CN108696499A - Method, apparatus and computer storage media for administrator password - Google Patents
Method, apparatus and computer storage media for administrator password Download PDFInfo
- Publication number
- CN108696499A CN108696499A CN201810239743.2A CN201810239743A CN108696499A CN 108696499 A CN108696499 A CN 108696499A CN 201810239743 A CN201810239743 A CN 201810239743A CN 108696499 A CN108696499 A CN 108696499A
- Authority
- CN
- China
- Prior art keywords
- password
- log
- character
- converter logic
- digit
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0863—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/56—Financial cryptography, e.g. electronic payment or e-cash
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The present invention relates to cryptographic techniques, more particularly to are used for the method for administrator password, implement the device of this method and include the computer readable storage medium for the computer program for implementing this method.It is comprised the steps of according to the method for administrator password of one aspect of the invention:It is arranged and stores the converter logic to log-in password, wherein the converter logic defines the mapping relations between the character of log-in password and the respective symbols after execution converter logic;The variation of log-in password is provided to remote server;Login password is received from input equipment;Based on the converter logic, map function is executed to login password;And the variation of login password is provided for being verified to user identity to remote server.
Description
Technical field
The present invention relates to cryptographic techniques, more particularly to are used for the method for administrator password, implement the device and packet of this method
Computer readable storage medium containing the computer program for implementing this method.
Background technology
Under information age, the scene that people work and live daily needs to frequently enter password progress authentication with complete
At system login, authorization and confirm the tasks such as payment.In face of multiple in application, require to remember various passwords will be to user
It causes greatly to bear.In addition, the considerations of for safety etc., different applications often has respectively specific password rule
Then (such as the capital and small letter of the digit of password, the value of code characters and letter distinguish etc.), the diversity of this password rule into
One step has aggravated the burden of user.
Industry develops more money Password Management softwares, such as KeePass and 1Password thus.These Password Managements are soft
The operation principle of part is to encrypt the password storage of user in file at one, which can only be visited by a main password
It asks, therefore user only needs to remember a main password.These Password Management softwares are disadvantageous in that, are added to improve
The encryption intensity of ciphertext part, the requirement to the length and complexity of main password is all very high, this causes the inconvenience that user uses.This
Outside, no matter which kind of Encryption Algorithm is used, encrypts on document or exist the risk hidden danger being broken.
Therefore there is an urgent need to a kind of method and apparatus of administrator password can simultaneously safety and the aspect of convenience two all
Satisfactory performance is provided.
Invention content
It is an object of the present invention to provide a kind of method and apparatus for administrator password, with safe and make
With it is convenient the advantages that.
It is comprised the steps of according to the method for administrator password of one aspect of the invention:
Be arranged and store the converter logic to log-in password, wherein the converter logic define the character of log-in password with
Execute the mapping relations between the respective symbols after converter logic;
The variation of log-in password is provided to remote server;
Login password is received from input equipment;
Based on the converter logic, map function is executed to login password;And
The variation of login password is provided to remote server for being verified to user identity.
Preferably, in the above-mentioned methods, the converter logic includes:
If the digit of log-in password is less than the digit rule of remote server setting, cover behaviour is executed to log-in password
Make so that the digit of the password after transformation meets digit rule;
If the digit of log-in password is more than the digit rule of remote server setting, position behaviour is deleted to log-in password execution
Make so that the digit of the password after transformation meets digit rule;And
If log-in password has the character for the value rule for not meeting remote server setting, to not meeting value rule
Character then executes replacement operation.
Preferably, in the above-mentioned methods, further comprise the following steps:
Delete login password and its variation.
Preferably, in the above-mentioned methods, the converter logic includes:
Replacement operation is executed for the character of one or more specific bits of log-in password.
Preferably, in the above-mentioned methods, the replacement operation includes at least one of following:Any character is converted to
Any character is converted to random capitalization, any character is converted to random lowercase and will be any by random digit
Character is converted to random mark.
Preferably, in the above-mentioned methods, the character of log-in password and execute converter logic after respective symbols between reflect
Relationship is penetrated to be stored in mapping table with random sequence.Preferably, the mapping table also include obscure character with it is corresponding
Transformation character between additional mappings relationship, which, which is mixed with random sequence with the mapping relations, is stored in
It is described to obscure character and log-in password non-correlation in the mapping table.
Preferably, in the above-mentioned methods, log-in password is classified as one in multiple cipher code sets, the multiple cipher code set
With different safe class and password rule.
