CN108616520A - A kind of auth method and device - Google Patents
A kind of auth method and device Download PDFInfo
- Publication number
- CN108616520A CN108616520A CN201810322613.5A CN201810322613A CN108616520A CN 108616520 A CN108616520 A CN 108616520A CN 201810322613 A CN201810322613 A CN 201810322613A CN 108616520 A CN108616520 A CN 108616520A
- Authority
- CN
- China
- Prior art keywords
- character string
- server
- character
- several
- transmitted
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
- H04L63/0838—Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer And Data Communications (AREA)
Abstract
A kind of auth method of present invention offer and device, server can generate the first random character string and several second character strings, and the first character string can be sent to client, and client can show first character string;First character string and several second character strings are sent to authority checking equipment, authority checking equipment can show the first character string and several second character strings, when the third character string that user is inputted in authority checking equipment is equal to the first character string, authentication success.It can be in the apparatus, it is only necessary to which user reads the first character string from client, and selects the first character string that can be changed at any time since the first character string is generated at random by server in authority checking equipment, to safe;And user is only needed to select the first character string in authority checking equipment, consequently facilitating user uses.
Description
Technical field
The present invention relates to identity validation technology field more particularly to a kind of auth methods and device.
Background technology
In practice, when user wants to log on to certain server, in order to improve safety, the usual server can lead to
Cross some approach(For example, passing through SMS or mailbox etc.)Disposal password is sent to user, to only be inputted in user
Username and password it is all correct, and when disposal password is identical as the disposal password transmitted by server before, Yong Hucai
The server can be successfully logged in, this technology is TOTP(Time-based One-Time Password are based on timestamp
The disposal password of algorithm).Here disposal password is usually all that user is manually entered, it is to be understood that this mode
It is comparatively laborious, it is not easy to the use of user.
Therefore, a kind of user-friendly auth method is designed, a kind of urgent problem to be solved is just become.
Invention content
The purpose of the present invention is to provide a kind of auth method and devices.
One of in order to achieve the above-mentioned object of the invention, an embodiment of the present invention provides a kind of authentication for server
Method includes the following steps:Transmitted by reception client includes the logging request of username and password;Determining the use
When name in an account book and password all pass through authentication, first character string and several second character strings are generated based on random algorithm, and
First character string is sent to the client, the first character string and several second character strings are sent to authority checking equipment,
Wherein, the first, second character string is made of English alphabet, and length is 2;Receive transmitted by the authority checking equipment
Three character strings, and when determining that third character string is equal to the first character string, pass through authentication.
As being further improved for an embodiment of the present invention, it is described based on random algorithm generate first character string and
Several second character strings, including:First character string and two the second character strings are generated based on random algorithm.
The embodiment of the present invention additionally provides a kind of authentication means for server, comprises the following modules:
Log-on message receiving module, for receive transmitted by client include username and password logging request;
Authentication module, for when determining that the username and password all passes through authentication, one to be generated based on random algorithm
First character string and several second character strings, and the first character string is sent to the client, by the first character string and several
Second character string is sent to authority checking equipment, wherein the first, second character string is made of English alphabet, and length is 2;
Processing module for receiving the third character string transmitted by the authority checking equipment, and is determining third character string etc.
When the first character string, pass through authentication.
The embodiment of the present invention additionally provides a kind of auth method for client, includes the following steps:To service
Device transmission includes the logging request of username and password;Receive the first character string transmitted by server;Show the first character
String.
As being further improved for an embodiment of the present invention, the first character string of the displaying, including:By showing screen display
Show the first character string.
The embodiment of the present invention additionally provides a kind of authentication means for client, comprises the following modules:Request hair
Module is sent, for including the logging request of username and password to server transmission;First information receiving module, for receiving
The first character string transmitted by server;First display module, for showing the first character string.
The embodiment of the present invention additionally provides a kind of auth method for authority checking equipment, includes the following steps:
Receive the first character string transmitted by server and several second character strings;Show the first character string and several second character strings,
And the third character string inputted from input equipment is sent to the server, the third character string is first character
Any in string and several second character strings.
As being further improved for an embodiment of the present invention, if first character string received transmitted by server and
Dry second character string, including:Receive the first character string and two the second character strings transmitted by server.
