CN107317791A - Login validation method, logging request method and Security Login System - Google Patents

Login validation method, logging request method and Security Login System Download PDF

Info

Publication number
CN107317791A
CN107317791A CN201611176436.1A CN201611176436A CN107317791A CN 107317791 A CN107317791 A CN 107317791A CN 201611176436 A CN201611176436 A CN 201611176436A CN 107317791 A CN107317791 A CN 107317791A
Authority
CN
China
Prior art keywords
client
login
logging request
check code
checking
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201611176436.1A
Other languages
Chinese (zh)
Other versions
CN107317791B (en
Inventor
秦伟强
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ping An Technology Shenzhen Co Ltd
Original Assignee
Ping An Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ping An Technology Shenzhen Co Ltd filed Critical Ping An Technology Shenzhen Co Ltd
Priority to CN201611176436.1A priority Critical patent/CN107317791B/en
Publication of CN107317791A publication Critical patent/CN107317791A/en
Application granted granted Critical
Publication of CN107317791B publication Critical patent/CN107317791B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Power Engineering (AREA)
  • Storage Device Security (AREA)
  • Computer And Data Communications (AREA)
  • Information Transfer Between Computers (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention discloses a kind of login validation method, this method includes:If receiving the logging request of client transmission, the identity of the client, and the account name and combination pin that the logging request is carried are obtained;According to default rule of combination, split the combination pin and obtain login password and check code;Recorded according to the identity of the client and the check code being pre-configured with, verify the check code;According to the account name and the login password database being pre-configured with, the login password is verified;If the check code is by checking, and the login password is by checking, then judges that the logging request passes through checking, it is allowed to which the client is logged in.The invention also discloses a kind of logging request method, Security Login System.The present invention substantially increases the security of login mode.