Including according to the device for administrator password of another aspect of the invention:
First module, for the converter logic to log-in password to be arranged, wherein the converter logic defines log-in password
The mapping relations between respective symbols after character and execution converter logic;
Second module, the variation for providing log-in password to remote server;
Third module, for receiving login password from input equipment;
4th module executes map function for being based on the converter logic to login password;And
5th module, for providing the variation of login password to remote server for testing user identity
Card.
Including memory, processor according to the device for administrator password of another aspect of the invention and is being stored in
On the memory and the computer program that can run on the processor is to execute method as described above.
It is also an object of the present invention to provide a kind of computer readable storage mediums, store computer program thereon,
The program realizes method as described above when being executed by processor.
Compared with prior art, the present invention has many advantages, such as.For example, due to storage be converter logic and it is non-registered close
Code book body, therefore the risk illegally stolen without password.Furthermore in some converter logics, code characters in a random basis by
It being mapped as other character, therefore for different applications, identical password has different transformation passwords after logical conversion,
To will not be impacted to safety while facilitating usersmanaging passwords again.In addition, when the mapping of each code characters
When relationship is stored with random sequence, even if knowing mapping relations, transformation password still can not be copied.Finally, by that will obscure
It, can be into one when additional mappings relationship between character and corresponding transformation character mixes storage with random sequence with mapping relations
Step improves safety.
Description of the drawings
The above-mentioned and/or other aspects and advantage of the present invention will be become by the description of the various aspects below in conjunction with attached drawing
It is more clear and is easier to understand, same or analogous unit, which is adopted, in attached drawing is indicated by the same numeral.Attached drawing includes:
Fig. 1 is a kind of configuration diagram of distributed system.
Fig. 2 is the flow chart according to the method for administrator password of one embodiment of the invention.
Fig. 3 is the flow chart according to the method for administrator password of another embodiment of the present invention.
Fig. 4 is the block diagram according to the device for administrator password of another embodiment of the present invention.
Fig. 5 is the block diagram according to the device for administrator password of another embodiment of the present invention.
Specific implementation mode
Referring to which illustrates the attached drawings of illustrative examples of the present invention to more fully illustrate the present invention.But this hair
It is bright to be realized by different form, and be not construed as being only limitted to each embodiment given herein.The above-mentioned each implementation provided
Example is intended to make the disclosure of this paper comprehensively complete, and protection scope of the present invention is more fully communicated to people in the art
Member.
In the present specification, the term expression of such as "comprising" and " comprising " etc is wanted in addition to having in specification and right
Asking has in book directly and other than the unit clearly stated and step, technical scheme of the present invention be also not excluded for having not by directly or
The situation of the other units and step clearly stated.
Fig. 1 is a kind of configuration diagram of distributed system.Illustratively, distributed system 10 shown in FIG. 1 includes visitor
Family end 110 and remote server or website 120.In the distributed system shown in, client 110 can be with remote server
120 realize directly communication connection, or realize and communicate to connect through network 20.
According to one aspect of the present invention, for the log-in password of user, it is right that the device for administrator password passes through
The log-in password, which executes converter logic, can obtain corresponding transformation password (the also referred to as variation of log-in password), the transformation
Password is stored at remote server with the authentication for user.In particular, being deposited in the device for administrator password
Storage is converter logic rather than log-in password itself or transformation password, when user is through client or for the device of administrator password
Input equipment input login password when, the device for administrator password generates the change of login password by executing converter logic
Change form, the login password of the variation be sent to remote server and will not be permanently stored in client or
For (such as being deleted after sending) in the device of administrator password.
Converter logic described here is broadly understood as log-in password to be converted to the various algorithms of other passwords, can
Define the mapping relations between the character of log-in password and the respective symbols after execution converter logic.Preferably, converter logic can
To include following map function:Padding operation is executed to log-in password so that the digit of the password after transformation increases;It is close to registering
Code, which executes, deletes bit manipulation so that the digit of the password after transformation is reduced;And replacement operation is executed to the character in log-in password.
Preferably, above-mentioned replacement operation includes at least one of following:Any character is converted into random digit, will be appointed
One character is converted to random capitalization, any character is converted to random lowercase and is converted to any character at random
Symbol.
