CN107317791A - Login validation method, logging request method and Security Login System - Google Patents
Login validation method, logging request method and Security Login System Download PDFInfo
- Publication number
- CN107317791A CN107317791A CN201611176436.1A CN201611176436A CN107317791A CN 107317791 A CN107317791 A CN 107317791A CN 201611176436 A CN201611176436 A CN 201611176436A CN 107317791 A CN107317791 A CN 107317791A
- Authority
- CN
- China
- Prior art keywords
- client
- login
- logging request
- check code
- checking
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/36—User authentication by graphic or iconic representation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- Power Engineering (AREA)
- Storage Device Security (AREA)
- Computer And Data Communications (AREA)
- Information Transfer Between Computers (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention discloses a kind of login validation method, this method includes:If receiving the logging request of client transmission, the identity of the client, and the account name and combination pin that the logging request is carried are obtained;According to default rule of combination, split the combination pin and obtain login password and check code;Recorded according to the identity of the client and the check code being pre-configured with, verify the check code;According to the account name and the login password database being pre-configured with, the login password is verified;If the check code is by checking, and the login password is by checking, then judges that the logging request passes through checking, it is allowed to which the client is logged in.The invention also discloses a kind of logging request method, Security Login System.The present invention substantially increases the security of login mode.
Description
Technical field
The present invention relates to field of information security technology, more particularly to a kind of login validation method, logging request method and peace
Full login system.
Background technology
At present, more website and application software use the form of " account+password " to carry out login authentication, if being used when logging in
The password of family input is identical with the password that user is pre-configured with, then allows User logs in.There is user due to that may be recorded in account
Personal information, even relate to the proprietary information of user, therefore, the security of accounts information is always user's concern.
However, existing login mode only to login password carry out login authentication, can not effective guarantee account peace
Entirely.When User logs in WEB application or APP, account and corresponding login password are carried in the logging request that client is sent.
If attacker successfully intercepts the logging request of client transmission, Brute Force can be carried out, the login password of user is obtained,
So as to using obtained accounts information, steal the privacy information or fund of user.
The content of the invention
It is a primary object of the present invention to provide a kind of login validation method, logging request method and Security Login System,
Aim to solve the problem that the low technical problem of existing login mode security.
To achieve the above object, the present invention provides a kind of login validation method, and the login validation method includes following step
Suddenly:
If receiving the logging request of client transmission, the identity of the client, and the logging request are obtained
The account name and combination pin of carrying;
According to default rule of combination, split the combination pin and obtain login password and check code;
Recorded according to the identity of the client and the check code being pre-configured with, verify the check code;
According to the account name and the login password database being pre-configured with, the login password is verified;
If the check code is by checking, and the login password then judges the logging request by testing by checking
Card, it is allowed to which the client is logged in.
Preferably, the graphical verification code inputted based on identifying code picture, the login are also carried in the logging request
Verification method also includes:
According to the graphical verification code record being pre-configured with, the graphical verification code is verified;
If the check code is by checking, and the login password is by checking, then judges that the logging request is led to
Cross checking, it is allowed to which the step of client is logged in includes:
If the check code is by checking, and the login password is by checking, and the graphical verification code is by checking,
Then judge that the logging request passes through checking, it is allowed to which the client is logged in.
Preferably, if the logging request for receiving client transmission, obtains the identity of the client, and institute
The step of account name and combination pin for stating logging request carrying, includes:
If receiving the logging request after the RSA public key encryptions of client transmission, stepped on using described in the decryption of default private key
Record request, obtains the identity of the client, and the account name and combination pin that the logging request is carried.
Preferably, if the logging request for receiving client transmission, obtains the identity of the client, and institute
Before the step of stating the account name and combination pin of logging request carrying, in addition to:
When detecting the client access login page, generation check code returns to the client, for the client
End configuration combination pin;
The identity of client described in corresponding record and the check code returned to the client, are saved in the verification
In code record.
Preferably, the check code is random number.
In addition, to achieve the above object, the present invention also provides a kind of logging request method, and the logging request method includes
Following steps:
When accessing login page, the check code that the reception server is returned;
According to default rule of combination, the login password of input is combined with the check code and obtains combination pin;
According to the account name of input and the combination pin, generation logging request is sent to the server and verified.
Preferably, the login page includes identifying code picture, and the logging request method also includes:
Receive the graphical verification code inputted based on the identifying code picture;
The account name and the combination pin according to input, generation logging request is sent to the server and tested
The step of card, includes:
According to the account name of input, the combination pin and the graphical verification code, generation logging request is sent to described
Server.
Preferably, the logging request method also includes:
Using logging request described in default RSA public key encryptions, the logging request after encryption is sent to the server.
In addition, to achieve the above object, the present invention also provides a kind of Security Login System, and the Security Login System includes
Server and client side, wherein:
The client, for when accessing login page, receiving the check code that the server is returned;According to default
Rule of combination, the login password of input is combined with the check code and obtains combination pin;According to the account name of input and described
Combination pin, generation logging request is sent to the server and verified;
The server, if for receiving the logging request that the client is sent, obtaining the identity of the client
Mark, and the account name and combination pin that the logging request is carried;According to default rule of combination, the combination pin is split
Obtain login password and check code;Recorded according to the identity of the client and the check code being pre-configured with, checking is described
Check code;According to the account name and the login password database being pre-configured with, the login password is verified;If the check code
By checking, and the login password is by checking, then judges that the logging request passes through checking, it is allowed to which the client is stepped on
Record.
Preferably, the server is additionally operable to,
When detecting the client access login page, identifying code picture is returned to the client;
The client, is additionally operable to receive the graphical verification code inputted based on the identifying code picture;According to the account of input
Name in an account book, the combination pin and the graphical verification code, generation logging request are sent to the server;
The server, is additionally operable to, according to the graphical verification code record being pre-configured with, verify the graphical verification code;If institute
Check code is stated then to step on described in judgement by checking by checking, and the graphical verification code by checking, and the login password
Record request passes through checking, it is allowed to which the client is logged in.