Description

Login validation method, logging request method and Security Login System
Technical field
The present invention relates to field of information security technology, more particularly to a kind of login validation method, logging request method and peace Full login system.
Background technology
At present, more website and application software use the form of " account+password " to carry out login authentication, if being used when logging in The password of family input is identical with the password that user is pre-configured with, then allows User logs in.There is user due to that may be recorded in account Personal information, even relate to the proprietary information of user, therefore, the security of accounts information is always user's concern.
However, existing login mode only to login password carry out login authentication, can not effective guarantee account peace Entirely.When User logs in WEB application or APP, account and corresponding login password are carried in the logging request that client is sent. If attacker successfully intercepts the logging request of client transmission, Brute Force can be carried out, the login password of user is obtained, So as to using obtained accounts information, steal the privacy information or fund of user.
The content of the invention
It is a primary object of the present invention to provide a kind of login validation method, logging request method and Security Login System, Aim to solve the problem that the low technical problem of existing login mode security.
To achieve the above object, the present invention provides a kind of login validation method, and the login validation method includes following step Suddenly:
If receiving the logging request of client transmission, the identity of the client, and the logging request are obtained The account name and combination pin of carrying;
According to default rule of combination, split the combination pin and obtain login password and check code;
Recorded according to the identity of the client and the check code being pre-configured with, verify the check code;
According to the account name and the login password database being pre-configured with, the login password is verified;
If the check code is by checking, and the login password then judges the logging request by testing by checking Card, it is allowed to which the client is logged in.
Preferably, the graphical verification code inputted based on identifying code picture, the login are also carried in the logging request Verification method also includes:
According to the graphical verification code record being pre-configured with, the graphical verification code is verified;
If the check code is by checking, and the login password is by checking, then judges that the logging request is led to Cross checking, it is allowed to which the step of client is logged in includes:
If the check code is by checking, and the login password is by checking, and the graphical verification code is by checking, Then judge that the logging request passes through checking, it is allowed to which the client is logged in.
Preferably, if the logging request for receiving client transmission, obtains the identity of the client, and institute The step of account name and combination pin for stating logging request carrying, includes:
If receiving the logging request after the RSA public key encryptions of client transmission, stepped on using described in the decryption of default private key Record request, obtains the identity of the client, and the account name and combination pin that the logging request is carried.
Preferably, if the logging request for receiving client transmission, obtains the identity of the client, and institute Before the step of stating the account name and combination pin of logging request carrying, in addition to:
When detecting the client access login page, generation check code returns to the client, for the client End configuration combination pin;
The identity of client described in corresponding record and the check code returned to the client, are saved in the verification In code record.
Preferably, the check code is random number.
In addition, to achieve the above object, the present invention also provides a kind of logging request method, and the logging request method includes Following steps:
When accessing login page, the check code that the reception server is returned;
According to default rule of combination, the login password of input is combined with the check code and obtains combination pin;
According to the account name of input and the combination pin, generation logging request is sent to the server and verified.
Preferably, the login page includes identifying code picture, and the logging request method also includes:
Receive the graphical verification code inputted based on the identifying code picture;
The account name and the combination pin according to input, generation logging request is sent to the server and tested The step of card, includes:
According to the account name of input, the combination pin and the graphical verification code, generation logging request is sent to described Server.
Preferably, the logging request method also includes:
Using logging request described in default RSA public key encryptions, the logging request after encryption is sent to the server.
In addition, to achieve the above object, the present invention also provides a kind of Security Login System, and the Security Login System includes Server and client side, wherein:
The client, for when accessing login page, receiving the check code that the server is returned;According to default Rule of combination, the login password of input is combined with the check code and obtains combination pin;According to the account name of input and described Combination pin, generation logging request is sent to the server and verified;
The server, if for receiving the logging request that the client is sent, obtaining the identity of the client Mark, and the account name and combination pin that the logging request is carried;According to default rule of combination, the combination pin is split Obtain login password and check code;Recorded according to the identity of the client and the check code being pre-configured with, checking is described Check code;According to the account name and the login password database being pre-configured with, the login password is verified;If the check code By checking, and the login password is by checking, then judges that the logging request passes through checking, it is allowed to which the client is stepped on Record.
Preferably, the server is additionally operable to,
When detecting the client access login page, identifying code picture is returned to the client;
The client, is additionally operable to receive the graphical verification code inputted based on the identifying code picture;According to the account of input Name in an account book, the combination pin and the graphical verification code, generation logging request are sent to the server;
The server, is additionally operable to, according to the graphical verification code record being pre-configured with, verify the graphical verification code;If institute Check code is stated then to step on described in judgement by checking by checking, and the graphical verification code by checking, and the login password Record request passes through checking, it is allowed to which the client is logged in.
A kind of login validation method, logging request method and Security Login System that the embodiment of the present invention is proposed, are being carried out During login authentication, if receiving the logging request of client transmission, the identity of this client is obtained, and logging request is carried Account name and combination pin, to be verified to current logging request;Then, according to default rule of combination, fractionation group Close password and obtain login password and check code, because the login password and check code in combination pin have multiple combinations mode, and Default rule of combination is that attacker is difficult to obtain, even if therefore attacker has intercepted logging request, can not also crack combination Password, also can not just obtain correct login password;Then, remembered according to the identity of client and the check code being pre-configured with Record, verifies check code;According to account name and the login password database being pre-configured with, login password is verified;If check code passes through Checking, and login password is by checking, then judges that current logging request passes through checking, it is allowed to the login of client.The present invention's Be not in login mode, in the logging request that client is sent it is direct carry login password, but carry and be difficult to crack, bag Combination pin containing check code and login password, check code and login password are obtained using the combination combination for being difficult to guess solution Combination pin, greatly strengthen the explosion difficulty of login password, can effectively prevent the Brute Force of attacker.Also, this Invention further enhancing the security of single password by the twin check to check code and login password.Thus, it is of the invention The low technical problem of existing login mode security is solved, the security of login mode is substantially increased.
Brief description of the drawings
Fig. 1 is the schematic flow sheet of login validation method first embodiment of the present invention;
Fig. 2 is the schematic flow sheet of login validation method second embodiment of the present invention;
Fig. 3 is the schematic flow sheet of login validation method 3rd embodiment of the present invention;
Fig. 4 is the schematic flow sheet of login validation method fourth embodiment of the present invention;
Fig. 5 is the schematic flow sheet of logging request method first embodiment of the present invention;
Fig. 6 is the schematic flow sheet of logging request method second embodiment of the present invention;
Fig. 7 is the schematic flow sheet of logging request method 3rd embodiment of the present invention;
Fig. 8 is Security Login System first embodiment of the present invention, the module diagram of second embodiment.
The realization, functional characteristics and advantage of the object of the invention will be described further referring to the drawings in conjunction with the embodiments.
Embodiment
It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, it is not intended to limit the present invention.
Reference picture 1, login validation method first embodiment of the present invention provides a kind of login validation method, the login authentication Method includes:
If step S110, the logging request for receiving client transmission, obtain the identity of the client, and described Account name and combination pin that logging request is carried.
The present invention proposes a kind of new login mode, during login authentication is carried out, using comprising check code and very The combination pin of real login password, even if logging request is intercepted by attacker, password cracking that also can not be in logging request Obtain correct login password;And the combination pin that server can be parsed correctly in logging request obtains check code and real Login password, carries out double verification to login password and check code, has ensured security during Account Logon.
Specifically, as a kind of embodiment, when client is receiving the logging request of client transmission, obtaining visitor The identity at family end, parsing logging request obtains the account name and combination pin of logging request carrying.
Wherein, the identity of client can uniquely characterize client identity, the ID of such as client, or visitor Subscriber Identity Module number, the client device number at family end etc..The identity of client can be logged on what is carried in request, Can server individually obtained to client request, can flexible configuration according to actual needs.
The account name that the account name namely current request carried in logging request is logged in;The combination carried in logging request is close Code is the password for being currently needed for being verified.
Step S120, according to default rule of combination, split the combination pin and obtain login password and check code.
After the combination pin carried in obtaining logging request, server splits this combination according to default rule of combination Password, obtains the check code and real login password carried in combination pin.