Device for administrator password described here can be independently of client and remote server and can be with
The physical equipment of client and remote server communication can also be used as component units and be integrated in client (such as client
Hold the form of application program).Client described here can be one kind in following equipment:Smart mobile phone, PC, pen
Remember this computer, tablet computer and personal digital assistant.
Other side according to the invention, reflecting between the character of log-in password and the character after execution converter logic
It penetrates relationship to store in the form of mapping table, wherein the mapping relations of each character of log-in password are stored with random sequence
In mapping table.Preferably, mapping table also includes the additional mappings obscured between character and corresponding transformation character
Relationship, which, which is mixed with random sequence with the mapping relations of the character of log-in password, is stored in mapping table
In, described here obscures character and log-in password non-correlation.
According to the invention there are one aspects, can be based on safe class and password rule predefines multiple cipher code sets,
And one be referred to each log-in password in this multiple cipher code set.
Fig. 2 is the flow chart according to the method for administrator password of one embodiment of the invention.Illustratively, here with
The method that the present embodiment is described for distributed system shown in FIG. 1, and assume application scenarios be user through client 110
The process of the registration of business A is carried out to remote server or website 120.It should be noted however that the method for the present embodiment is not
It is confined to the distributed system of certain architectures.
Referring to Fig. 2, in step 201, the device for administrator password obtains the address of website 120 and about registered business
The password rule of A.In the present embodiment, password rule for example include but not limited to the digit of password, the value of code characters and
Capital and small letter differentiation of letter etc..In addition, the device for administrator password can also further obtain the current time of the offer of website 120
With the information such as the unique ID of user.Preferably, the device for being used for administrator password includes scanning device to pass through scans web sites interface
Shown Quick Response Code obtains above- mentioned information.
Step 203 is subsequently entered, (such as financial payment, electric business are purchased according to the type of business A for the device of administrator password
One of object and common browsing etc.) log-in password of business A is referred in multiple cipher code sets.Specifically, if industry
Be engaged in A be to the higher financial payment business of security requirement, then can be with automatic clustering to high safety cipher code set, if business A is
It, then can be with automatic clustering to middle security password group, if business A is to safety to the general electric business shopping service of security requirement
Property require lower website browsing business, then can be with automatic clustering to lower security cipher code set.Optionally, in this step, also may be used
Voluntarily to select corresponding cipher code set as the log-in password of business A by user.
Step 205 is subsequently entered, the device for administrator password is from the defeated of its included input equipment or client 110
Enter log-in password of the equipment reception about business A.Illustratively, it is assumed that log-in password is " 1Ab_p ".
Step 207 is subsequently entered, the device for administrator password determines that log-in password is according to the password rule of business A
Whether " 1Ab_p " meets length specification.If do not met, 209 are entered step, if met, enters step 211.
In branching step 209, it is assumed for example that the Password Length of length code requirement is 6, then is used for the dress of administrator password
Padding operation will be carried out to log-in password " 1Ab_p " by setting, that is, in some positions (such as stem, tail portion or the centre of log-in password
Some position) place character and (such as met by adding fixed character (such as " O ") in the tail portion of log-in password
The parking identification number register password of length specification is " 1AB_pO ").Also, if the Password Length of length code requirement is 4, use
Log-in password " 1AB_p " will be carried out to delete bit manipulation in the device of administrator password, that is, in one of log-in password character
(such as character of some position of stem, tail portion or centre).Step 209, which executes, to be completed to enter step 211 later.
In step 211, the device for administrator password determines that log-in password is " 1AB_pO " according to the password rule of business A
Whether value specification is met.If do not met, 213 are entered step, if met, enters step 215.Described here takes
The example of value specification includes but not limited to:The first character of log-in password is necessarily letter, in log-in password there is not allowed that " _ ",
A capitalization and a lowercase etc. and registration must be included at least in the character of " * " and " " etc, log-in password
There is not allowed that consecutive identical character string etc. in password.
In branching step 213, the device for administrator password by step 209 to handling or without step 209 place
The character for not meeting value specification in the log-in password of reason is replaced operation.
Preferably, replacement operation includes at least one of following:Any character is converted into random digit, by any word
Symbol is converted to random capitalization, any character is converted to random lowercase and any character is converted to random symbol
Number.Corresponding transfer function FS (x), FD (x), FX (x), FF (x) can be write with above-mentioned various types of replacement operations thus,
In, function FS (x) is used to any character x being converted to random digit, and any character x is converted to random capitalization by FD (x),
Any character is converted to random lowercase by FX (x), and any character is converted into random mark by FF (x).