As being further improved for an embodiment of the present invention, the first character string of the displaying and several second character strings,
And the third character string inputted from input equipment is sent to the server, including:The first character is shown on the touchscreen
Third character string is sent to the server by string and several second character strings when third character string is touched.
The embodiment of the present invention additionally provides a kind of authentication means for authority checking equipment, comprises the following modules:
Second information receiving module, for receiving the first character string and several second character strings transmitted by server;Second displaying mould
Block for showing the first character string and several second character strings, and the third character string inputted from input equipment is sent to
The server.
Compared with the existing technology, the technical effects of the invention are that:An embodiment of the present invention provides a kind of authentication sides
Method and device, server can generate the first random character string and several second character strings, and can be sent to the first character string
Client, client can show first character string;First character string and several second character strings are sent to mandate and tested
Demonstrate,prove equipment, authority checking equipment can show the first character string and several second character strings, when user in authority checking equipment institute
When the third character string of input is equal to the first character string, authentication success.It can be in the apparatus, it is only necessary to which user is from visitor
The first character string is read at family end, and selects the first character string in authority checking equipment, since the first character string is by servicing
What device generated at random, it can change at any time, to safe;And user is only needed to select the first character in authority checking equipment
String, consequently facilitating user uses.
Description of the drawings
Fig. 1 is the Organization Chart of the embodiment of the present invention;
Fig. 2 is the flow diagram of the auth method for server in the embodiment of the present invention one;
Fig. 3 is the flow diagram of the auth method for client in the embodiment of the present invention two;
Fig. 4 is the interface for client in the embodiment of the present invention two;
Fig. 5 is the flow diagram of the auth method for authority checking equipment in the embodiment of the present invention three;
Fig. 6 is the first interface of the authority checking equipment in the embodiment of the present invention three;
Fig. 7 is the second contact surface of the authority checking equipment in the embodiment of the present invention three;
Fig. 8 is the third interface of the authority checking equipment in the embodiment of the present invention three.
Specific implementation mode
Hereinafter, the present invention will be described in detail with reference to various embodiments shown in the accompanying drawings.But these embodiments are not
The limitation present invention, structure that those skilled in the art are made according to these embodiments, method or change functionally
It changes and is included within the scope of protection of the present invention.
As shown in Figure 1, including server 1, client 2 and authority checking equipment 3 in the present invention;Wherein, server
1 can be the various servers for providing service on network, for example, Web server, mailbox server, ERP
(Enterprise Resourse Planning, Enterprise Resource Management)Server etc.;Client 2 can be PC(Personal
Computer, personal computer)Machine etc.;Authority checking equipment 3 can be intelligent mobile terminal(For example, smart mobile phone, tablet electricity
Brain)Deng.
Here it is possible to understand, when user wants the service provided using server 1, it is necessary to first in server 1
On registered, registration when, need user provide username and password, then the mark of authority checking equipment 3 is provided again
Know symbol, then server 1 can preserve the user name that is mutually related, password and authority checking equipment 3 identifier.For example, such as
Fruit authority checking equipment 3 is smart mobile phone, and identifier can be the phone number etc. of smart mobile phone.Authority checking equipment is being provided
When 3 identifier, a Quick Response Code can be shown, if scanning the Quick Response Code with smart mobile phone, which is
The authority checking equipment 3.
The embodiment of the present invention one provides a kind of auth method for server 1, here, the auth method
It is executed by server 1, as shown in Fig. 2, including the following steps:
Step 201:Transmitted by reception client 2 includes the logging request of username and password;When user uses client 2
It when carrying out login service device 1, needs to input username and password, later, client 2 can ask the login comprising username and password
Ask and be sent to server 1, then, server 1 can receive include username and password logging request.
Step 202:When determining that the username and password all passes through authentication, one the is generated based on random algorithm
One character string and several second character strings, and the first character string is sent to the client 2, by the first character string and several
Two character strings are sent to authority checking equipment 3, wherein the first, second character string is made of English alphabet, and length is 2;This
In, 1 meeting of server(For example, from the file system or cipher server of server 1)The corresponding verification password of the user name is stored,
When successfully obtaining the verification password, and when the verification password is with the password match, mean that the username and password passes through identity
Verification.Optionally, any two character string in first character string and several second character strings is all different.For example, the
One character string is " aY ", and several second character strings are " Gb " and " se ".Here, the random algorithm can be:Sherwood algorithm,
Las Vegas algorithm, numerical value probabilistic algorithm or Monte carlo algorithm etc..
