sends, and after application receives dynamic password, can represent to user.
The present embodiment, by adopting interface channel that dynamic password is sent to mobile device, is not limited to send service end according to cell-phone number, effectively improves the scope of application of dynamic password login.
Fig. 3 is the schematic flow sheet of the login method based on dynamic password of another embodiment of the present invention proposition, and the method comprises:
S301: user is starting after the second application, add account name in this second application time, trigger mobile device and send the second login authentication request to account system service end, in the second login authentication request, comprise account name and static password, the second application is preassembled application on mobile device.
Wherein, such as mobile phone or panel computer etc. of mobile device.This preassembled application can be called safe app.
Particularly, user starts safe app on its mobile device, and input account name and static password, triggers safe app and sends the second login authentication request to account system service end, wherein, in the second login authentication request, comprise account name and the static password that user arranges.
S302: account system service termination is received after the second login authentication request, carries out login authentication, and judges whether by login authentication, if so, carries out S304, otherwise, S303 carried out.
Wherein, user can register to account system service end in advance, and account system service end is preserved log-on message, and log-on message comprises account name and static password.
Account system service termination is received after the second login authentication request, by account name and password in the second login authentication request, contrasts certification with account name and the password of user's registered in advance of preserving.
If account name and password that account system service termination is received, consistent with the account name obtaining from log-on message and static password, by login authentication, if account name and static password appoint have one inconsistent, or all inconsistent, not by login authentication.
S303: account system service end returns to error message to mobile device.
Particularly, if account name and static password not by login authentication, the corresponding error message of safe app prompting user, for example, you do not exist by the account name of input! Or for example, your static password of input is wrong!
Further, safe app prompting user inputs account name and/or static password again.
S304: account system service end is set up long connection with the second application, and account name is preserved with the long correspondence that is connected.
Wherein, long connection can be by setting up after login authentication, or long connection can be also that other account names are set up after by login authentication.
Specifically, after by login authentication, connection when account system service end maintenance app sends account name and static password, obtains long connection, and preserves the corresponding relation of this length connection and account name.Or, app is sending another account name and static password to account system service end before, account system service end passes through after certification this another account name, can set up should the long of another account name connecting, when this account name passes through after checking, also this account name can be corresponded on long connection of having set up.That is to say, can be each the corresponding long connection of account name, or, the corresponding long connection of multiple account names.
S305: user inputs account name on the login interface of the first application, and trigger the first application and send a request message to account system service end, this request message is for request dynamic password, in request message, comprise account name, the first application is that current guiding user carries out the application of register, for example, first be applied in PC or intelligent television is first-class.
Can in the time that needs obtain dynamic password, send a request message, for example, when user logins a website, need to obtain dynamic password, in the time that dynamic password is obtained in user's click, the first application sends a request message to service end, with request dynamic password.
S306: account system service end judges according to the account name comprising in request message whether corresponding long interface channel exists, if do not exist, carries out S307, if exist, carries out S308.
Because account system service end can be preserved account name and the long corresponding relation being connected, therefore can determine whether there be long connect corresponding with current account name according to the information of preserving in advance.
S307: error message is returned to the first application by account system service end, by the first Application Hints user.
The first Application Hints user can be specifically: prompting user installation, start safe app, and registered user's account, and add in advance and can support the account of dynamic password login in the account management module of safe app.
S308: account system service end is according to described request message generation dynamic password, and expired time is set, and set up the corresponding relation between account name and dynamic password and expired time.
Wherein, dynamic password is to generate according to default algorithm, and default algorithm can be random algorithm, and for example, the combination of random generating digital and/or letter is as dynamic password.
Further, generating after dynamic password, can set the expired time of dynamic password, and set up the corresponding relation between account name and dynamic password and expired time, and corresponding relation is saved in buffer memory.
S309: account system service end adopts and long interface channel corresponding to account name, sends to second on mobile device to apply dynamic password.