By taking log-in password " 1AB_pO " as an example and assume example using above-mentioned value specification, then can implement following
Replacement operation:First character " 1 " is replaced by letter due to being needed for non-alphabetic characters, using function FX (x) into
Row conversion;4th character " _ " needs to be replaced because non-value range is belonged to, therefore is turned using function FS (x)
It changes.It might as well assume that the log-in password after replacement operation is " sAB9pO ".Log-in password " 1AB_p " input by user is passed through as a result,
It is transformed to " sAB9pO " after processing based on converter logic, wherein the character of log-in password and the phase after execution converter logic
Answering has following mapping relations between character:" 1 "-" s ", " A "-" A ", " B "-" B ", " _ "-" 9 " and " p "-" p ".By
In the character that " O " is padding operation addition, therefore without corresponding character in log-in password input by user.
In another branching step 215, the device for administrator password by step 209 to handling or without step
Character is replaced operation some or all of in the log-in password of 209 processing.
Still it is assumed that it meets value specification by taking log-in password " 1AB_pO " as an example, then can apply in step 215
The following replacement operation of row:Character " 1 " is converted using function FS (x);It can profit for character " A ", " B " and " O "
It is converted, character " _ " is converted using FF (x), for character " p ", using function FX with function FD (x)
(x) it is converted.It might as well assume that the log-in password after replacement operation is " 7ZK^qO ".Log-in password input by user as a result,
" 1AB_p " is by being transformed to " 7ZK^qO " after the processing based on converter logic, wherein the character of log-in password and executes transformation
There are following mapping relations between respective symbols after logic:" 1 "-" 7 ", " A "-" Z ", " B "-" K ", " _ "-" ^ " and
"p"—"q".Similarly, due to the character that " O " is padding operation addition, without correspondence in log-in password input by user
Character.
217 are entered step after executing step 213 and 215, the device for administrator password enters step 217, sentences
It is disconnected whether to need to obscure position by increase to improve the safety of log-in password.If you do not need to improving safety, then enter step
Rapid 219, otherwise, then enter step 221.In step 217, above-mentioned judgement can be based on the type of registration business A, can also base
In the selection of user.
In branching step 219, the device storage log-in password for administrator password is transformed to " sAB9pO " by " 1AB_p "
Converter logic or log-in password " 1AB_p " be transformed to the converter logic of " 7ZK^qO ".In the present embodiment, converter logic also may be used
To be considered as a series of set of map function steps with chronological order.Preferably, the character of log-in password with hold
The mapping relations between respective symbols after row converter logic are stored in random sequence in mapping table.
Illustratively, can according to the following character input sequence different from log-in password sequential storage " 1AB_p " with
Mapping relations between " 7ZK^qO ":" A "-" Z ", " B "-" K ", " p "-" q ", " _ "-" ^ " and " 1 "-" 7 ".
In another branching step 221, the device storage log-in password for administrator password is transformed to by " 1AB_p "
The converter logic or log-in password " 1AB_p " of " sAB9pO " are transformed to the converter logic of " 7ZK^qO ".In particular, in addition to storage is noted
The character of volume password and execute other than mapping relations between the respective symbols after converter logic, also storage obscure character with it is corresponding
Transformation character between additional mappings relationship.Preferably, which, which is mixed with random sequence with mapping relations, deposits
Storage is in mapping table.Illustratively, it is assumed that increase by 2 and obscure position, additional mappings relationship is as follows:" G "-" T ", "+"-
"!", then for " 1AB_p " and " 7ZK^qO ", the storage of mapping relations and additional mappings relationship for example can be:" A "-" Z ",
" G "-" T ", " B "-" K ", "+"-"!", " p "-" q ", " _ "-" ^ " and " 1 "-" 7 ".
223 are entered step after executing step 219 and 221, the device for administrator password will pass through logical conversion
Log-in password (such as the transformation password " sAB9pO " generated in step 213 or 215 or " 7ZK^qO ") afterwards is together with user's registration
User name be sent to remote server 120 and then delete for administrator password device in login password and its transformation shape
Formula.Optionally, the information such as current time and the unique ID of user are also may include in the message for being sent to website 120.
It should be pointed out that in the present embodiment, step 215 is optional step.When determining registration is close in step 211
After code symbol conjunction value specification, shown method flow can directly go to step 223, and log-in password is sent to website 120.In addition, step
Rapid 217 and 221 be also optional step, at this point, can be directly entered step 219 after executing step 213 or 215.