Optionally, described that first character string is sent to the client 2, including:By the first character string and authority checking
The identifier of equipment 3 is sent to the client 2.
Step 203:The third character string transmitted by the authority checking equipment 3 is received, and is determining third character string etc.
When the first character string, pass through authentication.
Preferably, described that first character string and several second character strings are generated based on random algorithm, including:Based on
Machine algorithm generates first character string and two the second character strings.
The embodiment of the present invention additionally provides a kind of authentication means for server 1, comprises the following modules:Log in letter
Cease receiving module, for receive transmitted by client 2 include username and password logging request;Authentication module is used for
When determining that the username and password all passes through authentication, first character string and several the are generated based on random algorithm
Two character strings, and the first character string is sent to the client 2, the first character string and several second character strings are sent to and are awarded
Power verification equipment 3, wherein the first, second character string is made of English alphabet, and length is 2;Processing module, for receiving
Third character string transmitted by the authority checking equipment 3, and when determining that third character string is equal to the first character string, pass through body
Part verification.
Second embodiment of the present invention provides a kind of auth methods for client 2, here, the auth method
Have performed by client 2, as shown in figure 3, including the following steps:
Step 301:Include the logging request of username and password to the transmission of server 1;Here, when user uses client 2
When carrying out game server 1, need to open login page(For example, opening log-on webpage, or opens software and show login page), so
After input username and password, later click " logins " button, at this time client 2 will to server 1 transmission include user
The logging request of name and password.
Step 302:Receive the first character string transmitted by server 1;In embodiment one, server 1 can be by the first word
Symbol string is sent to client 2, to which client 2 will receive the first character string transmitted by server 1.
Step 303:Show the first character string.Here it is possible to the first character string be shown by various modes, for example, passing through
Display screen shows or by voice mode etc..
Optionally, client 2 can be received from server 1 by the identifier of the first character string and authority checking equipment 3, from
And the identifier and the first character string can be shown simultaneously, for example, in fig. 4 it is shown that identifier " Huawei MHA-AL00 ".
Preferably, the first character string of the displaying, including:The first character string is shown by display screen.Here, such as Fig. 4 institutes
Show, the first character string " aY " can be shown on the screen of client 2.
The embodiment of the present invention additionally provides a kind of authentication means for client 2, comprises the following modules:Request hair
Module is sent, for including the logging request of username and password to the transmission of server 1;First information receiving module, for connecing
Receive the first character string transmitted by server 1;First display module, for showing the first character string.
The embodiment of the present invention three provides a kind of auth method for authority checking equipment 3, and here, which tests
Card method can be executed by authority checking equipment 3, as shown in figure 5, including the following steps:
Step 501:Receive the first character string transmitted by server 1 and several second character strings;In embodiment one, server
First character string and the second character string can be sent to authority checking equipment 3 by 1, and then, authority checking equipment 3 will receive the
One character string and several second character strings.
Step 502:Show the first character string and several second character strings, and the third character that will be inputted from input equipment
String is sent to the server 1, and the third character string is any in first character string and several second character strings.This
In, authority checking equipment 3 can make in various manners to show the first character string and several second character strings, for example, showing
It is shown on screen, or passes through voice displaying etc..Here, user can click the first character string and several using mouse or touch screen
Any in second character string, the icon being clicked are third character string.
Preferably, first character string received transmitted by server 1 and several second character strings, including:Receive clothes
The first character string transmitted by business device 1 and two the second character strings.
Preferably, the first character string of the displaying and several second character strings, and the third that will be inputted from input equipment
Character string is sent to the server 1, including:The first character string and several second character strings are shown on the touchscreen, work as third
When character string is touched, third character string is sent to the server 1.Here, as shown in fig. 6, can first counsel user be
It is no to allow to log in, when the user clicks when " √ agreements ", into interface shown in Fig. 7, in the interface, it can show " aY ", " Gb "
" se ", at this point, user can read in interface shown in Fig. 4 " aY ", user clicks " aY " in the figure 7, in order to prompt user
" aY " is selected, thus it is possible to vary the color of the position " aY ", as shown in figure 8, at this point, authority checking equipment 3 can incite somebody to action
" aY " character string is sent to server 1.