Wherein, dynamic password can be issued to the application on mobile device by account system service end by long interface channel.
S310: dynamic password is presented to user by the second application.
Wherein, the second application receives the dynamic password that service end sends, and dynamic password can be presented to user and see.
The second application can be presented to user by dynamic password by the mode of transmitting system message, or, on the interface of safe app, present dynamic password.
S311: user is the dynamic password input frame of the login interface of the dynamic password input of seeing the first application, and trigger the first application and send the first logging request, account name and dynamic password that user has inputted in the first logging request, comprised.
S312: account system service end judges whether to carry out login process according to the first login authentication request, if so, carries out S314, otherwise, S313 carried out.
Concrete, in the first login authentication request, comprise dynamic password and account name, account system service end finds corresponding dynamic password and expired time according to account name from the information of preserving in advance, if do not exceed expired time while receiving the first login authentication request, and the dynamic password receiving is consistent with the dynamic password obtaining from the information of preserving, carry out login process, otherwise do not carry out login process.
S313: account system service end returns to error message to the first application.
For example, return and login the message such as unsuccessful.
S314: account system service end carries out login process to user, obtains login sessions (session), and returns to login sessions information to the first application.
Optionally, after completing user's login process, can delete the corresponding relation of account name and dynamic password, with the dynamic password that cancels.
S315: the first application is according to login sessions information completing user login process.
Particularly, the login interface of the first application receives after the login session information that account system service end returns, and the respective logic processing after can completing user login for example, represents interface after login etc. to user.
The present embodiment, by application on mobile device and the service end passage that connects, transmits dynamic password by interface channel, can be not limited to transmit dynamic password by cell-phone number, can improve the scope of application.The present embodiment is grown connection by foundation, can in time dynamic password be sent to mobile device, ensures the validity of dynamic password.The present embodiment, by setting up corresponding interface channel after user rs authentication, can improve fail safe.
Fig. 4 is the structural representation of the entering device based on dynamic password of another embodiment of the present invention proposition, and this device 40 comprises the first receiver module 41, processing module 42, sending module 43 and login module 44.
The request message that the first receiver module 41 sends for receiving the first application, comprises account name in described request message, and described the first application is that current guiding user carries out the application of register.
Wherein, the first application can be on PC equipment, can be on the intelligent terminals such as intelligent television also.
Optionally, account name can be name, cell-phone number or user name, and user name is the combination in any of numeral, letter and character for example.
Can in the time that needs obtain dynamic password, send a request message, for example, when user logins a website, need to obtain dynamic password, in the time that dynamic password is obtained in user's click, the first application sends a request message to service end, with request dynamic password.
Processing module 42 is for judging whether to exist the long interface channel corresponding with described account name, and in the time there is described long interface channel, generate dynamic password, described long interface channel be service end and second application between interface channel, described second application be mounted on mobile device for receiving the application of dynamic password.
Wherein, dynamic password is to generate according to default algorithm, and default algorithm can be random algorithm, and for example, the combination of random generating digital and/or letter is as dynamic password.
Further, generating after dynamic password, can set the expired time of dynamic password.
Concrete, account system service end can be set up the corresponding relation of account name and long interface channel in advance, to judge whether there be the long interface channel corresponding with the account name comprising in described request message.
Long interface channel is the interface channel between service end and the second application, and the second application is the application that on mobile device, user installs in advance and starts, and this second application can be called safe app.
Link connection is divided into long connection and short connection, and short connection refers to when communication two party has data interaction at every turn, just sets up once and connects, and after this secondary data is sent completely, disconnects this and connects, and re-establishes and connect and data interaction in the time that have data interaction next time again; Long connection refers to that communication two party is after this secondary data is sent completely, and also keeps connecting, and can directly not need to re-establish connection by these connection transmission data next time.Sending module 43 is for sending to described the second application according to described long interface channel by described dynamic password.