Default combination is made an appointment by server and client side, and check code and login password are in combination pin In put in order.It should be noted that check code and login password putting in order in combination pin can be simple After front and back position sorts or respectively splits check code and login password, by the character or character group that are obtained after fractionation Reconfigure and obtain combination pin, can flexible configuration according to actual needs it is of course also possible to be other permutation and combination methods.
For example, the combination pin carried in current logging request is 123456ABCDEF.
If default combination is:Check code is 6, and login password is 6, and the sequence of check code is close positioned at logging in Before code, then the check code that fractionation combination pin is obtained is 123456, and login password is ABCDEF.
If default combination is:Check code be 6, login password be 6, and check code and login password by by Split according to original sequence trisection and obtain character group, interted successively in the posterior mode of preceding, login password according to check code and arrange each Character group obtains combination pin, then server is according to default combination, and the check code that reverse fractionation combination pin is obtained is 1256CD, login password is 34ABEF.
As can be seen here, the arrangement mode of check code and login password is many in combination pin so that combination pin Difficulty is cracked to greatly increase.
Step S130, the identity according to the client and the check code record being pre-configured with, verify the verification Code.
After fractionation combination pin obtains check code and login password, check code and login password are separately verified.
Specifically, as a kind of embodiment, server inquires about the verification being pre-configured with according to the identity of client Code record, obtains this client identity in check code record and identifies corresponding check code.
Then, judge to split the obtained check code of combination pin and inquiry check code record obtained check code whether phase Together.
If the check code that fractionation combination pin is obtained is identical with the check code that inquiry check code record is obtained, judge to split The check code that combination pin is obtained passes through checking.
If the check code that the check code that fractionation combination pin is obtained is obtained with inquiry check code record is differed, judgement is torn open The check code that subassembly password is obtained is not verified.
Step S140, according to the account name and the login password database being pre-configured with, verify the login password.
When carrying out the checking of login password, it can inquire about the login password database being pre-configured with according to account name, obtain The corresponding login password of this account name into login password database, namely user is being pre-configured with, correct login password.
Then, the login password that the login password that fractionation combination pin is obtained is obtained with inquiry login password database is judged It is whether identical.
If the login password that fractionation combination pin is obtained is identical with the login password that inquiry login password database is obtained, Judge that the login password that fractionation combination pin is obtained passes through checking.
If the login password that the login password that fractionation combination pin is obtained is obtained with inquiry login password database is differed, Then judge that the login password that fractionation combination pin is obtained is not verified.
If step S150, the check code are by checking, and the login password is by checking, then judges that the login please Ask by checking, it is allowed to which the client is logged in.
After the check code and login password obtained to fractionation combination pin is verified, if check code is by checking, and Login password then now can be determined that current logging request passes through checking, it is allowed to which active client is with current account by checking Family is logged in.
It should be noted that the login password in the present embodiment can be logged on the password used during account or The instruction password in the plurality of application scenes such as payment is moved, can be flexibly applied to need to carry out password according to actual needs The application scenarios of checking.
In the present embodiment, if receiving the logging request of client transmission, the identity of this client is obtained, and step on Account name and combination pin that record request is carried, to be verified to current logging request;Then, advised according to default combination Then, split combination pin and obtain login password and check code, because the login password and check code in combination pin there are a variety of groups Conjunction mode, and default rule of combination is attacker is difficult to obtain, even if therefore attacker has intercepted logging request, can not yet Combination pin is cracked, correct login password also can not be just obtained;Then, according to the identity of client and it is pre-configured with Check code is recorded, and verifies check code;According to account name and the login password database being pre-configured with, login password is verified;If school Code is tested by checking, and login password is by checking, then judges that current logging request passes through checking, it is allowed to the login of client. It not is that direct carry is stepped on when carrying out login authentication, in the logging request that client is sent in the login mode of the present embodiment Record password, but carry be difficult to it is cracking, include check code and the combination pin of login password, check code and login password make Combination pin is obtained with the combination combination for being difficult to guess solution, the explosion difficulty of login password is greatly strengthen, can be effective Prevent the Brute Force of attacker.Also, the present embodiment is further enhanced by the twin check to check code and login password The security of single password.Thus, the present embodiment solves the low technical problem of existing login mode security, carries significantly The high security of login mode.
Further, reference picture 2, login validation method second embodiment of the present invention provides a kind of login validation method, base The graphical verification code inputted based on identifying code picture, institute are also carried in the embodiment shown in above-mentioned Fig. 1, the logging request Stating login validation method also includes:
The graphical verification code record that step S160, basis are pre-configured with, verifies the graphical verification code.
Server returns to identifying code picture to client, carries out identifying code when detecting client access login page The checking of picture.Meanwhile, this identifying code picture is added in graphical verification code record by server, for subsequently being carried to client The verification of the graphical verification code of friendship.
Client is shown on login page after image authentication code is received, for user's identification identifying code picture, input Corresponding graphical verification code.
After the graphical verification code of user's input is obtained, account name that client is logged according to current request, the group of configuration The graphical verification code generation logging request of password and user's input is closed, server is sent to.
Server is tested the login password and check code in combination pin after the logging request of client is received Card, while carrying out the checking of graphical verification code.
When carrying out the checking of graphical verification code, server lookup graphical verification code record, the figure that verification client is submitted Whether shape identifying code is correct, obtains check results.
Corresponding, the step S150 includes:
If step S151, the check code are by checking, and the login password is by verifying, and the graphical verification code By checking, then judge that the logging request passes through checking, it is allowed to which the client is logged in.
When splitting the obtained check code of combination pin and login password all by checking, and the figure carried in logging request When shape identifying code is also by checking, server judges that current logging request passes through checking, it is allowed to which active client is with current account Log in.
In the present embodiment, the graphical verification code inputted based on identifying code picture is also carried in logging request, then is being received During the logging request sent to client, recorded according to the graphical verification code that is pre-configured with, verify graphical verification code;If check code By checking, and login password is by checking, and graphical verification code is by checking, then judges that logging request passes through checking, it is allowed to Client is logged in.The present embodiment with the addition of graphical verification code on the basis of combination pin, further enhancing to malicious attack Resistance, improve client login security.
Further, reference picture 3, login validation method 3rd embodiment of the present invention provides a kind of login validation method, base In the embodiment (the present embodiment is by taking Fig. 1 as an example) shown in above-mentioned Fig. 1 or Fig. 2, the step S110 includes:
If step S111, receive client transmission RSA public key encryptions after logging request, use default private key solution The close logging request, obtains the identity of the client, and the account name and combination pin that the logging request is carried.
Logging request is encrypted using RSA public keys before logging request is sent for client, please by the login after encryption Ask and be sent to server.
Wherein, RSA cryptographic algorithms are asymmetric arithmetic, and public key used in client encryption is disclosed, and server It is that secrecy is underground to decrypt the private key used, and the private key that the information after encryption is only capable of possessing by server could be decrypted.
Then server is after the logging request after receiving the encryption of client transmission, using the private key of secrecy to logging request It is decrypted, obtains the account name and combination pin of logging request carrying.
If carrying graphical verification code in logging request, server is tested after decryption logging request while obtaining figure Demonstrate,prove code, account name and combination pin.
If carrying the identity of client in logging request, server is also obtained after decryption logging request The identity of client;If not carrying the identity of client in logging request, server is to its body of client request Part mark.
Further, as another embodiment, client can use RSA public keys only to be added to combination pin It is close.
Then server obtains the identity of client, and parse login when receiving the logging request of client transmission Request obtains the combination pin after account name and encryption.
Then, the combination pin after encryption is decrypted using private key, obtains combination pin.
In the present embodiment, if receive client transmission RSA public key encryptions after logging request, use default private Key decrypts the logging request, obtains the identity of client, and the account name and combination pin that logging request is carried.This reality Example is applied by the way that logging request is encrypted, the security of client login is further increased so that close in logging request Code is more difficult to by Brute Force, improves the security of login mode.
Further, reference picture 4, login validation method fourth embodiment of the present invention provides a kind of login validation method, base Before the embodiment (the present embodiment is by taking Fig. 1 as an example) shown in above-mentioned Fig. 1, Fig. 2 or Fig. 3, the step S110, in addition to:
Step S170, when detecting the client and accessing login page, generation check code returns to the client, for The client configures combination pin.
When detecting client access login page, the check code of generation is simultaneously returned to client by server generation check code End.
Client is after the check code of server transmission is received, according to the combination made an appointment with server, combination Check code and the login password of user's input, realize the configuration of combination pin.