A kind of login validation method, logging request method and Security Login System that the embodiment of the present invention is proposed, are being carried out
During login authentication, if receiving the logging request of client transmission, the identity of this client is obtained, and logging request is carried
Account name and combination pin, to be verified to current logging request;Then, according to default rule of combination, fractionation group
Close password and obtain login password and check code, because the login password and check code in combination pin have multiple combinations mode, and
Default rule of combination is that attacker is difficult to obtain, even if therefore attacker has intercepted logging request, can not also crack combination
Password, also can not just obtain correct login password;Then, remembered according to the identity of client and the check code being pre-configured with
Record, verifies check code;According to account name and the login password database being pre-configured with, login password is verified;If check code passes through
Checking, and login password is by checking, then judges that current logging request passes through checking, it is allowed to the login of client.The present invention's
Be not in login mode, in the logging request that client is sent it is direct carry login password, but carry and be difficult to crack, bag
Combination pin containing check code and login password, check code and login password are obtained using the combination combination for being difficult to guess solution
Combination pin, greatly strengthen the explosion difficulty of login password, can effectively prevent the Brute Force of attacker.Also, this
Invention further enhancing the security of single password by the twin check to check code and login password.Thus, it is of the invention
The low technical problem of existing login mode security is solved, the security of login mode is substantially increased.
Brief description of the drawings
Fig. 1 is the schematic flow sheet of login validation method first embodiment of the present invention;
Fig. 2 is the schematic flow sheet of login validation method second embodiment of the present invention;
Fig. 3 is the schematic flow sheet of login validation method 3rd embodiment of the present invention;
Fig. 4 is the schematic flow sheet of login validation method fourth embodiment of the present invention;
Fig. 5 is the schematic flow sheet of logging request method first embodiment of the present invention;
Fig. 6 is the schematic flow sheet of logging request method second embodiment of the present invention;
Fig. 7 is the schematic flow sheet of logging request method 3rd embodiment of the present invention;
Fig. 8 is Security Login System first embodiment of the present invention, the module diagram of second embodiment.
The realization, functional characteristics and advantage of the object of the invention will be described further referring to the drawings in conjunction with the embodiments.
Embodiment
It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, it is not intended to limit the present invention.
Reference picture 1, login validation method first embodiment of the present invention provides a kind of login validation method, the login authentication
Method includes:
If step S110, the logging request for receiving client transmission, obtain the identity of the client, and described
Account name and combination pin that logging request is carried.
The present invention proposes a kind of new login mode, during login authentication is carried out, using comprising check code and very
The combination pin of real login password, even if logging request is intercepted by attacker, password cracking that also can not be in logging request
Obtain correct login password;And the combination pin that server can be parsed correctly in logging request obtains check code and real
Login password, carries out double verification to login password and check code, has ensured security during Account Logon.
Specifically, as a kind of embodiment, when client is receiving the logging request of client transmission, obtaining visitor
The identity at family end, parsing logging request obtains the account name and combination pin of logging request carrying.
Wherein, the identity of client can uniquely characterize client identity, the ID of such as client, or visitor
Subscriber Identity Module number, the client device number at family end etc..The identity of client can be logged on what is carried in request,
Can server individually obtained to client request, can flexible configuration according to actual needs.
The account name that the account name namely current request carried in logging request is logged in;The combination carried in logging request is close
Code is the password for being currently needed for being verified.
Step S120, according to default rule of combination, split the combination pin and obtain login password and check code.
After the combination pin carried in obtaining logging request, server splits this combination according to default rule of combination
Password, obtains the check code and real login password carried in combination pin.
Default combination is made an appointment by server and client side, and check code and login password are in combination pin
In put in order.It should be noted that check code and login password putting in order in combination pin can be simple
After front and back position sorts or respectively splits check code and login password, by the character or character group that are obtained after fractionation
Reconfigure and obtain combination pin, can flexible configuration according to actual needs it is of course also possible to be other permutation and combination methods.
For example, the combination pin carried in current logging request is 123456ABCDEF.
If default combination is:Check code is 6, and login password is 6, and the sequence of check code is close positioned at logging in
Before code, then the check code that fractionation combination pin is obtained is 123456, and login password is ABCDEF.
If default combination is:Check code be 6, login password be 6, and check code and login password by by
Split according to original sequence trisection and obtain character group, interted successively in the posterior mode of preceding, login password according to check code and arrange each
Character group obtains combination pin, then server is according to default combination, and the check code that reverse fractionation combination pin is obtained is
1256CD, login password is 34ABEF.
As can be seen here, the arrangement mode of check code and login password is many in combination pin so that combination pin
Difficulty is cracked to greatly increase.
Step S130, the identity according to the client and the check code record being pre-configured with, verify the verification
Code.
After fractionation combination pin obtains check code and login password, check code and login password are separately verified.
Specifically, as a kind of embodiment, server inquires about the verification being pre-configured with according to the identity of client
Code record, obtains this client identity in check code record and identifies corresponding check code.
Then, judge to split the obtained check code of combination pin and inquiry check code record obtained check code whether phase
Together.
If the check code that fractionation combination pin is obtained is identical with the check code that inquiry check code record is obtained, judge to split
The check code that combination pin is obtained passes through checking.
If the check code that the check code that fractionation combination pin is obtained is obtained with inquiry check code record is differed, judgement is torn open
The check code that subassembly password is obtained is not verified.
Step S140, according to the account name and the login password database being pre-configured with, verify the login password.
When carrying out the checking of login password, it can inquire about the login password database being pre-configured with according to account name, obtain
The corresponding login password of this account name into login password database, namely user is being pre-configured with, correct login password.
Then, the login password that the login password that fractionation combination pin is obtained is obtained with inquiry login password database is judged
It is whether identical.
If the login password that fractionation combination pin is obtained is identical with the login password that inquiry login password database is obtained,
Judge that the login password that fractionation combination pin is obtained passes through checking.
If the login password that the login password that fractionation combination pin is obtained is obtained with inquiry login password database is differed,
Then judge that the login password that fractionation combination pin is obtained is not verified.
If step S150, the check code are by checking, and the login password is by checking, then judges that the login please
Ask by checking, it is allowed to which the client is logged in.
After the check code and login password obtained to fractionation combination pin is verified, if check code is by checking, and
Login password then now can be determined that current logging request passes through checking, it is allowed to which active client is with current account by checking
Family is logged in.