Wherein, account system service end can be issued the application on mobile device by service end by dynamic password by long interface channel, and this application can be called safe app, and safe app can represent to user after receiving dynamic password.
The first login authentication request that login module 44 sends for receiving described the first application, comprises described account name and described dynamic password in described the first login authentication request, and according to described account name and described dynamic password, user is carried out to login authentication processing.
In an embodiment, after described generation dynamic password, described device 40 also comprises module 45 is set, as shown in Figure 5, the described module 45 that arranges is for preserving described account name and described dynamic password correspondence, and the expired time of described dynamic password is set, described login module 44 specifically for obtaining the dynamic password corresponding with the account name receiving and expired time from the information of preserving in advance; Dynamic password in described preservation is not out of date, and the dynamic password of preserving and the dynamic password of reception are when consistent, allow the user that described account name is corresponding to login.
Wherein, user can be known dynamic password according to the displaying of the second application, in the dynamic password input frame of the login interface of the first application, input dynamic password afterwards, described the first application is that current guiding user carries out the application of register, in addition, user can also input account name at login interface, and the first application afterwards sends to account system service end to authenticate this dynamic password and account name.
Account system service end finds corresponding dynamic password and expired time according to account name from the information of preserving in advance, if do not exceed expired time while receiving the first login authentication request, and the dynamic password receiving is consistent with the dynamic password obtaining from the information of preserving, by the certification of dynamic password, otherwise by certification.
Further, after by certification, can carry out login process to user, return to login sessions (session) to client, and delete the corresponding relation of account name and dynamic password, with the dynamic password that cancels.When not by certification, can return to error message to the first application.
In another embodiment, after the user that the described account name of described permission is corresponding logins, described device 40 also comprises removing module 46, and as shown in Figure 5, described removing module 46 is for deleting the dynamic password of preservation.
In another embodiment, described device 40 also comprises the second receiver module 47, sets up module 48 and preserves module 49.
The second receiver module 47 is applied in for receiving described second the second login authentication request that starts rear transmission, in described the second login authentication request, comprises described account name and static password;
Set up module 48 for passing through after checking at described account name and static password, set up the long interface channel between described the second application;
Preserve module 49 for described account name and described long interface channel correspondence are preserved.
The present embodiment, by adopting interface channel that dynamic password is sent to mobile device, is not limited to send according to cell-phone number, effectively improves the scope of application of dynamic password login.
Fig. 6 is the structural representation of the entering device based on dynamic password of another embodiment of the present invention proposition, and this device 60 comprises sets up module 61 and receiver module 62.
Set up module 61 for setting up the long interface channel corresponding with account name with service end.
In an embodiment, the described module 61 of setting up comprises first module 611 and second unit 612, as shown in Figure 7.
Described first module 611, after the second application start, for sending login authentication request to described service end, in described login authentication request, comprise described account name and static password, described the second application be arranged in advance on mobile device for receiving the application of dynamic password;
Described second unit 612, passes through after checking described account name and static password in described service end, for setting up described long interface channel, and makes described service end by described account name and the corresponding preservation of described long interface channel.
In another embodiment, when having no progeny in described long interface channel, the described module 61 of setting up is specifically for the passage that connects by the automatic trial of described application and described service end, until set up described long interface channel.
Receiver module 62 is for according to described long interface channel, receive the dynamic password that described service end sends, described dynamic password is that described service end generates after the request message that comprises described account name that receives the first application transmission, and described the first application is that current guiding user carries out the application of register.
In an embodiment, described device 60 also comprises and presents module 63, as shown in Figure 7, described in present module 63, for the mode by notifications, described dynamic password presented to user; Or, described dynamic password is presented on the interface of described application.
The present embodiment, by adopting interface channel that dynamic password is sent to mobile device, is not limited to send service end according to cell-phone number, effectively improves the scope of application of dynamic password login.