It should be noted that client, which accesses login page, includes client opening login page, and refresh log in page Face.When client accesses login page, server all regenerates check code and returns to client.Therefore, client is each When refreshing login page, server also can all regenerate check code and return to client.
Further, as a kind of embodiment, the check code is random number.
That is, server as check code, is handed down to client, client makes every time using the random number generated at random The random number configuration combination pin issued with server.The random number of server generation can be default length.
When using random number as check code, with reference to the multiple combinations mode of check code and login password so that obtain Combination pin is more difficult to be cracked, and further increases the security of client login.
The identity of client described in step S180, corresponding record and the check code returned to the client, are preserved Into check code record.
Server is handed down to after client after generation check code, or by check code, the identity of this client of corresponding record The check code of this client is identified and is handed down to, and by this record storage into check code record, for subsequently to check code Checking.
In the present embodiment, when detecting client access login page, generation check code returns to client, for client End configuration combination pin;Also, the identity of corresponding record client and the check code returned to client, are saved in verification In code record.The present embodiment can all regenerate check code and be handed down to client whenever client access login page is detected End, it is ensured that upgrading in time for check code, improves the security logged in.If being used as check code using random number so that combination is close Code is more difficult to by Brute Force, further increases the safe coefficient of client login.
Reference picture 5, logging request method first embodiment of the present invention provides a kind of logging request method, the logging request Method includes:
Step S210, access login page when, the reception server return check code.
The present invention proposes a kind of new login mode, and client is close using comprising check code and truly logging in when logging in The combination pin of code, even if logging request is intercepted by attacker, password cracking that also can not be in logging request is obtained correctly Login password;And the combination pin that server can be parsed correctly in logging request obtains check code and really logged in close Code, carries out double verification to login password and check code, has ensured security during Account Logon.
Specifically, as a kind of embodiment, client is when accessing login page, and server generation check code simultaneously will be raw Into check code return client.
The check code that client the reception server is sent.
It should be noted that client, which accesses login page, includes client opening login page, and refresh log in page Face.When client accesses login page, server all regenerates check code and returns to client.Therefore, client is each When refreshing login page, server also can all regenerate check code and return to client.
Step S220, according to default rule of combination, the login password of input is combined with the check code Password.
After the check code that server is issued is obtained, the login password configuration group that client is inputted according to check code and user Close password
Specifically, as a kind of embodiment, default combination is made an appointment by server and client side, school Test code and login password putting in order in combination pin.It should be noted that check code and login password are in combination pin In put in order and can be the sequence of simple front and back position or respectively split check code and login password after, will The character or character group obtained after fractionation, which is reconfigured, obtains combination pin, it is of course also possible to be other permutation and combination methods, can Flexible configuration according to actual needs.
For example, the check code that server is issued is 123456, the password of user's input is ABCDEF.
If default combination is:The sequence of check code is located at before login password, then client combination check code The combination pin obtained with login password is 123456ABCDEF.
If default combination is:Check code and login password are split according to original sequence trisection obtains character Group, interts each character group of arrangement in the posterior mode of preceding, login password according to check code and obtains combination pin, then client successively The combination pin that combination verification code and login password are obtained is 12AB34CD56EF.
As can be seen here, the arrangement mode of check code and login password is many in combination pin so that combination pin Difficulty is cracked to greatly increase.
It should be noted that the login password that user inputs in the present embodiment can also be stepping on of preserving in client-cache Record password.
Step S230, the account name according to input and the combination pin, generation logging request are sent to the server Verified.
After configuration obtains combination pin, account name and the combination pin of configuration that client is inputted according to user, generation Logging request, is sent to server and is verified.
Further, its identity can also be configured in log on request by client, with account name, combination pin one Rise and be sent to server.
Certainly, when client can also ask its identity in server, then to server its identity is sent.
Wherein, the identity of client can uniquely characterize client identity, the ID of such as client, or visitor Subscriber Identity Module number, the client device number at family end etc..
Server obtains the identity of client after the logging request of client transmission is received, and logging request is taken The account name and combination pin of band;Then, according to default rule of combination, split combination pin and obtain login password and verification Code;Then, recorded according to the identity of client and the check code being pre-configured with, verify check code;According to account name and in advance The login password database first configured, verifies login password;If check code is then sentenced by checking, and login password by checking Settled preceding logging request passes through checking, it is allowed to the login of client.
Certainly, server can not also verify check code, only after fractionation combination pin obtains check code and login password Only verify login password.
Further, as a kind of embodiment, the check code is random number.
That is, server as check code, is handed down to client, client makes every time using the random number generated at random The random number configuration combination pin issued with server.The random number of server generation can be default length.
When using random number as check code, with reference to the multiple combinations mode of check code and login password so that obtain Combination pin is more difficult to be cracked, and further increases the security of client login.
In the present embodiment, when accessing login page, the check code that the reception server is returned is close to configure combination Code;Then, according to default rule of combination, the login password that user inputs is combined with check code and obtains combination pin, due to Login password and check code in combination pin have multiple combinations mode, and default rule of combination is attacker is difficult to obtain , even if therefore attacker has intercepted logging request, can not also crack combination pin, also just can not correctly be logged in close Code;Then, according to the account name and combination pin of input, generation logging request is sent to server and verified.The present embodiment Login mode in, when asking to log in, in the logging request that client is sent be not it is direct carry login password, but take Band be difficult to it is cracking, include check code and the combination pin of login password, check code and login password are using being difficult to guess solution Combination combination obtains combination pin, greatly strengthen the explosion difficulty of login password, can effectively prevent attacker's Brute Force.Thus, the present embodiment solves the low technical problem of existing login mode security, substantially increases login side The security of formula.
Further, reference picture 6, logging request method second embodiment of the present invention provides a kind of logging request method, base In the embodiment shown in above-mentioned Fig. 5, the login page includes identifying code picture, and the logging request method also includes:
The graphical verification code that step S240, reception are inputted based on the identifying code picture.
The step S230 includes:
Step S231, the account name according to input, the combination pin and the graphical verification code, generation logging request hair Give the server.
In order to further improve the security of login, server is when detecting client access login page, to client End returns to identifying code picture, carries out the checking of identifying code picture.Meanwhile, this identifying code picture is added to graphic verification by server In code record, for the verification for the graphical verification code subsequently submitted to client.
Client is shown in login page after image authentication code is received, for user's identification identifying code picture, input Corresponding graphical verification code.
After the graphical verification code of user's input is obtained, account name that client is logged according to current request, the group of configuration The graphical verification code generation logging request of password and user's input is closed, server is sent to.
Server is tested the login password and check code in combination pin after the logging request of client is received Card, while carrying out the checking of graphical verification code.
When carrying out the checking of graphical verification code, server lookup graphical verification code record, the figure that verification client is submitted Whether shape identifying code is correct, obtains check results.
When splitting the obtained check code of combination pin and login password all by checking, and the figure carried in logging request When shape identifying code is also by checking, server judges that current logging request passes through checking, it is allowed to which active client is with current account Log in.
In the present embodiment, login page includes identifying code picture, and client is received based on server authentication code picture The graphical verification code of input;Then, the figure of the account name, the combination pin that configuration is obtained and the user's input that are inputted according to user Identifying code, generation logging request is sent to server.The present embodiment with the addition of graphical verification code on the basis of combination pin, The resistance to malicious attack is further enhancing, the security of client login is improved.
Further, reference picture 7, logging request method 3rd embodiment of the present invention provides a kind of logging request method, base In the embodiment (the present embodiment is by taking Fig. 6 as an example) shown in above-mentioned Fig. 6 or Fig. 7, the logging request method also includes:
Step S250, using logging request described in default RSA public key encryptions, the logging request after encryption is sent to institute State server.
In order to further enhance the security of log-on message, client is before logging request is sent, using RSA public keys to stepping on Record request is encrypted, and the logging request after encryption is sent into server.
Wherein, RSA cryptographic algorithms are asymmetric arithmetic, and public key used in client encryption is disclosed, and server It is that secrecy is underground to decrypt the private key used, and the private key that the information after encryption is only capable of possessing by server could be decrypted.
Then server is after the logging request after receiving the encryption of client transmission, using the private key of secrecy to logging request It is decrypted, obtains the information of logging request carrying, include the identity mark of account name, combination pin, graphical verification code, client Know etc..
Further, as another embodiment, client can use RSA public keys only to be added to combination pin It is close.