It should be noted that the login password in the present embodiment can be logged on the password used during account or
The instruction password in the plurality of application scenes such as payment is moved, can be flexibly applied to need to carry out password according to actual needs
The application scenarios of checking.
In the present embodiment, if receiving the logging request of client transmission, the identity of this client is obtained, and step on
Account name and combination pin that record request is carried, to be verified to current logging request;Then, advised according to default combination
Then, split combination pin and obtain login password and check code, because the login password and check code in combination pin there are a variety of groups
Conjunction mode, and default rule of combination is attacker is difficult to obtain, even if therefore attacker has intercepted logging request, can not yet
Combination pin is cracked, correct login password also can not be just obtained;Then, according to the identity of client and it is pre-configured with
Check code is recorded, and verifies check code;According to account name and the login password database being pre-configured with, login password is verified;If school
Code is tested by checking, and login password is by checking, then judges that current logging request passes through checking, it is allowed to the login of client.
It not is that direct carry is stepped on when carrying out login authentication, in the logging request that client is sent in the login mode of the present embodiment
Record password, but carry be difficult to it is cracking, include check code and the combination pin of login password, check code and login password make
Combination pin is obtained with the combination combination for being difficult to guess solution, the explosion difficulty of login password is greatly strengthen, can be effective
Prevent the Brute Force of attacker.Also, the present embodiment is further enhanced by the twin check to check code and login password
The security of single password.Thus, the present embodiment solves the low technical problem of existing login mode security, carries significantly
The high security of login mode.
Further, reference picture 2, login validation method second embodiment of the present invention provides a kind of login validation method, base
The graphical verification code inputted based on identifying code picture, institute are also carried in the embodiment shown in above-mentioned Fig. 1, the logging request
Stating login validation method also includes:
The graphical verification code record that step S160, basis are pre-configured with, verifies the graphical verification code.
Server returns to identifying code picture to client, carries out identifying code when detecting client access login page
The checking of picture.Meanwhile, this identifying code picture is added in graphical verification code record by server, for subsequently being carried to client
The verification of the graphical verification code of friendship.
Client is shown on login page after image authentication code is received, for user's identification identifying code picture, input
Corresponding graphical verification code.
After the graphical verification code of user's input is obtained, account name that client is logged according to current request, the group of configuration
The graphical verification code generation logging request of password and user's input is closed, server is sent to.
Server is tested the login password and check code in combination pin after the logging request of client is received
Card, while carrying out the checking of graphical verification code.
When carrying out the checking of graphical verification code, server lookup graphical verification code record, the figure that verification client is submitted
Whether shape identifying code is correct, obtains check results.
Corresponding, the step S150 includes:
If step S151, the check code are by checking, and the login password is by verifying, and the graphical verification code
By checking, then judge that the logging request passes through checking, it is allowed to which the client is logged in.
When splitting the obtained check code of combination pin and login password all by checking, and the figure carried in logging request
When shape identifying code is also by checking, server judges that current logging request passes through checking, it is allowed to which active client is with current account
Log in.
In the present embodiment, the graphical verification code inputted based on identifying code picture is also carried in logging request, then is being received
During the logging request sent to client, recorded according to the graphical verification code that is pre-configured with, verify graphical verification code;If check code
By checking, and login password is by checking, and graphical verification code is by checking, then judges that logging request passes through checking, it is allowed to
Client is logged in.The present embodiment with the addition of graphical verification code on the basis of combination pin, further enhancing to malicious attack
Resistance, improve client login security.
Further, reference picture 3, login validation method 3rd embodiment of the present invention provides a kind of login validation method, base
In the embodiment (the present embodiment is by taking Fig. 1 as an example) shown in above-mentioned Fig. 1 or Fig. 2, the step S110 includes:
If step S111, receive client transmission RSA public key encryptions after logging request, use default private key solution
The close logging request, obtains the identity of the client, and the account name and combination pin that the logging request is carried.
Logging request is encrypted using RSA public keys before logging request is sent for client, please by the login after encryption
Ask and be sent to server.
Wherein, RSA cryptographic algorithms are asymmetric arithmetic, and public key used in client encryption is disclosed, and server
It is that secrecy is underground to decrypt the private key used, and the private key that the information after encryption is only capable of possessing by server could be decrypted.
Then server is after the logging request after receiving the encryption of client transmission, using the private key of secrecy to logging request
It is decrypted, obtains the account name and combination pin of logging request carrying.
If carrying graphical verification code in logging request, server is tested after decryption logging request while obtaining figure
Demonstrate,prove code, account name and combination pin.
If carrying the identity of client in logging request, server is also obtained after decryption logging request
The identity of client;If not carrying the identity of client in logging request, server is to its body of client request
Part mark.
Further, as another embodiment, client can use RSA public keys only to be added to combination pin
It is close.
Then server obtains the identity of client, and parse login when receiving the logging request of client transmission
Request obtains the combination pin after account name and encryption.
Then, the combination pin after encryption is decrypted using private key, obtains combination pin.
In the present embodiment, if receive client transmission RSA public key encryptions after logging request, use default private
Key decrypts the logging request, obtains the identity of client, and the account name and combination pin that logging request is carried.This reality
Example is applied by the way that logging request is encrypted, the security of client login is further increased so that close in logging request
Code is more difficult to by Brute Force, improves the security of login mode.
Further, reference picture 4, login validation method fourth embodiment of the present invention provides a kind of login validation method, base
Before the embodiment (the present embodiment is by taking Fig. 1 as an example) shown in above-mentioned Fig. 1, Fig. 2 or Fig. 3, the step S110, in addition to:
Step S170, when detecting the client and accessing login page, generation check code returns to the client, for
The client configures combination pin.
When detecting client access login page, the check code of generation is simultaneously returned to client by server generation check code
End.
Client is after the check code of server transmission is received, according to the combination made an appointment with server, combination
Check code and the login password of user's input, realize the configuration of combination pin.
It should be noted that client, which accesses login page, includes client opening login page, and refresh log in page
Face.When client accesses login page, server all regenerates check code and returns to client.Therefore, client is each
When refreshing login page, server also can all regenerate check code and return to client.
Further, as a kind of embodiment, the check code is random number.
That is, server as check code, is handed down to client, client makes every time using the random number generated at random
The random number configuration combination pin issued with server.The random number of server generation can be default length.