It should be noted that, in description of the invention, term " first ", " second " etc. are only for describing object, and can not be interpreted as instruction or hint relative importance.In addition,, in description of the invention, except as otherwise noted, the implication of " multiple " is two or more.
Any process of otherwise describing in flow chart or at this or method are described and can be understood to, represent to comprise that one or more is for realizing module, fragment or the part of code of executable instruction of step of specific logical function or process, and the scope of the preferred embodiment of the present invention comprises other realization, wherein can be not according to order shown or that discuss, comprise according to related function by the mode of basic while or by contrary order, carry out function, this should be understood by embodiments of the invention person of ordinary skill in the field.
Should be appreciated that each several part of the present invention can realize with hardware, software, firmware or their combination.In the above-described embodiment, multiple steps or method can realize with being stored in software or the firmware carried out in memory and by suitable instruction execution system.For example, if realized with hardware, the same in another embodiment, can realize by any one in following technology well known in the art or their combination: there is the discrete logic for data-signal being realized to the logic gates of logic function, there is the application-specific integrated circuit (ASIC) of suitable combinational logic gate circuit, programmable gate array (PGA), field programmable gate array (FPGA) etc.
Those skilled in the art are appreciated that realizing all or part of step that above-described embodiment method carries is can carry out the hardware that instruction is relevant by program to complete, described program can be stored in a kind of computer-readable recording medium, this program, in the time carrying out, comprises step of embodiment of the method one or a combination set of.
In addition, the each functional unit in each embodiment of the present invention can be integrated in a processing module, can be also that the independent physics of unit exists, and also can be integrated in a module two or more unit.Above-mentioned integrated module both can adopt the form of hardware to realize, and also can adopt the form of software function module to realize.If described integrated module realizes and during as production marketing independently or use, also can be stored in a computer read/write memory medium using the form of software function module.
The above-mentioned storage medium of mentioning can be read-only memory, disk or CD etc.
In the description of this specification, the description of reference term " embodiment ", " some embodiment ", " example ", " concrete example " or " some examples " etc. means to be contained at least one embodiment of the present invention or example in conjunction with specific features, structure, material or the feature of this embodiment or example description.In this manual, the schematic statement of above-mentioned term is not necessarily referred to identical embodiment or example.And specific features, structure, material or the feature of description can be with suitable mode combination in any one or more embodiment or example.
Although illustrated and described embodiments of the invention above, be understandable that, above-described embodiment is exemplary, can not be interpreted as limitation of the present invention, and those of ordinary skill in the art can change above-described embodiment within the scope of the invention, amendment, replacement and modification.
Claims (16)
1. the login method based on dynamic password, is characterized in that, comprising:
Receive the request message that the first application sends, in described request message, comprise account name, described the first application is that current guiding user carries out the application of register;
Judge whether to exist the long interface channel corresponding with described account name, and in the time there is described long interface channel, generate dynamic password, described long interface channel be service end and second application between interface channel, described second application be mounted on mobile device for receiving the application of dynamic password;
According to described long interface channel, described dynamic password is sent to described the second application;
Receive the first login authentication request that described the first application sends, in described the first login authentication request, comprise described account name and described dynamic password, and according to described account name and described dynamic password, user is carried out to login authentication processing.
2. method according to claim 1, is characterized in that, also comprises:
Receive described second and be applied in the second login authentication request that starts rear transmission, in described the second login authentication request, comprise described account name and static password;
Pass through after checking at described account name and static password, set up the long interface channel between described the second application;
By described account name and the corresponding preservation of described long interface channel.
3. method according to claim 1, it is characterized in that, after described generation dynamic password, described method also comprises: by described account name and the corresponding preservation of described dynamic password, and the expired time of described dynamic password is set, describedly according to described account name and described dynamic password, user is carried out to login authentication processing, comprising:
From the information of preserving in advance, obtain the dynamic password corresponding with the account name receiving and expired time;
Dynamic password in described preservation is not out of date, and the dynamic password of preserving and the dynamic password of reception are when consistent, allow the user that described account name is corresponding to login.