The embodiment of the present invention has been also provided to a kind of authentication means for authority checking equipment 3, including with lower die
Block:Second information receiving module, for receiving the first character string and several second character strings transmitted by server 1;Second exhibition
Show module, is sent out for showing the first character string and several second character strings, and by the third character string inputted from input equipment
It is sent to the server 1.
An embodiment of the present invention provides a kind of auth method and device, server 1 can generate the first random character
String and several second character strings, and the first character string can be sent to client 2, client 2 can show first character string;It will
First character string and several second character strings are sent to authority checking equipment 3, and authority checking equipment 3 can show the first character
String and several second character strings, when the third character string that user is inputted in authority checking equipment 3 is equal to the first character string,
Authentication success.It can be in the apparatus, it is only necessary to which user reads the first character string from client 2, and is set in authority checking
The first character string of standby 3 selection can change at any time since the first character string is generated at random by server 1, to pacify
Quan Xinggao;And user is only needed to select the first character string in authority checking equipment 3, consequently facilitating user uses.
It should be appreciated that although this specification is described in terms of embodiments, but not each embodiment only includes one
A independent technical solution, this description of the specification is merely for the sake of clarity, and those skilled in the art should will say
As a whole, the technical solution in each embodiment may also be suitably combined to form those skilled in the art can for bright book
With the other embodiment of understanding.
The series of detailed descriptions listed above only for the present invention feasible embodiment specifically
Bright, they are all without departing from equivalent implementations made by technical spirit of the present invention not to limit the scope of the invention
Or change should all be included in the protection scope of the present invention.
Claims (10)
1. a kind of auth method for server, which is characterized in that include the following steps:
Transmitted by reception client includes the logging request of username and password;
When determining that the username and password all passes through authentication, if based on random algorithm generate first character string and
The second character string is done, and the first character string is sent to the client, sends the first character string and several second character strings
To authority checking equipment, wherein the first, second character string is made of English alphabet, and length is 2;
The third character string transmitted by the authority checking equipment is received, and is determining third character string equal to the first character string
When, pass through authentication.
2. auth method according to claim 1, which is characterized in that described to generate one first based on random algorithm
Character string and several second character strings, including:First character string and two the second character strings are generated based on random algorithm.
3. a kind of authentication means for server, which is characterized in that comprise the following modules:
Log-on message receiving module, for receive transmitted by client include username and password logging request;
Authentication module, for when determining that the username and password all passes through authentication, one to be generated based on random algorithm
First character string and several second character strings, and the first character string is sent to the client, by the first character string and several
Second character string is sent to authority checking equipment, wherein the first, second character string is made of English alphabet, and length is 2;
Processing module for receiving the third character string transmitted by the authority checking equipment, and is determining third character string etc.
When the first character string, pass through authentication.
4. a kind of auth method for client, which is characterized in that include the following steps:
Include the logging request of username and password to server transmission;
Receive the first character string transmitted by server;
Show the first character string.
5. auth method according to claim 4, which is characterized in that the first character string of the displaying, including:
The first character string is shown by display screen.
6. a kind of authentication means for client, which is characterized in that comprise the following modules:
Request sending module, for including the logging request of username and password to server transmission;
First information receiving module, for receiving the first character string transmitted by server;
First display module, for showing the first character string.
7. a kind of auth method for authority checking equipment, which is characterized in that include the following steps:
Receive the first character string transmitted by server and several second character strings;
It shows the first character string and several second character strings, and the third character string inputted from input equipment is sent to described
Server, the third character string are any in first character string and several second character strings.
8. auth method according to claim 7, which is characterized in that first word received transmitted by server
Symbol string and several second character strings, including:
Receive the first character string and two the second character strings transmitted by server.
9. auth method according to claim 7, which is characterized in that displaying first character string and several second
Character string, and the third character string inputted from input equipment is sent to the server, including:
The first character string and several second character strings are shown on the touchscreen, when third character string is touched, by third character
String is sent to the server.