Then server obtains the identity of client, and parse login when receiving the logging request of client transmission Request obtains the combination pin after account name and encryption.
Then, the combination pin after encryption is decrypted using private key, obtains combination pin.
In the present embodiment, using default RSA public key encryptions logging request, the logging request after encryption is sent to clothes Business device, carries out the checking of logging request.The present embodiment further increases client login by the way that logging request is encrypted Security so that the password in logging request is more difficult to by Brute Force, improves the security of login mode.
Reference picture 8, Security Login System first embodiment of the present invention provides a kind of Security Login System, the secure log System includes server 10 and client 20, wherein:
The client 20, for when accessing login page, receiving the check code that the server 10 is returned;According to pre- If rule of combination, the login password of input is combined with the check code and obtains combination pin;According to the account name of input and The combination pin, generation logging request is sent to the server 10 and verified;
The server 10, if for receiving the logging request that the client 20 is sent, obtaining the client 20 Identity, and the logging request carry account name and combination pin;According to default rule of combination, described group is split Close password and obtain login password and check code;Recorded according to the identity of the client 200 and the check code being pre-configured with, Verify the check code;According to the account name and the login password database being pre-configured with, the login password is verified;If institute Check code is stated by checking, and the login password is by checking, then judges that the logging request passes through checking, it is allowed to the visitor Family end 20 is logged in.
Of the invention to propose a kind of new login system, client 20 is logged in when logging in using check code is included with true The combination pin of password, even if logging request is intercepted by attacker, password cracking that also can not be in logging request is obtained just True login password;And the combination pin that server 10 can be parsed correctly in logging request obtains check code and real login Password, carries out double verification to login password and check code, has ensured security during Account Logon.
Specifically, as a kind of embodiment, client 20 is when accessing login page, and the generation of server 10 check code is simultaneously The check code of generation is returned into client 20.Opened it should be noted that client 20 accesses login page including client 20 Login page, and refresh login page.When client 20 accesses login page, server 10 all regenerates check code Return to client 20.Therefore, when client 20 refreshes login page every time, server 10 also can all regenerate check code return Client 20.
The check code that the reception server 10 of client 20 is sent, the login password configuration group inputted according to check code and user Close password
Specifically, default combination is made an appointment by server 10 and client 20, check code and login are close Code putting in order in combination pin.It should be noted that check code and login password putting in order in combination pin After being simple front and back position sequence or respectively splitting check code and login password, by what is obtained after fractionation Character or character group, which are reconfigured, obtains combination pin, it is of course also possible to be other permutation and combination methods, can be according to actual needs Flexible configuration.
Because the arrangement mode of check code and login password in combination pin is many so that combination pin cracks difficulty Degree is greatly increased.
It should be noted that the login password that user inputs in the present embodiment can also be preserved in the caching of client 20 Login password.
After configuration obtains combination pin, account name and the combination pin of configuration that client 20 is inputted according to user are raw Into logging request, it is sent to server 10 and is verified.
Further, its identity can also be configured in log on request by client 20, with account name, combination pin Send jointly to server 10.Certainly, client 20 can also be when server 10 asks its identity, then to server 10 Send its identity.
Wherein, the identity of client 20 can uniquely characterize the identity of client 20, such as ID of client 20, or Person is Subscriber Identity Module number, client device number of client 20 etc..
Server 10 obtains the identity of client 20, and log in after the logging request of the transmission of client 20 is received Ask the account name and combination pin carried.
Then, according to default rule of combination, split combination pin and obtain login password and check code;Then, test respectively Demonstrate,prove check code and login password.
Specifically, being recorded according to the identity of client 20 and the check code being pre-configured with, check code is verified;According to account Name in an account book and the login password database being pre-configured with, verify login password.
If check code is by checking, and login password is by checking, then judges that current logging request passes through checking, it is allowed to visitor The login at family end 20.
Certainly, server 10 can not also verify check code after fractionation combination pin obtains check code and login password, Only verify login password.
Further, as a kind of embodiment, the check code is random number.
That is, server 10, as check code, is handed down to client 20, client every time using the random number generated at random The random number that end 20 is issued using server 10 configures combination pin.The random number that server 10 is generated can be default length Degree.
When using random number as check code, with reference to the multiple combinations mode of check code and login password so that obtain Combination pin is more difficult to be cracked, and further increases the security of the login of client 20.
In the present embodiment, Security Login System includes client 20 and server 10, and client 20 is accessing log in page During face, the check code that the reception server 10 is returned, to configure combination pin;Then, according to default rule of combination, by user The login password of input is combined with check code obtains combination pin, because the login password and check code in combination pin have a variety of Combination, and default rule of combination is attacker is difficult to obtain, even if therefore attacker has intercepted logging request, also without Method cracks combination pin, also can not just obtain correct login password;Then, account name and combination of the client 20 according to input Password, generation logging request is sent to server 10 and verified.If receiving the logging request of the transmission of client 20, server 10 obtain the identity of this client 20, and the account name and combination pin that logging request is carried, to be asked to current log in Ask and verified;Then, according to default rule of combination, split combination pin and obtain login password and check code;Then, service Device 10 is recorded according to the identity of client 20 and the check code being pre-configured with, and verifies check code;According to account name and in advance The login password database of configuration, verifies login password;If check code is then serviced by checking, and login password by checking Device 10 judges that current logging request passes through checking, it is allowed to the login of client 20.In the login system of the present embodiment, stepped on During record checking, server 10 detects when client 20 accesses login page and sends check code to client 20, for client 20 configure combination pin according to check code.Thus, it is not direct carrying login password in the logging request that client 20 is sent, But carry be difficult to it is cracking, include check code and the combination pin of login password, check code and login password are using being difficult to Guess that the combination combination of solution obtains combination pin, greatly strengthen the explosion difficulty of login password, can effectively prevent from attacking The Brute Force for the person of hitting.Also, server 10 is by the twin check to check code and login password, it further enhancing single The security of password.Thus, the present embodiment solves the low technical problem of existing login mode security, substantially increases and steps on The security of record mode.
Further, reference picture 8, Security Login System second embodiment of the present invention provides a kind of Security Login System, base In the invention described above Security Login System first embodiment, the server 10 is additionally operable to,
When detecting the access of client 20 login page, identifying code picture is returned to the client 20;
The client 20, is additionally operable to receive the graphical verification code inputted based on the identifying code picture;According to input Account name, the combination pin and the graphical verification code, generation logging request are sent to the server 10;
The server 10, is additionally operable to, according to the graphical verification code record being pre-configured with, verify the graphical verification code;If The check code is then judged described by checking, and the login password by checking, and the graphical verification code by checking Logging request passes through checking, it is allowed to which the client 20 is logged in.
In order to further enhance the security of login system, server 10 is detecting the access login page of client 20 When, identifying code picture is returned to client 20, the checking of identifying code picture is carried out.Meanwhile, server 10 is by this identifying code picture It is added in graphical verification code record, for the verification for the graphical verification code subsequently submitted to client 20.
Client 20 is shown on login page after image authentication code is received, for user's identification identifying code picture, defeated Enter corresponding graphical verification code.
After the graphical verification code of user's input is obtained, account name that client 20 is logged according to current request, configuration Combination pin and the graphical verification code generation logging request of user's input, are sent to server 10.
Server 10 is carried out after the logging request of client 20 is received to the login password in combination pin and check code Checking, while carrying out the checking of graphical verification code.
When carrying out the checking of graphical verification code, the inquiry graphical verification code record of server 10, verification client 20 is submitted Graphical verification code it is whether correct, obtain check results.
When splitting the obtained check code of combination pin and login password all by checking, and the figure carried in logging request When shape identifying code is also by checking, server 10 judges that current logging request passes through checking, it is allowed to which active client 20 is with current Account Logon.
In the present embodiment, add graphical verification code, server 10 when detecting client 20 and accessing login page, Identifying code picture is returned to client 20, then is also carried in the logging request that client 20 is configured based on the input of identifying code picture Graphical verification code.Server 10 is when receiving the logging request of the transmission of client 20, according to the graphical verification code being pre-configured with Record, verifies graphical verification code;If check code is by checking, and login password is by checking, and graphical verification code is by checking, Then judge that the logging request of active client 20 passes through checking, it is allowed to which client 20 is logged in.Base of the present embodiment in combination pin On plinth, graphical verification code is with the addition of, the resistance to malicious attack is further enhancing, the safety of client login is improved Property.
The alternative embodiment of the present invention is these are only, is not intended to limit the scope of the invention, it is every to utilize this hair Equivalent structure or equivalent flow conversion that bright specification and accompanying drawing content are made, or directly or indirectly it is used in other related skills Art field, is included within the scope of the present invention.