4. method according to claim 3, is characterized in that, after the user that the described account name of described permission is corresponding logins, described method also comprises:
Delete the dynamic password of preserving.
5. the login method based on dynamic password, is characterized in that, comprising:
Set up the long interface channel corresponding with account name with service end;
According to described long interface channel, receive the dynamic password that described service end sends, described dynamic password is that described service end generates after the request message that comprises described account name that receives the first application transmission, and described the first application is that current guiding user carries out the application of register.
6. method according to claim 5, is characterized in that, the described long interface channel corresponding with account name with service end foundation, comprising:
After the second application start, send login authentication request to described service end, in described login authentication request, comprise described account name and static password, described the second application be arranged in advance on mobile device for receiving the application of dynamic password;
In described service end, described account name and static password are passed through, after checking, to set up described long interface channel, and make described service end by described account name and the corresponding preservation of described long interface channel.
7. method according to claim 5, is characterized in that, after the described dynamic password that the described service end of described reception sends, described method also comprises:
Described dynamic password is presented to user by mode by notifications; Or,
Described dynamic password is presented on the interface of described application.
8. according to the method described in claim 5 to 7 any one, it is characterized in that, when having no progeny in described long interface channel, described method also comprises:
Automatically attempt and the described service end passage that connects by described application, until set up described long interface channel.
9. the entering device based on dynamic password, is characterized in that, comprising:
The first receiver module, the request message sending for receiving the first application, comprises account name in described request message, and described the first application is that current guiding user carries out the application of register;
Processing module, for judging whether to exist the long interface channel corresponding with described account name, and in the time there is described long interface channel, generate dynamic password, described long interface channel be service end and second application between interface channel, described second application be mounted on mobile device for receiving the application of dynamic password;
Sending module, for sending to described the second application according to described long interface channel by described dynamic password;
Login module, the first login authentication request sending for receiving described the first application, comprises described account name and described dynamic password in described the first login authentication request, and according to described account name and described dynamic password, user is carried out to login authentication processing.
10. device according to claim 9, is characterized in that, also comprises:
The second receiver module, is applied in for receiving described second the second login authentication request that starts rear transmission, in described the second login authentication request, comprises described account name and static password;
Set up module, for passing through after checking at described account name and static password, set up the long interface channel between described the second application;
Preserve module, for described account name and described long interface channel correspondence are preserved.
11. devices according to claim 9, it is characterized in that, after described generation dynamic password, described device also comprises module is set, the described module that arranges is for preserving described account name and described dynamic password correspondence, and the expired time of described dynamic password is set, described login module specifically for:
From the information of preserving in advance, obtain the dynamic password corresponding with the account name receiving and expired time;
Dynamic password in described preservation is not out of date, and the dynamic password of preserving and the dynamic password of reception are when consistent, allow the user that described account name is corresponding to login.
12. devices according to claim 11, is characterized in that, after the user that the described account name of described permission is corresponding logins, described device also comprises:
Removing module, for deleting the dynamic password of preservation.
13. 1 kinds of entering devices based on dynamic password, is characterized in that, comprising:
Set up module, for setting up the long interface channel corresponding with account name with service end;
Receiver module, be used for according to described long interface channel, receive the dynamic password that described service end sends, described dynamic password is that described service end generates after the request message that comprises described account name that receives the first application transmission, and described the first application is that current guiding user carries out the application of register.
14. devices according to claim 13, is characterized in that, the described module of setting up comprises first module and second unit, comprising:
Described first module, after the second application start, for sending login authentication request to described service end, in described login authentication request, comprise described account name and static password, described the second application be arranged in advance on mobile device for receiving the application of dynamic password;
Described second unit, passes through after checking described account name and static password in described service end, for setting up described long interface channel, and makes described service end by described account name and the corresponding preservation of described long interface channel.