Fig. 3 is the flow chart according to the method for administrator password of another embodiment of the present invention.Illustratively, here
The method that the present embodiment is described by taking distributed system shown in FIG. 1 as an example, and assume application scenarios be user through client
110 access remote server or the process of the business A on website 120.It should be noted however that the method for the present embodiment not office
It is limited to the distributed system of certain architectures.
The address of website 120 is obtained for the device of administrator password in step 301 referring to Fig. 3.In the present embodiment, excellent
Selection of land, the device for administrator password include that scanning device is above-mentioned to be obtained by Quick Response Code shown on scans web sites interface
Information.
Step 303 is subsequently entered, the device for administrator password determines industry according to the type of station address and/or business A
The cipher code set being engaged in belonging to A, so that it is determined that the storage location of the converter logic of log-in password about business A.
Step 305 is subsequently entered, the device for administrator password is from the defeated of its included input equipment or client 110
Enter login password of the equipment reception about business A.Illustratively, here it is still assumed that login password is " 1Ab_p ".
Step 307 is subsequently entered, the device for administrator password is according to the converter logic of the log-in password of business A to logging in
Password " 1Ab_p " is converted.Specifically, it is assumed that log-in password " 1Ab_p " experienced step 209 and 213 conversion process,
Then map function may include the following steps:
It is primarily based on length specification, login password " 1Ab_p " is transformed to " 1Ab_pO ";Then based in mapping table
The mapping relations of storage, by the character " 1 ", " A ", " b ", " _ " and " p " in " 1Ab_pO " be mapped as " s ", " A ", " B ", " 9 " and
" p " thus obtains the variation " sAB9pO " of login password.
Step 309 is subsequently entered, the device for administrator password is by the variation of login password (such as in step 307
The transformation password " sAB9pO " of generation) together with user name remote server 120 is sent to so that remote server is to user identity
It is verified.Optionally, the information such as current time and the unique ID of user are also may include in the message for being sent to website 120.
Fig. 4 is the block diagram according to the device for administrator password of another embodiment of the present invention.
As shown in figure 4, the device 40 for administrator password of the present embodiment include the first module 410, the second module 420,
Third module 430, the 4th module 440 and the 5th module 450.First module 410 is used to that the converter logic to log-in password to be arranged,
Wherein, the converter logic defines the mapping relations between the character of log-in password and the respective symbols after execution converter logic;
Second module is used to provide the variation of log-in password to remote server;Third module 430 is used to receive from input equipment
Login password;4th module 440 is used to be based on the converter logic, and map function is executed to login password;And the 4th module
450 are used to provide the variation of login password to remote server for verifying user identity.
Fig. 5 is the block diagram according to the device for administrator password of another embodiment of the present invention.
Device 50 shown in fig. 5 includes memory 510, processor 520 and is stored on memory 510 and can handle
The computer program 530 run on device 520, wherein computer program 530 on processor 520 by running can perform such as
On by embodiment described in Fig. 1-3 method.
In the present embodiment, device 50 shown in fig. 5 can be the physical equipment being physically independent from or be integrated
In client (such as form of client application).In the presence of as independent community's equipment, device 50 can be further
Including operation keyboard, display screen, scanning device and the I/O communication components for being communicated with client 110 and remote server.
Preferably, memory 510, processor 520 are safety chip to provide believable performing environment to computer program 530.
According to one aspect of the present invention, a kind of computer readable storage medium is provided, stores computer program thereon, it should
The method by embodiment described in Fig. 1-3 is realized when program is executed by processor.
Embodiments and examples set forth herein is provided, to be best described by the reality according to this technology and its specific application
Example is applied, and thus enables those skilled in the art to implement and using the present invention.But those skilled in the art will
Know, above description and example are provided only for the purposes of illustrating and illustrating.The description proposed is not intended to cover the present invention
Various aspects or limit the invention to disclosed precise forms.
In view of the above, the scope of the present disclosure is determined by following claims.
Claims (14)
1. a kind of method for administrator password, which is characterized in that the method comprises the steps of:
It is arranged and stores the converter logic to log-in password, wherein the converter logic defines character and the execution of log-in password
The mapping relations between respective symbols after converter logic;
The variation of log-in password is provided to remote server;
Login password is received from input equipment;
Based on the converter logic, map function is executed to login password;And
The variation of login password is provided to remote server for being verified to user identity.