Claims (10)

1. a kind of login validation method, it is characterised in that the login validation method comprises the following steps:
If receiving the logging request of client transmission, the identity of the client is obtained, and the logging request is carried Account name and combination pin;
According to default rule of combination, split the combination pin and obtain login password and check code;
Recorded according to the identity of the client and the check code being pre-configured with, verify the check code;
According to the account name and the login password database being pre-configured with, the login password is verified;
If the check code is by checking, and the login password is by checking, then judges that the logging request, by checking, permits Perhaps described client is logged in.
2. login validation method as claimed in claim 1, it is characterised in that also carried based on checking in the logging request The graphical verification code of code picture input, the login validation method also includes:
According to the graphical verification code record being pre-configured with, the graphical verification code is verified;
If the check code is by checking, and the login password then judges the logging request by testing by checking Card, it is allowed to which the step of client is logged in includes:
If the check code is then sentenced by checking, and the login password by checking, and the graphical verification code by checking The fixed logging request passes through checking, it is allowed to which the client is logged in.
3. login validation method as claimed in claim 1, it is characterised in that if the login for receiving client transmission please Ask, then obtain the identity of the client, and the logging request carry account name and combination pin the step of include:
If receiving the logging request after the RSA public key encryptions of client transmission, decrypting the login using default private key please Ask, obtain the identity of the client, and the account name and combination pin that the logging request is carried.
4. the login validation method as described in claim 1,2 or 3, it is characterised in that if described receive stepping on for client transmission Record request, then obtain the identity of the client, and the logging request carry account name and combination pin the step of Before, in addition to:
When detecting the client access login page, generation check code returns to the client, so that the client is matched somebody with somebody Put combination pin;
The identity of client described in corresponding record and the check code returned to the client, are saved in the check code note In record.
5. login validation method as claimed in claim 4, it is characterised in that the check code is random number.
6. a kind of logging request method, it is characterised in that the logging request method comprises the following steps:
When accessing login page, the check code that the reception server is returned;
According to default rule of combination, the login password of input is combined with the check code and obtains combination pin;
According to the account name of input and the combination pin, generation logging request is sent to the server and verified.
7. logging request method as claimed in claim 6, it is characterised in that the login page includes identifying code picture, The logging request method also includes:
Receive the graphical verification code inputted based on the identifying code picture;
The account name and the combination pin according to input, generation logging request is sent to what the server was verified Step includes:
According to the account name of input, the combination pin and the graphical verification code, generation logging request is sent to the service Device.
8. logging request method as claimed in claims 6 or 7, it is characterised in that the logging request method also includes:
Using logging request described in default RSA public key encryptions, the logging request after encryption is sent to the server.
9. a kind of Security Login System, it is characterised in that the Security Login System includes server and client side, wherein:
The client, for when accessing login page, receiving the check code that the server is returned;According to default combination Rule, the login password of input is combined with the check code and obtains combination pin;According to the account name of input and the combination Password, generation logging request is sent to the server and verified;
The server, if for receiving the logging request that the client is sent, obtaining the identity of the client, And the account name and combination pin that the logging request is carried;According to default rule of combination, split the combination pin and obtain Login password and check code;Recorded according to the identity of the client and the check code being pre-configured with, verify the verification Code;According to the account name and the login password database being pre-configured with, the login password is verified;If the check code passes through Checking, and the login password is by checking, then judges that the logging request passes through checking, it is allowed to which the client is logged in.
10. Security Login System as claimed in claim 9, it is characterised in that the server is additionally operable to,
When detecting the client access login page, identifying code picture is returned to the client;
The client, is additionally operable to receive the graphical verification code inputted based on the identifying code picture;According to the account name of input, The combination pin and the graphical verification code, generation logging request are sent to the server;
The server, is additionally operable to, according to the graphical verification code record being pre-configured with, verify the graphical verification code;If the school Code is tested by checking, and the login password is by checking, and the graphical verification code is by checking, then judges that the login please Ask by checking, it is allowed to which the client is logged in.
CN201611176436.1A 2016-12-15 2016-12-15 Login validation method, logging request method and Security Login System Active CN107317791B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201611176436.1A CN107317791B (en) 2016-12-15 2016-12-15 Login validation method, logging request method and Security Login System

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201611176436.1A CN107317791B (en) 2016-12-15 2016-12-15 Login validation method, logging request method and Security Login System

Publications (2)

Publication Number Publication Date
CN107317791A true CN107317791A (en) 2017-11-03
CN107317791B CN107317791B (en) 2018-07-31

Family

ID=60185232

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201611176436.1A Active CN107317791B (en) 2016-12-15 2016-12-15 Login validation method, logging request method and Security Login System

Country Status (1)

Country Link
CN (1) CN107317791B (en)

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107835075A (en) * 2017-12-06 2018-03-23 北京深思数盾科技股份有限公司 The processing method and processing device of local password
CN107995229A (en) * 2018-01-31 2018-05-04 苏州锦佰安信息技术有限公司 A kind of auth method and device
CN108075880A (en) * 2017-11-28 2018-05-25 珠海金山网络游戏科技有限公司 A kind of network game server logs in security system and method
CN108256344A (en) * 2018-01-22 2018-07-06 商客通尚景科技江苏有限公司 A kind of SaaS enterprise platforms Database Systems and attaching method thereof
CN108306881A (en) * 2018-01-31 2018-07-20 苏州锦佰安信息技术有限公司 A kind of auth method and device
CN108306883A (en) * 2018-01-31 2018-07-20 苏州锦佰安信息技术有限公司 A kind of auth method and device
CN108650243A (en) * 2018-04-24 2018-10-12 平安科技(深圳)有限公司 Connection establishment method, system, device and computer readable storage medium
CN108769083A (en) * 2018-08-01 2018-11-06 北京奇虎科技有限公司 Login method, apparatus and system based on distributed server
CN109547428A (en) * 2018-11-14 2019-03-29 深圳市云歌人工智能技术有限公司 It verifies password and accesses method, system and the storage medium of server
CN110147658A (en) * 2019-04-16 2019-08-20 平安科技(深圳)有限公司 User information encipher-decipher method, system and computer equipment
CN111787005A (en) * 2020-06-30 2020-10-16 中国工商银行股份有限公司 Dynamic encrypted secure login method and device
CN112699396A (en) * 2021-01-15 2021-04-23 深圳市网信数码科技有限公司 Information security method, device, system and storage medium of instant communication software
CN113901440A (en) * 2021-12-09 2022-01-07 北京网界科技有限公司 User login system and method, and user login setting system and method
CN114297623A (en) * 2021-12-07 2022-04-08 北京天融信网络安全技术有限公司 User permission setting method and system convenient for permission change
CN114422270A (en) * 2022-03-28 2022-04-29 成都运荔枝科技有限公司 Method and device for safe login authentication of Internet platform system