When using random number as check code, with reference to the multiple combinations mode of check code and login password so that obtain
Combination pin is more difficult to be cracked, and further increases the security of client login.
The identity of client described in step S180, corresponding record and the check code returned to the client, are preserved
Into check code record.
Server is handed down to after client after generation check code, or by check code, the identity of this client of corresponding record
The check code of this client is identified and is handed down to, and by this record storage into check code record, for subsequently to check code
Checking.
In the present embodiment, when detecting client access login page, generation check code returns to client, for client
End configuration combination pin;Also, the identity of corresponding record client and the check code returned to client, are saved in verification
In code record.The present embodiment can all regenerate check code and be handed down to client whenever client access login page is detected
End, it is ensured that upgrading in time for check code, improves the security logged in.If being used as check code using random number so that combination is close
Code is more difficult to by Brute Force, further increases the safe coefficient of client login.
Reference picture 5, logging request method first embodiment of the present invention provides a kind of logging request method, the logging request
Method includes:
Step S210, access login page when, the reception server return check code.
The present invention proposes a kind of new login mode, and client is close using comprising check code and truly logging in when logging in
The combination pin of code, even if logging request is intercepted by attacker, password cracking that also can not be in logging request is obtained correctly
Login password;And the combination pin that server can be parsed correctly in logging request obtains check code and really logged in close
Code, carries out double verification to login password and check code, has ensured security during Account Logon.
Specifically, as a kind of embodiment, client is when accessing login page, and server generation check code simultaneously will be raw
Into check code return client.
The check code that client the reception server is sent.
It should be noted that client, which accesses login page, includes client opening login page, and refresh log in page
Face.When client accesses login page, server all regenerates check code and returns to client.Therefore, client is each
When refreshing login page, server also can all regenerate check code and return to client.
Step S220, according to default rule of combination, the login password of input is combined with the check code
Password.
After the check code that server is issued is obtained, the login password configuration group that client is inputted according to check code and user
Close password
Specifically, as a kind of embodiment, default combination is made an appointment by server and client side, school
Test code and login password putting in order in combination pin.It should be noted that check code and login password are in combination pin
In put in order and can be the sequence of simple front and back position or respectively split check code and login password after, will
The character or character group obtained after fractionation, which is reconfigured, obtains combination pin, it is of course also possible to be other permutation and combination methods, can
Flexible configuration according to actual needs.
For example, the check code that server is issued is 123456, the password of user's input is ABCDEF.
If default combination is:The sequence of check code is located at before login password, then client combination check code
The combination pin obtained with login password is 123456ABCDEF.
If default combination is:Check code and login password are split according to original sequence trisection obtains character
Group, interts each character group of arrangement in the posterior mode of preceding, login password according to check code and obtains combination pin, then client successively
The combination pin that combination verification code and login password are obtained is 12AB34CD56EF.
As can be seen here, the arrangement mode of check code and login password is many in combination pin so that combination pin
Difficulty is cracked to greatly increase.
It should be noted that the login password that user inputs in the present embodiment can also be stepping on of preserving in client-cache
Record password.
Step S230, the account name according to input and the combination pin, generation logging request are sent to the server
Verified.
After configuration obtains combination pin, account name and the combination pin of configuration that client is inputted according to user, generation
Logging request, is sent to server and is verified.
Further, its identity can also be configured in log on request by client, with account name, combination pin one
Rise and be sent to server.
Certainly, when client can also ask its identity in server, then to server its identity is sent.
Wherein, the identity of client can uniquely characterize client identity, the ID of such as client, or visitor
Subscriber Identity Module number, the client device number at family end etc..
Server obtains the identity of client after the logging request of client transmission is received, and logging request is taken
The account name and combination pin of band;Then, according to default rule of combination, split combination pin and obtain login password and verification
Code;Then, recorded according to the identity of client and the check code being pre-configured with, verify check code;According to account name and in advance
The login password database first configured, verifies login password;If check code is then sentenced by checking, and login password by checking
Settled preceding logging request passes through checking, it is allowed to the login of client.
Certainly, server can not also verify check code, only after fractionation combination pin obtains check code and login password
Only verify login password.
Further, as a kind of embodiment, the check code is random number.
That is, server as check code, is handed down to client, client makes every time using the random number generated at random
The random number configuration combination pin issued with server.The random number of server generation can be default length.
When using random number as check code, with reference to the multiple combinations mode of check code and login password so that obtain
Combination pin is more difficult to be cracked, and further increases the security of client login.
In the present embodiment, when accessing login page, the check code that the reception server is returned is close to configure combination
Code;Then, according to default rule of combination, the login password that user inputs is combined with check code and obtains combination pin, due to
Login password and check code in combination pin have multiple combinations mode, and default rule of combination is attacker is difficult to obtain
, even if therefore attacker has intercepted logging request, can not also crack combination pin, also just can not correctly be logged in close
Code;Then, according to the account name and combination pin of input, generation logging request is sent to server and verified.The present embodiment
Login mode in, when asking to log in, in the logging request that client is sent be not it is direct carry login password, but take
Band be difficult to it is cracking, include check code and the combination pin of login password, check code and login password are using being difficult to guess solution
Combination combination obtains combination pin, greatly strengthen the explosion difficulty of login password, can effectively prevent attacker's
Brute Force.Thus, the present embodiment solves the low technical problem of existing login mode security, substantially increases login side
The security of formula.
Further, reference picture 6, logging request method second embodiment of the present invention provides a kind of logging request method, base
In the embodiment shown in above-mentioned Fig. 5, the login page includes identifying code picture, and the logging request method also includes:
The graphical verification code that step S240, reception are inputted based on the identifying code picture.
The step S230 includes:
Step S231, the account name according to input, the combination pin and the graphical verification code, generation logging request hair
Give the server.
In order to further improve the security of login, server is when detecting client access login page, to client
End returns to identifying code picture, carries out the checking of identifying code picture.Meanwhile, this identifying code picture is added to graphic verification by server
In code record, for the verification for the graphical verification code subsequently submitted to client.
Client is shown in login page after image authentication code is received, for user's identification identifying code picture, input
Corresponding graphical verification code.