15. devices according to claim 13, is characterized in that, described device also comprises and present module, described in present module for:
Described dynamic password is presented to user by mode by notifications; Or,
Described dynamic password is presented on the interface of described application.
16. according to claim 13 to the device described in 15 any one, it is characterized in that, when having no progeny in described long interface channel, described set up module specifically for:
Automatically attempt and the described service end passage that connects by described application, until set up described long interface channel.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410313130.0A CN104168261B (en) | 2014-07-02 | 2014-07-02 | Dynamic password login method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410313130.0A CN104168261B (en) | 2014-07-02 | 2014-07-02 | Dynamic password login method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104168261A true CN104168261A (en) | 2014-11-26 |
| CN104168261B CN104168261B (en) | 2018-09-07 |
Family
ID=51911885
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410313130.0A Active CN104168261B (en) | 2014-07-02 | 2014-07-02 | Dynamic password login method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104168261B (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107682316A (en) * | 2017-09-05 | 2018-02-09 | 平安科技(深圳)有限公司 | The generation method and dynamic password sending method of dynamic password sending strategy |
| CN107919964A (en) * | 2017-12-29 | 2018-04-17 | 北京奇虎科技有限公司 | A kind of method and system that data synchronization is carried out based on dynamic credentials |
| CN112688979A (en) * | 2019-10-17 | 2021-04-20 | 北京百度网讯科技有限公司 | Unmanned vehicle remote login processing method, device, equipment and storage medium |
| CN116108474A (en) * | 2023-04-13 | 2023-05-12 | 深圳奥联信息安全技术有限公司 | Big data system password service method and system |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101179382A (en) * | 2006-12-20 | 2008-05-14 | 腾讯科技(深圳)有限公司 | Login method and system |
| CN102546914A (en) * | 2010-12-27 | 2012-07-04 | 梁志龙 | Automatic login system based on smart phone and control method |
| US20130047223A1 (en) * | 2011-08-16 | 2013-02-21 | Paul Headley | Methods for the Secure Use of One-Time Passwords |
| CN103124267A (en) * | 2013-02-07 | 2013-05-29 | 百度在线网络技术(北京)有限公司 | Method, system and cloud server for login/registration through mobile terminal |
| CN103152399A (en) * | 2013-02-07 | 2013-06-12 | 百度在线网络技术(北京)有限公司 | Login method, login system and cloud server |
| CN103401686A (en) * | 2013-07-31 | 2013-11-20 | 陕西海基业高科技实业有限公司 | User Internet identity authentication system and application method thereof |
| US20130347071A1 (en) * | 2011-03-10 | 2013-12-26 | Orange | Method and system for granting access to a secured website |
| CN103888451A (en) * | 2014-03-10 | 2014-06-25 | 百度在线网络技术(北京)有限公司 | Method, device and system for certification authorization |
-
2014
- 2014-07-02 CN CN201410313130.0A patent/CN104168261B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101179382A (en) * | 2006-12-20 | 2008-05-14 | 腾讯科技(深圳)有限公司 | Login method and system |
| CN102546914A (en) * | 2010-12-27 | 2012-07-04 | 梁志龙 | Automatic login system based on smart phone and control method |
| US20130347071A1 (en) * | 2011-03-10 | 2013-12-26 | Orange | Method and system for granting access to a secured website |
| US20130047223A1 (en) * | 2011-08-16 | 2013-02-21 | Paul Headley | Methods for the Secure Use of One-Time Passwords |
| CN103124267A (en) * | 2013-02-07 | 2013-05-29 | 百度在线网络技术(北京)有限公司 | Method, system and cloud server for login/registration through mobile terminal |
| CN103152399A (en) * | 2013-02-07 | 2013-06-12 | 百度在线网络技术(北京)有限公司 | Login method, login system and cloud server |
| CN103401686A (en) * | 2013-07-31 | 2013-11-20 | 陕西海基业高科技实业有限公司 | User Internet identity authentication system and application method thereof |