2. the method for claim 1, wherein further comprising the following steps:
Delete login password and its variation.
3. the method for claim 1, wherein the converter logic includes:
If the digit of log-in password be less than remote server setting digit rule, to log-in password execute padding operation with
The digit of the password after transformation is set to meet digit rule;
If the digit of log-in password be more than remote server setting digit rule, to log-in password execution delete bit manipulation with
The digit of the password after transformation is set to meet digit rule;And
If log-in password has the character for the value rule for not meeting remote server setting, to not meeting value rule
Character executes replacement operation.
4. the method for claim 1, wherein the converter logic includes:
Replacement operation is executed for the character of one or more specific bits of log-in password.
5. method as described in claim 3 or 4, wherein the replacement operation includes at least one of following:By any word
Symbol be converted to random digit, any character be converted to random capitalization, any character is converted to random lowercase with
And any character is converted into random mark.
6. the method for claim 1, wherein the character of log-in password and execute converter logic after respective symbols between
Mapping relations be stored in mapping table with random sequence.
7. method as claimed in claim 6, wherein the mapping table also includes to obscure character and corresponding transformation character
Between additional mappings relationship, which, which is mixed with random sequence with the mapping relations, is stored in the mapping and closes
It is in table, it is described to obscure character and log-in password non-correlation.
8. the method for claim 1, wherein log-in password is classified as one in multiple cipher code sets, the multiple
Cipher code set has different safe class and password rule.
9. a kind of device for administrator password, which is characterized in that include:
First module, for the converter logic to log-in password to be arranged, wherein the converter logic defines the character of log-in password
With the mapping relations between the respective symbols after execution converter logic;
Second module, the variation for providing log-in password to remote server;
Third module, for receiving login password from input equipment;
4th module executes map function for being based on the converter logic to login password;And
5th module, for providing the variation of login password to remote server for being verified to user identity.
10. device as claimed in claim 9, wherein described device is integrated in the client.
11. a kind of device for administrator password, described device includes memory, processor and is stored on the memory
And the computer program that can be run on the processor, which is characterized in that execute as described in any one of claim 1-8
Method.
12. device as claimed in claim 11, wherein described device is integrated in client, and the client is following
One kind in equipment:Smart mobile phone, PC, laptop, tablet computer and personal digital assistant.
13. device as claimed in claim 12, wherein the computer program executes under trusted context.
14. a kind of computer readable storage medium, stores computer program thereon, which is characterized in that the program is held by processor
The method as described in any one of claim 1-8 is realized when row.
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810239743.2A CN108696499A (en) | 2018-03-22 | 2018-03-22 | Method, apparatus and computer storage media for administrator password |
PCT/CN2019/077169 WO2019179313A1 (en) | 2018-03-22 | 2019-03-06 | Method and apparatus for managing passwords, and computer storage medium |
TW108108630A TWI701930B (en) | 2018-03-22 | 2019-03-14 | Method, device and computer storage medium for managing password |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810239743.2A CN108696499A (en) | 2018-03-22 | 2018-03-22 | Method, apparatus and computer storage media for administrator password |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108696499A true CN108696499A (en) | 2018-10-23 |
Family
ID=63844257
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810239743.2A Pending CN108696499A (en) | 2018-03-22 | 2018-03-22 | Method, apparatus and computer storage media for administrator password |
Country Status (3)
Country | Link |
---|---|
CN (1) | CN108696499A (en) |
TW (1) | TWI701930B (en) |
WO (1) | WO2019179313A1 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109784072A (en) * | 2018-12-28 | 2019-05-21 | 北京思源互联科技有限公司 | Security file management method and system |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1633650A (en) * | 2002-02-13 | 2005-06-29 | 小川秀治 | User authentication method and user authentication system |
CN104348609A (en) * | 2014-09-18 | 2015-02-11 | 成都西山居互动娱乐科技有限公司 | Non-stored password management algorithm |
CN105357210A (en) * | 2015-11-23 | 2016-02-24 | 贾如银 | Dynamic password |