After the graphical verification code of user's input is obtained, account name that client is logged according to current request, the group of configuration
The graphical verification code generation logging request of password and user's input is closed, server is sent to.
Server is tested the login password and check code in combination pin after the logging request of client is received
Card, while carrying out the checking of graphical verification code.
When carrying out the checking of graphical verification code, server lookup graphical verification code record, the figure that verification client is submitted
Whether shape identifying code is correct, obtains check results.
When splitting the obtained check code of combination pin and login password all by checking, and the figure carried in logging request
When shape identifying code is also by checking, server judges that current logging request passes through checking, it is allowed to which active client is with current account
Log in.
In the present embodiment, login page includes identifying code picture, and client is received based on server authentication code picture
The graphical verification code of input;Then, the figure of the account name, the combination pin that configuration is obtained and the user's input that are inputted according to user
Identifying code, generation logging request is sent to server.The present embodiment with the addition of graphical verification code on the basis of combination pin,
The resistance to malicious attack is further enhancing, the security of client login is improved.
Further, reference picture 7, logging request method 3rd embodiment of the present invention provides a kind of logging request method, base
In the embodiment (the present embodiment is by taking Fig. 6 as an example) shown in above-mentioned Fig. 6 or Fig. 7, the logging request method also includes:
Step S250, using logging request described in default RSA public key encryptions, the logging request after encryption is sent to institute
State server.
In order to further enhance the security of log-on message, client is before logging request is sent, using RSA public keys to stepping on
Record request is encrypted, and the logging request after encryption is sent into server.
Wherein, RSA cryptographic algorithms are asymmetric arithmetic, and public key used in client encryption is disclosed, and server
It is that secrecy is underground to decrypt the private key used, and the private key that the information after encryption is only capable of possessing by server could be decrypted.
Then server is after the logging request after receiving the encryption of client transmission, using the private key of secrecy to logging request
It is decrypted, obtains the information of logging request carrying, include the identity mark of account name, combination pin, graphical verification code, client
Know etc..
Further, as another embodiment, client can use RSA public keys only to be added to combination pin
It is close.
Then server obtains the identity of client, and parse login when receiving the logging request of client transmission
Request obtains the combination pin after account name and encryption.
Then, the combination pin after encryption is decrypted using private key, obtains combination pin.
In the present embodiment, using default RSA public key encryptions logging request, the logging request after encryption is sent to clothes
Business device, carries out the checking of logging request.The present embodiment further increases client login by the way that logging request is encrypted
Security so that the password in logging request is more difficult to by Brute Force, improves the security of login mode.
Reference picture 8, Security Login System first embodiment of the present invention provides a kind of Security Login System, the secure log
System includes server 10 and client 20, wherein:
The client 20, for when accessing login page, receiving the check code that the server 10 is returned;According to pre-
If rule of combination, the login password of input is combined with the check code and obtains combination pin;According to the account name of input and
The combination pin, generation logging request is sent to the server 10 and verified;
The server 10, if for receiving the logging request that the client 20 is sent, obtaining the client 20
Identity, and the logging request carry account name and combination pin;According to default rule of combination, described group is split
Close password and obtain login password and check code;Recorded according to the identity of the client 200 and the check code being pre-configured with,
Verify the check code;According to the account name and the login password database being pre-configured with, the login password is verified;If institute
Check code is stated by checking, and the login password is by checking, then judges that the logging request passes through checking, it is allowed to the visitor
Family end 20 is logged in.
Of the invention to propose a kind of new login system, client 20 is logged in when logging in using check code is included with true
The combination pin of password, even if logging request is intercepted by attacker, password cracking that also can not be in logging request is obtained just
True login password;And the combination pin that server 10 can be parsed correctly in logging request obtains check code and real login
Password, carries out double verification to login password and check code, has ensured security during Account Logon.
Specifically, as a kind of embodiment, client 20 is when accessing login page, and the generation of server 10 check code is simultaneously
The check code of generation is returned into client 20.Opened it should be noted that client 20 accesses login page including client 20
Login page, and refresh login page.When client 20 accesses login page, server 10 all regenerates check code
Return to client 20.Therefore, when client 20 refreshes login page every time, server 10 also can all regenerate check code return
Client 20.
The check code that the reception server 10 of client 20 is sent, the login password configuration group inputted according to check code and user
Close password
Specifically, default combination is made an appointment by server 10 and client 20, check code and login are close
Code putting in order in combination pin.It should be noted that check code and login password putting in order in combination pin
After being simple front and back position sequence or respectively splitting check code and login password, by what is obtained after fractionation
Character or character group, which are reconfigured, obtains combination pin, it is of course also possible to be other permutation and combination methods, can be according to actual needs
Flexible configuration.
Because the arrangement mode of check code and login password in combination pin is many so that combination pin cracks difficulty
Degree is greatly increased.
It should be noted that the login password that user inputs in the present embodiment can also be preserved in the caching of client 20
Login password.
After configuration obtains combination pin, account name and the combination pin of configuration that client 20 is inputted according to user are raw
Into logging request, it is sent to server 10 and is verified.
Further, its identity can also be configured in log on request by client 20, with account name, combination pin
Send jointly to server 10.Certainly, client 20 can also be when server 10 asks its identity, then to server 10
Send its identity.
Wherein, the identity of client 20 can uniquely characterize the identity of client 20, such as ID of client 20, or
Person is Subscriber Identity Module number, client device number of client 20 etc..
Server 10 obtains the identity of client 20, and log in after the logging request of the transmission of client 20 is received
Ask the account name and combination pin carried.
Then, according to default rule of combination, split combination pin and obtain login password and check code;Then, test respectively
Demonstrate,prove check code and login password.
Specifically, being recorded according to the identity of client 20 and the check code being pre-configured with, check code is verified;According to account
Name in an account book and the login password database being pre-configured with, verify login password.
If check code is by checking, and login password is by checking, then judges that current logging request passes through checking, it is allowed to visitor
The login at family end 20.
Certainly, server 10 can not also verify check code after fractionation combination pin obtains check code and login password,
Only verify login password.
Further, as a kind of embodiment, the check code is random number.
That is, server 10, as check code, is handed down to client 20, client every time using the random number generated at random
The random number that end 20 is issued using server 10 configures combination pin.The random number that server 10 is generated can be default length
Degree.
When using random number as check code, with reference to the multiple combinations mode of check code and login password so that obtain
Combination pin is more difficult to be cracked, and further increases the security of the login of client 20.
In the present embodiment, Security Login System includes client 20 and server 10, and client 20 is accessing log in page
During face, the check code that the reception server 10 is returned, to configure combination pin;Then, according to default rule of combination, by user
The login password of input is combined with check code obtains combination pin, because the login password and check code in combination pin have a variety of
Combination, and default rule of combination is attacker is difficult to obtain, even if therefore attacker has intercepted logging request, also without
Method cracks combination pin, also can not just obtain correct login password;Then, account name and combination of the client 20 according to input
Password, generation logging request is sent to server 10 and verified.If receiving the logging request of the transmission of client 20, server
10 obtain the identity of this client 20, and the account name and combination pin that logging request is carried, to be asked to current log in
Ask and verified;Then, according to default rule of combination, split combination pin and obtain login password and check code;Then, service
Device 10 is recorded according to the identity of client 20 and the check code being pre-configured with, and verifies check code;According to account name and in advance
The login password database of configuration, verifies login password;If check code is then serviced by checking, and login password by checking
Device 10 judges that current logging request passes through checking, it is allowed to the login of client 20.In the login system of the present embodiment, stepped on
During record checking, server 10 detects when client 20 accesses login page and sends check code to client 20, for client
20 configure combination pin according to check code.Thus, it is not direct carrying login password in the logging request that client 20 is sent,
But carry be difficult to it is cracking, include check code and the combination pin of login password, check code and login password are using being difficult to
Guess that the combination combination of solution obtains combination pin, greatly strengthen the explosion difficulty of login password, can effectively prevent from attacking
The Brute Force for the person of hitting.Also, server 10 is by the twin check to check code and login password, it further enhancing single
The security of password.Thus, the present embodiment solves the low technical problem of existing login mode security, substantially increases and steps on
The security of record mode.
Further, reference picture 8, Security Login System second embodiment of the present invention provides a kind of Security Login System, base
In the invention described above Security Login System first embodiment, the server 10 is additionally operable to,
When detecting the access of client 20 login page, identifying code picture is returned to the client 20;
The client 20, is additionally operable to receive the graphical verification code inputted based on the identifying code picture;According to input
Account name, the combination pin and the graphical verification code, generation logging request are sent to the server 10;
The server 10, is additionally operable to, according to the graphical verification code record being pre-configured with, verify the graphical verification code;If
The check code is then judged described by checking, and the login password by checking, and the graphical verification code by checking
Logging request passes through checking, it is allowed to which the client 20 is logged in.
In order to further enhance the security of login system, server 10 is detecting the access login page of client 20
When, identifying code picture is returned to client 20, the checking of identifying code picture is carried out.Meanwhile, server 10 is by this identifying code picture
It is added in graphical verification code record, for the verification for the graphical verification code subsequently submitted to client 20.
Client 20 is shown on login page after image authentication code is received, for user's identification identifying code picture, defeated
Enter corresponding graphical verification code.
After the graphical verification code of user's input is obtained, account name that client 20 is logged according to current request, configuration
Combination pin and the graphical verification code generation logging request of user's input, are sent to server 10.
Server 10 is carried out after the logging request of client 20 is received to the login password in combination pin and check code
Checking, while carrying out the checking of graphical verification code.
When carrying out the checking of graphical verification code, the inquiry graphical verification code record of server 10, verification client 20 is submitted
Graphical verification code it is whether correct, obtain check results.
When splitting the obtained check code of combination pin and login password all by checking, and the figure carried in logging request
When shape identifying code is also by checking, server 10 judges that current logging request passes through checking, it is allowed to which active client 20 is with current
Account Logon.
In the present embodiment, add graphical verification code, server 10 when detecting client 20 and accessing login page,
Identifying code picture is returned to client 20, then is also carried in the logging request that client 20 is configured based on the input of identifying code picture
Graphical verification code.Server 10 is when receiving the logging request of the transmission of client 20, according to the graphical verification code being pre-configured with
Record, verifies graphical verification code;If check code is by checking, and login password is by checking, and graphical verification code is by checking,
Then judge that the logging request of active client 20 passes through checking, it is allowed to which client 20 is logged in.Base of the present embodiment in combination pin
On plinth, graphical verification code is with the addition of, the resistance to malicious attack is further enhancing, the safety of client login is improved
Property.
The alternative embodiment of the present invention is these are only, is not intended to limit the scope of the invention, it is every to utilize this hair
Equivalent structure or equivalent flow conversion that bright specification and accompanying drawing content are made, or directly or indirectly it is used in other related skills
Art field, is included within the scope of the present invention.
Claims (10)
1. a kind of login validation method, it is characterised in that the login validation method comprises the following steps:
If receiving the logging request of client transmission, the identity of the client is obtained, and the logging request is carried
Account name and combination pin;
According to default rule of combination, split the combination pin and obtain login password and check code;
Recorded according to the identity of the client and the check code being pre-configured with, verify the check code;
According to the account name and the login password database being pre-configured with, the login password is verified;
If the check code is by checking, and the login password is by checking, then judges that the logging request, by checking, permits
Perhaps described client is logged in.
2. login validation method as claimed in claim 1, it is characterised in that also carried based on checking in the logging request
The graphical verification code of code picture input, the login validation method also includes:
According to the graphical verification code record being pre-configured with, the graphical verification code is verified;
If the check code is by checking, and the login password then judges the logging request by testing by checking
Card, it is allowed to which the step of client is logged in includes:
If the check code is then sentenced by checking, and the login password by checking, and the graphical verification code by checking
The fixed logging request passes through checking, it is allowed to which the client is logged in.
3. login validation method as claimed in claim 1, it is characterised in that if the login for receiving client transmission please
Ask, then obtain the identity of the client, and the logging request carry account name and combination pin the step of include:
If receiving the logging request after the RSA public key encryptions of client transmission, decrypting the login using default private key please
Ask, obtain the identity of the client, and the account name and combination pin that the logging request is carried.
4. the login validation method as described in claim 1,2 or 3, it is characterised in that if described receive stepping on for client transmission
Record request, then obtain the identity of the client, and the logging request carry account name and combination pin the step of
Before, in addition to:
When detecting the client access login page, generation check code returns to the client, so that the client is matched somebody with somebody
Put combination pin;
The identity of client described in corresponding record and the check code returned to the client, are saved in the check code note
In record.
5. login validation method as claimed in claim 4, it is characterised in that the check code is random number.
6. a kind of logging request method, it is characterised in that the logging request method comprises the following steps:
When accessing login page, the check code that the reception server is returned;
According to default rule of combination, the login password of input is combined with the check code and obtains combination pin;
According to the account name of input and the combination pin, generation logging request is sent to the server and verified.
7. logging request method as claimed in claim 6, it is characterised in that the login page includes identifying code picture,
The logging request method also includes:
Receive the graphical verification code inputted based on the identifying code picture;
The account name and the combination pin according to input, generation logging request is sent to what the server was verified
Step includes:
According to the account name of input, the combination pin and the graphical verification code, generation logging request is sent to the service
Device.
8. logging request method as claimed in claims 6 or 7, it is characterised in that the logging request method also includes:
Using logging request described in default RSA public key encryptions, the logging request after encryption is sent to the server.
9. a kind of Security Login System, it is characterised in that the Security Login System includes server and client side, wherein:
The client, for when accessing login page, receiving the check code that the server is returned;According to default combination
Rule, the login password of input is combined with the check code and obtains combination pin;According to the account name of input and the combination
Password, generation logging request is sent to the server and verified;
The server, if for receiving the logging request that the client is sent, obtaining the identity of the client,
And the account name and combination pin that the logging request is carried;According to default rule of combination, split the combination pin and obtain
Login password and check code;Recorded according to the identity of the client and the check code being pre-configured with, verify the verification
Code;According to the account name and the login password database being pre-configured with, the login password is verified;If the check code passes through
Checking, and the login password is by checking, then judges that the logging request passes through checking, it is allowed to which the client is logged in.
10. Security Login System as claimed in claim 9, it is characterised in that the server is additionally operable to,
When detecting the client access login page, identifying code picture is returned to the client;
The client, is additionally operable to receive the graphical verification code inputted based on the identifying code picture;According to the account name of input,
The combination pin and the graphical verification code, generation logging request are sent to the server;
The server, is additionally operable to, according to the graphical verification code record being pre-configured with, verify the graphical verification code;If the school
Code is tested by checking, and the login password is by checking, and the graphical verification code is by checking, then judges that the login please
Ask by checking, it is allowed to which the client is logged in.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611176436.1A CN107317791B (en) | 2016-12-15 | 2016-12-15 | Login validation method, logging request method and Security Login System |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611176436.1A CN107317791B (en) | 2016-12-15 | 2016-12-15 | Login validation method, logging request method and Security Login System |
Publications (2)
Publication Number | Publication Date |
---|---|
CN107317791A true CN107317791A (en) | 2017-11-03 |
CN107317791B CN107317791B (en) | 2018-07-31 |
Family
ID=60185232
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201611176436.1A Active CN107317791B (en) | 2016-12-15 | 2016-12-15 | Login validation method, logging request method and Security Login System |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107317791B (en) |
Cited By (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107835075A (en) * | 2017-12-06 | 2018-03-23 | 北京深思数盾科技股份有限公司 | The processing method and processing device of local password |
CN107995229A (en) * | 2018-01-31 | 2018-05-04 | 苏州锦佰安信息技术有限公司 | A kind of auth method and device |
CN108075880A (en) * | 2017-11-28 | 2018-05-25 | 珠海金山网络游戏科技有限公司 | A kind of network game server logs in security system and method |
CN108256344A (en) * | 2018-01-22 | 2018-07-06 | 商客通尚景科技江苏有限公司 | A kind of SaaS enterprise platforms Database Systems and attaching method thereof |
CN108306881A (en) * | 2018-01-31 | 2018-07-20 | 苏州锦佰安信息技术有限公司 | A kind of auth method and device |
CN108306883A (en) * | 2018-01-31 | 2018-07-20 | 苏州锦佰安信息技术有限公司 | A kind of auth method and device |
CN108650243A (en) * | 2018-04-24 | 2018-10-12 | 平安科技(深圳)有限公司 | Connection establishment method, system, device and computer readable storage medium |
CN108769083A (en) * | 2018-08-01 | 2018-11-06 | 北京奇虎科技有限公司 | Login method, apparatus and system based on distributed server |
CN109547428A (en) * | 2018-11-14 | 2019-03-29 | 深圳市云歌人工智能技术有限公司 | It verifies password and accesses method, system and the storage medium of server |
CN110147658A (en) * | 2019-04-16 | 2019-08-20 | 平安科技(深圳)有限公司 | User information encipher-decipher method, system and computer equipment |
CN111787005A (en) * | 2020-06-30 | 2020-10-16 | 中国工商银行股份有限公司 | Dynamic encrypted secure login method and device |
CN112699396A (en) * | 2021-01-15 | 2021-04-23 | 深圳市网信数码科技有限公司 | Information security method, device, system and storage medium of instant communication software |
CN113901440A (en) * | 2021-12-09 | 2022-01-07 | 北京网界科技有限公司 | User login system and method, and user login setting system and method |
CN114297623A (en) * | 2021-12-07 | 2022-04-08 | 北京天融信网络安全技术有限公司 | User permission setting method and system convenient for permission change |
CN114422270A (en) * | 2022-03-28 | 2022-04-29 | 成都运荔枝科技有限公司 | Method and device for safe login authentication of Internet platform system |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101051904A (en) * | 2007-05-17 | 2007-10-10 | 成都金山互动娱乐科技有限公司 | Method for landing by account number cipher for protecting network application sequence |
US20090031407A1 (en) * | 2007-07-24 | 2009-01-29 | Shaobo Kuang | Method and system for security check or verification |
CN102316112A (en) * | 2011-09-16 | 2012-01-11 | 李建成 | Password authentication method in network application and system |
CN103067401A (en) * | 2013-01-10 | 2013-04-24 | 天地融科技股份有限公司 | Method and system for key protection |
CN105337938A (en) * | 2014-07-28 | 2016-02-17 | 阿里巴巴集团控股有限公司 | Validity verification method and device |
-
2016
- 2016-12-15 CN CN201611176436.1A patent/CN107317791B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101051904A (en) * | 2007-05-17 | 2007-10-10 | 成都金山互动娱乐科技有限公司 | Method for landing by account number cipher for protecting network application sequence |
US20090031407A1 (en) * | 2007-07-24 | 2009-01-29 | Shaobo Kuang | Method and system for security check or verification |
CN102316112A (en) * | 2011-09-16 | 2012-01-11 | 李建成 | Password authentication method in network application and system |
CN103067401A (en) * | 2013-01-10 | 2013-04-24 | 天地融科技股份有限公司 | Method and system for key protection |
CN105337938A (en) * | 2014-07-28 | 2016-02-17 | 阿里巴巴集团控股有限公司 | Validity verification method and device |
Cited By (20)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108075880A (en) * | 2017-11-28 | 2018-05-25 | 珠海金山网络游戏科技有限公司 | A kind of network game server logs in security system and method |
CN107835075A (en) * | 2017-12-06 | 2018-03-23 | 北京深思数盾科技股份有限公司 | The processing method and processing device of local password |
CN108256344B (en) * | 2018-01-22 | 2019-10-22 | 商客通尚景科技江苏有限公司 | A kind of SaaS enterprise platform Database Systems and attaching method thereof |
CN108256344A (en) * | 2018-01-22 | 2018-07-06 | 商客通尚景科技江苏有限公司 | A kind of SaaS enterprise platforms Database Systems and attaching method thereof |
CN108306883A (en) * | 2018-01-31 | 2018-07-20 | 苏州锦佰安信息技术有限公司 | A kind of auth method and device |
CN107995229A (en) * | 2018-01-31 | 2018-05-04 | 苏州锦佰安信息技术有限公司 | A kind of auth method and device |
CN108306881A (en) * | 2018-01-31 | 2018-07-20 | 苏州锦佰安信息技术有限公司 | A kind of auth method and device |
CN108650243B (en) * | 2018-04-24 | 2021-04-23 | 平安科技(深圳)有限公司 | Connection establishment method, system, device and computer readable storage medium |
WO2019205288A1 (en) * | 2018-04-24 | 2019-10-31 | 平安科技(深圳)有限公司 | Connection establishment method, system, and device, and computer readable storage medium |
CN108650243A (en) * | 2018-04-24 | 2018-10-12 | 平安科技(深圳)有限公司 | Connection establishment method, system, device and computer readable storage medium |
CN108769083A (en) * | 2018-08-01 | 2018-11-06 | 北京奇虎科技有限公司 | Login method, apparatus and system based on distributed server |
CN109547428A (en) * | 2018-11-14 | 2019-03-29 | 深圳市云歌人工智能技术有限公司 | It verifies password and accesses method, system and the storage medium of server |
CN110147658A (en) * | 2019-04-16 | 2019-08-20 | 平安科技(深圳)有限公司 | User information encipher-decipher method, system and computer equipment |
CN111787005A (en) * | 2020-06-30 | 2020-10-16 | 中国工商银行股份有限公司 | Dynamic encrypted secure login method and device |
CN112699396A (en) * | 2021-01-15 | 2021-04-23 | 深圳市网信数码科技有限公司 | Information security method, device, system and storage medium of instant communication software |
CN112699396B (en) * | 2021-01-15 | 2021-07-20 | 深圳市网信数码科技有限公司 | Information security method, device, system and storage medium of instant communication software |
CN114297623A (en) * | 2021-12-07 | 2022-04-08 | 北京天融信网络安全技术有限公司 | User permission setting method and system convenient for permission change |
CN113901440A (en) * | 2021-12-09 | 2022-01-07 | 北京网界科技有限公司 | User login system and method, and user login setting system and method |
CN114422270A (en) * | 2022-03-28 | 2022-04-29 | 成都运荔枝科技有限公司 | Method and device for safe login authentication of Internet platform system |
CN114422270B (en) * | 2022-03-28 | 2022-06-03 | 成都运荔枝科技有限公司 | Method and device for safe login authentication of Internet platform system |
Also Published As
Publication number | Publication date |
---|---|
CN107317791B (en) | 2018-07-31 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107317791B (en) | Login validation method, logging request method and Security Login System | |
US10027631B2 (en) | Securing passwords against dictionary attacks | |
CN104580264B (en) | Login method, entering device and login and Accreditation System | |
CN105024819B (en) | A kind of multiple-factor authentication method and system based on mobile terminal | |
WO2017000829A1 (en) | Method for checking security based on biological features, client and server | |
CN106612180A (en) | Method and device for realizing session identifier synchronization | |
CN107864115A (en) | A kind of method that user account login authentication is carried out using portable terminal | |
CN112000951B (en) | Access method, device, system, electronic equipment and storage medium | |
CN106330838B (en) | A kind of dynamic signature method and the client and server using this method | |
CN108684041A (en) | The system and method for login authentication | |
CN109587162A (en) | Login validation method, device, terminal, cipher server and storage medium | |
RU2670031C2 (en) | System and method of identification and / or authentication | |
CN106878245A (en) | The offer of graphic code information, acquisition methods, device and terminal | |
US10579809B2 (en) | National identification number based authentication and content delivery | |
CN112632593B (en) | Data storage method, data processing method, device and storage medium | |
CN107370765A (en) | A kind of ftp server identity identifying method and system | |
CN109347887A (en) | A kind of identity authentication method and device | |
CN105187382A (en) | Multi-factor identity authentication method for preventing library collision attacks | |
CN113918967A (en) | Data transmission method, system, computer equipment and medium based on security check | |
CN108667801A (en) | A kind of Internet of Things access identity safety certifying method and system | |
CN110166471A (en) | A kind of portal authentication method and device | |
CN109495458A (en) | A kind of method, system and the associated component of data transmission | |
US20220070009A1 (en) | Authentication system with reduced attack surface | |
CN110912857B (en) | Method and storage medium for sharing login between mobile applications | |
CN114726606B (en) | User authentication method, client, gateway and authentication server |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
REG | Reference to a national code |
Ref country code: HK Ref legal event code: DE Ref document number: 1238442 Country of ref document: HK |
|
GR01 | Patent grant | ||
GR01 | Patent grant |