10. a kind of authentication means for authority checking equipment, which is characterized in that comprise the following modules:
Second information receiving module, for receiving the first character string and several second character strings transmitted by server;
Second display module, for showing the first character string and several second character strings, and the will inputted from input equipment
Three character strings are sent to the server.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810322613.5A CN108616520A (en) | 2018-04-11 | 2018-04-11 | A kind of auth method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810322613.5A CN108616520A (en) | 2018-04-11 | 2018-04-11 | A kind of auth method and device |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108616520A true CN108616520A (en) | 2018-10-02 |
Family
ID=63659851
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810322613.5A Pending CN108616520A (en) | 2018-04-11 | 2018-04-11 | A kind of auth method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108616520A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109547197A (en) * | 2018-11-16 | 2019-03-29 | 重庆邮电大学 | A kind of OPC UA code key exchange method based on Las Vegas ELGamal encryption |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103188263A (en) * | 2013-03-22 | 2013-07-03 | 百度在线网络技术(北京)有限公司 | Verification method, system and device |
CN104917724A (en) * | 2014-03-11 | 2015-09-16 | 腾讯科技(深圳)有限公司 | Identity verification method and apparatus |
CN105100005A (en) * | 2014-05-07 | 2015-11-25 | 腾讯科技(深圳)有限公司 | Identity verification method and device |
CN105491010A (en) * | 2015-11-19 | 2016-04-13 | 上海携程商务有限公司 | Cross validation method and system for verification codes |
CN105718783A (en) * | 2014-12-03 | 2016-06-29 | 阿里巴巴集团控股有限公司 | Verification code interaction method, device, client and server |
CN106612277A (en) * | 2016-12-09 | 2017-05-03 | 武汉斗鱼网络科技有限公司 | Method and system for realizing CAPTCHA verification using cipher disk |
-
2018
- 2018-04-11 CN CN201810322613.5A patent/CN108616520A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103188263A (en) * | 2013-03-22 | 2013-07-03 | 百度在线网络技术(北京)有限公司 | Verification method, system and device |
CN104917724A (en) * | 2014-03-11 | 2015-09-16 | 腾讯科技(深圳)有限公司 | Identity verification method and apparatus |
CN105100005A (en) * | 2014-05-07 | 2015-11-25 | 腾讯科技(深圳)有限公司 | Identity verification method and device |
CN105718783A (en) * | 2014-12-03 | 2016-06-29 | 阿里巴巴集团控股有限公司 | Verification code interaction method, device, client and server |
CN105491010A (en) * | 2015-11-19 | 2016-04-13 | 上海携程商务有限公司 | Cross validation method and system for verification codes |
CN106612277A (en) * | 2016-12-09 | 2017-05-03 | 武汉斗鱼网络科技有限公司 | Method and system for realizing CAPTCHA verification using cipher disk |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109547197A (en) * | 2018-11-16 | 2019-03-29 | 重庆邮电大学 | A kind of OPC UA code key exchange method based on Las Vegas ELGamal encryption |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP2684330B1 (en) | Method and system for granting access to a secured website | |
US10362026B2 (en) | Providing multi-factor authentication credentials via device notifications | |
CN104113549B (en) | A kind of platform authorization method, platform service end and applications client and system | |
CN104468531B (en) | The authorization method of sensitive data, device and system | |
US20170295159A1 (en) | Authenticating Clients Using Tokens | |
US20170032111A1 (en) | Approaches for providing multi-factor authentication credentials | |
CN102594817A (en) | Password agent method, user terminal equipment and password agent server | |
CN103607284A (en) | Identity authentication method and equipment and server | |
CN104158802A (en) | Platform authorization method, platform service side, application client side and system | |
US10841297B2 (en) | Providing multi-factor authentication credentials via device notifications | |
US10601809B2 (en) | System and method for providing a certificate by way of a browser extension | |
CN107040518A (en) | A kind of private clound server log method and system | |
CN106888086B (en) | System and method for managing account password | |
CN104348617A (en) | Verification code processing method and device, and terminal and server | |
WO2020073078A1 (en) | Secure service interaction | |
JP5325919B2 (en) | Authentication apparatus and method | |
CN102946396A (en) | User agent device, host web server and user authentication method | |
KR20140081041A (en) | Authentication Method and System for Service Connection of Internet Site using Phone Number | |
CN109495458A (en) | A kind of method, system and the associated component of data transmission | |
CN108616520A (en) | A kind of auth method and device | |
CN108494794A (en) | A kind of auth method and device | |
EP3329650B1 (en) | Providing multi-factor authentication credentials via device notifications | |
CN102946397A (en) | User authentication method and user authentication system | |
JP2008171087A (en) | Authentication system, and authentication program | |
CN104301285A (en) | Method for logging in web system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20181002 |
|
RJ01 | Rejection of invention patent application after publication |