CN106559412A (en) * | 2016-10-11 | 2017-04-05 | 北京元心科技有限公司 | Strengthen the method and system of authentication safety |
Family Cites Families (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7900252B2 (en) * | 2006-08-28 | 2011-03-01 | Lenovo (Singapore) Pte. Ltd. | Method and apparatus for managing shared passwords on a multi-user computer |
US8935805B2 (en) * | 2007-07-11 | 2015-01-13 | International Business Machines Corporation | Method and system for enforcing password policy in a distributed directory |
US8230455B2 (en) * | 2007-07-11 | 2012-07-24 | International Business Machines Corporation | Method and system for enforcing password policy for an external bind operation in a distributed directory |
CN103580874B (en) * | 2013-11-15 | 2017-01-04 | 清华大学 | Identity identifying method, system and cipher protection apparatus |
CN103580873B (en) * | 2013-11-15 | 2017-06-06 | 清华大学 | Identity identifying method, system and cipher protection apparatus |
CN105100035A (en) * | 2014-05-23 | 2015-11-25 | 国网山西省电力公司电力科学研究院 | Method and system for setting password |
EP3195521B1 (en) * | 2014-08-29 | 2020-03-04 | Visa International Service Association | Methods for secure cryptogram generation |
-
2018
- 2018-03-22 CN CN201810239743.2A patent/CN108696499A/en active Pending
-
2019
- 2019-03-06 WO PCT/CN2019/077169 patent/WO2019179313A1/en active Application Filing
- 2019-03-14 TW TW108108630A patent/TWI701930B/en active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1633650A (en) * | 2002-02-13 | 2005-06-29 | 小川秀治 | User authentication method and user authentication system |
CN104348609A (en) * | 2014-09-18 | 2015-02-11 | 成都西山居互动娱乐科技有限公司 | Non-stored password management algorithm |
CN105357210A (en) * | 2015-11-23 | 2016-02-24 | 贾如银 | Dynamic password |
CN106559412A (en) * | 2016-10-11 | 2017-04-05 | 北京元心科技有限公司 | Strengthen the method and system of authentication safety |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109784072A (en) * | 2018-12-28 | 2019-05-21 | 北京思源互联科技有限公司 | Security file management method and system |
CN109784072B (en) * | 2018-12-28 | 2021-04-30 | 北京思源理想控股集团有限公司 | Security file management method and system |
Also Published As
Publication number | Publication date |
---|---|
WO2019179313A1 (en) | 2019-09-26 |
TWI701930B (en) | 2020-08-11 |
TW201941561A (en) | 2019-10-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN100562902C (en) | Be used for the method and system that safety management is stored in the data on the electronic tag | |
CN104731612B (en) | Mobile equipment safety component software is tied to SIM | |
CN103607416B (en) | A kind of method and application system of the certification of network terminal machine identity | |
KR100858144B1 (en) | User authentication method in internet site using mobile and device thereof | |
US8832795B2 (en) | Using a communications network to verify a user searching data | |
CN106227785A (en) | The display packing of a kind of page object and device | |
US20030146931A1 (en) | Method and apparatus for inputting secret information using multiple screen pointers | |
CN110287724A (en) | Data storage and verification method and device | |
CN103685255A (en) | File encryption method based on two-dimension code scanning | |
CN105208013A (en) | Cross-device high-security non-password login method | |
CN109076054A (en) | System and method for managing the encryption key of single-sign-on application program | |
CN108965324A (en) | A kind of anti-brush method of short message verification code, terminal, server, equipment and medium | |
CN110071813A (en) | A kind of account permission change method system, account platform and user terminal | |
AU2004203412B2 (en) | Moving principals across security boundaries without service interruption | |
Mantoro et al. | Smart card authentication for Internet applications using NFC enabled phone | |
CN103020505A (en) | Information management system and information management method based on fingerprint identification | |
Ozdenizci et al. | A tokenization-based communication architecture for HCE-enabled NFC services | |
JP3966070B2 (en) | Device control system and portable terminal | |
CN103220455A (en) | Apparatus and method for hiding secret information, and secret information restoring device and method | |
CN108696499A (en) | Method, apparatus and computer storage media for administrator password | |
JP2007052489A (en) | User authentication method and user authentication program | |
JP2009129312A (en) | Public relations business support system and its method | |
JP3521717B2 (en) | Authentication system | |
WO2011058629A1 (en) | Information management system | |
CN106713214A (en) | Method and system for carrying out identity authentication among multiple authorization systems |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
REG | Reference to a national code |
Ref country code: HK Ref legal event code: DE Ref document number: 1258679 Country of ref document: HK |
|
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20181023 |
|
RJ01 | Rejection of invention patent application after publication |