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101051904A (en) * 2007-05-17 2007-10-10 成都金山互动娱乐科技有限公司 Method for landing by account number cipher for protecting network application sequence
US20090031407A1 (en) * 2007-07-24 2009-01-29 Shaobo Kuang Method and system for security check or verification
CN102316112A (en) * 2011-09-16 2012-01-11 李建成 Password authentication method in network application and system
CN103067401A (en) * 2013-01-10 2013-04-24 天地融科技股份有限公司 Method and system for key protection
CN105337938A (en) * 2014-07-28 2016-02-17 阿里巴巴集团控股有限公司 Validity verification method and device

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101051904A (en) * 2007-05-17 2007-10-10 成都金山互动娱乐科技有限公司 Method for landing by account number cipher for protecting network application sequence
US20090031407A1 (en) * 2007-07-24 2009-01-29 Shaobo Kuang Method and system for security check or verification
CN102316112A (en) * 2011-09-16 2012-01-11 李建成 Password authentication method in network application and system
CN103067401A (en) * 2013-01-10 2013-04-24 天地融科技股份有限公司 Method and system for key protection
CN105337938A (en) * 2014-07-28 2016-02-17 阿里巴巴集团控股有限公司 Validity verification method and device

Cited By (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108075880A (en) * 2017-11-28 2018-05-25 珠海金山网络游戏科技有限公司 A kind of network game server logs in security system and method
CN107835075A (en) * 2017-12-06 2018-03-23 北京深思数盾科技股份有限公司 The processing method and processing device of local password
CN108256344B (en) * 2018-01-22 2019-10-22 商客通尚景科技江苏有限公司 A kind of SaaS enterprise platform Database Systems and attaching method thereof
CN108256344A (en) * 2018-01-22 2018-07-06 商客通尚景科技江苏有限公司 A kind of SaaS enterprise platforms Database Systems and attaching method thereof
CN108306883A (en) * 2018-01-31 2018-07-20 苏州锦佰安信息技术有限公司 A kind of auth method and device
CN107995229A (en) * 2018-01-31 2018-05-04 苏州锦佰安信息技术有限公司 A kind of auth method and device
CN108306881A (en) * 2018-01-31 2018-07-20 苏州锦佰安信息技术有限公司 A kind of auth method and device
CN108650243B (en) * 2018-04-24 2021-04-23 平安科技(深圳)有限公司 Connection establishment method, system, device and computer readable storage medium
WO2019205288A1 (en) * 2018-04-24 2019-10-31 平安科技(深圳)有限公司 Connection establishment method, system, and device, and computer readable storage medium
CN108650243A (en) * 2018-04-24 2018-10-12 平安科技(深圳)有限公司 Connection establishment method, system, device and computer readable storage medium
CN108769083A (en) * 2018-08-01 2018-11-06 北京奇虎科技有限公司 Login method, apparatus and system based on distributed server
CN109547428A (en) * 2018-11-14 2019-03-29 深圳市云歌人工智能技术有限公司 It verifies password and accesses method, system and the storage medium of server
CN110147658A (en) * 2019-04-16 2019-08-20 平安科技(深圳)有限公司 User information encipher-decipher method, system and computer equipment
CN111787005A (en) * 2020-06-30 2020-10-16 中国工商银行股份有限公司 Dynamic encrypted secure login method and device
CN112699396A (en) * 2021-01-15 2021-04-23 深圳市网信数码科技有限公司 Information security method, device, system and storage medium of instant communication software
CN112699396B (en) * 2021-01-15 2021-07-20 深圳市网信数码科技有限公司 Information security method, device, system and storage medium of instant communication software
CN114297623A (en) * 2021-12-07 2022-04-08 北京天融信网络安全技术有限公司 User permission setting method and system convenient for permission change
CN113901440A (en) * 2021-12-09 2022-01-07 北京网界科技有限公司 User login system and method, and user login setting system and method
CN114422270A (en) * 2022-03-28 2022-04-29 成都运荔枝科技有限公司 Method and device for safe login authentication of Internet platform system
CN114422270B (en) * 2022-03-28 2022-06-03 成都运荔枝科技有限公司 Method and device for safe login authentication of Internet platform system

Also Published As

Publication number Publication date
CN107317791B (en) 2018-07-31

Similar Documents

Publication Publication Date Title
CN107317791B (en) Login validation method, logging request method and Security Login System
US10027631B2 (en) Securing passwords against dictionary attacks
CN104580264B (en) Login method, entering device and login and Accreditation System
CN105024819B (en) A kind of multiple-factor authentication method and system based on mobile terminal
WO2017000829A1 (en) Method for checking security based on biological features, client and server
CN106612180A (en) Method and device for realizing session identifier synchronization
CN107864115A (en) A kind of method that user account login authentication is carried out using portable terminal
CN112000951B (en) Access method, device, system, electronic equipment and storage medium
CN106330838B (en) A kind of dynamic signature method and the client and server using this method
CN108684041A (en) The system and method for login authentication
CN109587162A (en) Login validation method, device, terminal, cipher server and storage medium
RU2670031C2 (en) System and method of identification and / or authentication
CN106878245A (en) The offer of graphic code information, acquisition methods, device and terminal
US10579809B2 (en) National identification number based authentication and content delivery
CN112632593B (en) Data storage method, data processing method, device and storage medium
CN107370765A (en) A kind of ftp server identity identifying method and system
CN109347887A (en) A kind of identity authentication method and device
CN105187382A (en) Multi-factor identity authentication method for preventing library collision attacks
CN113918967A (en) Data transmission method, system, computer equipment and medium based on security check
CN108667801A (en) A kind of Internet of Things access identity safety certifying method and system
CN110166471A (en) A kind of portal authentication method and device
CN109495458A (en) A kind of method, system and the associated component of data transmission
US20220070009A1 (en) Authentication system with reduced attack surface
CN110912857B (en) Method and storage medium for sharing login between mobile applications
CN114726606B (en) User authentication method, client, gateway and authentication server

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
REG Reference to a national code

Ref country code: HK

Ref legal event code: DE

Ref document number: 1238442

Country of ref document: HK

GR01 Patent grant
GR01 Patent grant