| CN103888451A (en) * | 2014-03-10 | 2014-06-25 | 百度在线网络技术(北京)有限公司 | Method, device and system for certification authorization |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107682316A (en) * | 2017-09-05 | 2018-02-09 | 平安科技(深圳)有限公司 | The generation method and dynamic password sending method of dynamic password sending strategy |
| WO2019047345A1 (en) * | 2017-09-05 | 2019-03-14 | 平安科技(深圳)有限公司 | Method of generating one-time password sending policy, and one-time password sending method |
| CN107682316B (en) * | 2017-09-05 | 2020-02-14 | 平安科技(深圳)有限公司 | Method for generating dynamic password sending strategy and method for sending dynamic password |
| CN107919964A (en) * | 2017-12-29 | 2018-04-17 | 北京奇虎科技有限公司 | A kind of method and system that data synchronization is carried out based on dynamic credentials |
| CN107919964B (en) * | 2017-12-29 | 2021-02-23 | 北京奇虎科技有限公司 | Method and system for data synchronization based on dynamic authentication information |
| CN112688979A (en) * | 2019-10-17 | 2021-04-20 | 北京百度网讯科技有限公司 | Unmanned vehicle remote login processing method, device, equipment and storage medium |
| CN112688979B (en) * | 2019-10-17 | 2022-08-16 | 阿波罗智能技术(北京)有限公司 | Unmanned vehicle remote login processing method, device, equipment and storage medium |
| US11621952B2 (en) | 2019-10-17 | 2023-04-04 | Apollo Intelligent Driving Technology (Beijing) Co., Ltd. | Remote login processing method, apparatus, device and storage medium for unmanned vehicle |
| CN116108474A (en) * | 2023-04-13 | 2023-05-12 | 深圳奥联信息安全技术有限公司 | Big data system password service method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104168261B (en) | 2018-09-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103152400B (en) | The method, system and the cloud server that log in is carried out by mobile terminal | |
| CN107249004B (en) | Identity authentication method, device and client | |
| CN105592065B (en) | A kind of Website logging method and its login system based on SMS | |
| CN103139777B (en) | The method, system and the cloud server that log in/register is carried out by mobile terminal | |
| WO2017107732A1 (en) | Login status synchronization method and system | |
| CN103152331B (en) | The method, system and the cloud server that log in/register is carried out by mobile terminal | |
| CN107241339B (en) | Identity authentication method, identity authentication device and storage medium | |
| CN103986720A (en) | Log-in method and device | |
| CN104519050A (en) | Login method and login system | |
| CN104954383A (en) | Application program login method and system | |
| CN111062023B (en) | Method and device for realizing single sign-on of multi-application system | |
| CN104079409A (en) | Account login method and device | |
| CN104468592A (en) | Login method and system | |
| CN103414740B (en) | A kind of private cloud account configuration method and device | |
| CN104168261A (en) | Method and device for dynamic cipher login | |
| CN104967622A (en) | Voiceprint-based communication method, device and system | |
| CN103905200A (en) | Identity authentication method and system based on sound wave communications | |
| US20160066178A1 (en) | Device activation method and system | |
| CN105337933A (en) | Method and system for creating sub-account, primary account device and sub-account device | |
| CN108900562B (en) | Login state sharing method and device, electronic equipment and medium | |
| CN105100022A (en) | Cipher processing method, server and system | |
| CN105162802A (en) | Portal authentication method and Portal authentication server | |
| CN105491034A (en) | Method for establishing connection with terminal and terminal authentication method and apparatus | |
| CN107819766A (en) | Safety certifying method, system and computer-readable recording medium | |
| CN107566396A (en) | A kind of method based on dynamic password enhancing server VPN protocol securitys |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |