CN113836504B - Authority management authentication method and system applied to multifunctional integrated office system - Google Patents
Authority management authentication method and system applied to multifunctional integrated office system Download PDFInfo
- Publication number
- CN113836504B CN113836504B CN202110981967.2A CN202110981967A CN113836504B CN 113836504 B CN113836504 B CN 113836504B CN 202110981967 A CN202110981967 A CN 202110981967A CN 113836504 B CN113836504 B CN 113836504B
- Authority
- CN
- China
- Prior art keywords
- login
- password
- time period
- free
- department
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 29
- 238000012795 verification Methods 0.000 claims abstract description 119
- 230000003203 everyday effect Effects 0.000 claims description 8
- 238000000605 extraction Methods 0.000 claims description 8
- 238000006467 substitution reaction Methods 0.000 claims description 8
- 238000007726 management method Methods 0.000 description 31
- 230000000694 effects Effects 0.000 description 10
- 238000013524 data verification Methods 0.000 description 6
- 230000008569 process Effects 0.000 description 3
- 230000009471 action Effects 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 210000001503 joint Anatomy 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000013439 planning Methods 0.000 description 2
- 230000009467 reduction Effects 0.000 description 2
- 238000013068 supply chain management Methods 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2133—Verifying human interaction, e.g., Captcha
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2137—Time limited access, e.g. to a computer or data
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Facsimiles In General (AREA)
Abstract
The invention provides a rights management authentication method and a rights management authentication system applied to a multifunctional integrated office system. The method comprises the following steps: inputting a login authentication password and a user name to the multifunctional integrated office system through a system port corresponding to each unit department; allowing the system to log in after the authentication password and the user name of the multifunctional integrated office system are correct; recording the login time of a current unit department, setting a password-free login time period, and performing system login by the current unit department in the password-free login time period in a verification code mode; and after the password-free login time period is reached, clearing the stored password and user name corresponding to the current unit department, and performing user name and password verification when the current unit department accesses the multifunctional integrated office system again. The system includes modules corresponding to the steps of the method.
Description
Technical Field
The invention provides a permission management authentication method and system applied to a multifunctional integrated office system, and belongs to the technical field of Internet.
Background
An integrated office management system refers to software which can embody most functions of enterprise management (including decision making, planning, organization, leading, monitoring, analysis and the like), can provide real-time, related, accurate and complete data, and provides decision basis for a manager. The enterprise management software is divided into various types such as enterprise document management, financial management, workshop management, purchase, sale, inventory management (ERP), asset management, cost management, equipment management, quality management, distributed resource planning management, human resource management (HR), supply Chain Management (SCM), customer Relationship Management (CRM), and the like. An integrated office management system is capable of helping enterprise administrators to improve work efficiency rather than increasing their burden. There is no complex flow design, no complex form design, etc. Enterprise management software focuses on the comprehensiveness of system functions, controllability of flow, technical advancement and easiness of system.
Because each department corresponds to have own login password and user, the existing integrated office management system needs to log in the password and the user name in each login process, so that repeated high-frequency user name and password input is caused, and the user name and the password are very easy to steal and leak.
Disclosure of Invention
The invention provides a permission management authentication method and a permission management authentication system applied to a multifunctional integrated office system, which are used for solving the problem that the existing enterprise office system frequently logs in user names and passwords, so that the occurrence frequency of the passwords and the user names is high and the passwords are easy to steal:
a rights management authentication method applied to a multifunctional integrated office system, the method comprising:
inputting a login authentication password and a user name to the multifunctional integrated office system through a system port corresponding to each unit department;
allowing the system to log in after the authentication password and the user name of the multifunctional integrated office system are correct;
recording the login time of a current unit department, setting a password-free login time period, and performing system login by the current unit department in the password-free login time period in a verification code mode;
and after the password-free login time period is reached, clearing the stored password and user name corresponding to the current unit department, and performing user name and password verification when the current unit department accesses the multifunctional integrated office system again.
Further, recording the login time of the current unit department, and setting a password-free login time period, wherein in the password-free login time period, the current unit department performs system login in a verification code mode, and the method comprises the following steps:
The multifunctional integrated office system records the login time of the password and the user name, and sets a password-free login time period;
storing and recording the password and the user name, and setting storage time, wherein the storage time is the same as the password-free login time period;
and in the storage time, when the department logs in the multifunctional integrated office system again, the multifunctional integrated office system automatically ejects a login verification code in a login page and carries out direct system login through the login verification code.
Further, in the storage time, when the department logs in the multifunctional integrated office system again, the multifunctional integrated office system automatically pops out a login verification code in a login page, and carries out direct system login through the login verification code, including:
when the department logs in the multifunctional integrated office system again, the multifunctional integrated office system determines the login interval time length corresponding to the current login time through the time difference between the current login time and the recorded password and the time before the login time of the user name;
comparing the login interval time length with the password-free login time period, and generating a digital verification code of eight digits by the multifunctional integrated office system when the login interval time length is smaller than the password-free login time period;
The digital verification code is sent to a login port interface of the department, and after the data verification code is input into a login port corresponding to the department within a first set time, the six-digit verification after the work number and the identity card number is prompted;
after the six digits after the work number and the identification card number are input to the login port corresponding to the department within the first set time, comparing the six digits after the work number and the identification card with the file storage information of the multifunctional integrated office system, and when the information is consistent, completing login verification and allowing the department to carry out system login access.
Further, the multifunctional integrated office system generates a digital verification code of eight digits, including:
extracting any continuous two-digit numbers in the serial numbers of the departments as substitution codes, wherein the serial numbers of the departments adopt serial numbers of four digits;
randomly generating an initial digital code with eight digits, wherein each digit of the initial digital code is any random number from 0 to 9;
and randomly selecting two continuous numbers at any position in the initial digital code to exchange with the replacement code, so that the replacement code replaces the positions corresponding to the two continuous numbers at any position in the initial digital code, which are randomly selected, to form the final eight-digit digital verification code.
Further, the setting the password-free login period includes:
extracting an initial password-free login time period corresponding to each department;
when the departments log in for the first time every day, correspondingly setting the password-free login time period to be 55% of the initial password-free login time period;
when the login times of the multifunctional integrated office system of the department exceeds a preset first time threshold value in the password-free login time period, but exceeds a preset second time threshold value, setting the password-free login time period as a time length corresponding to 85% of the initial password-free login time period when the next password-free login time period is set;
and when the login times of the multifunctional integrated office system of the department exceeds a preset second time threshold in the password-free login time period, setting the password-free login time period as the time length corresponding to the initial password-free login time period when the next password-free login time period is set. Wherein the value range of the initial password-free login time period is 60-90 minutes, preferably 80 minutes.
A rights management authentication system for use in a multi-function integrated office system, the system comprising:
The login module is used for inputting login authentication passwords and user names to the multifunctional integrated office system through system ports corresponding to each unit department;
the login allowing module is used for allowing the system to login after the authentication password and the user name of the multifunctional integrated office system are correct;
the recording module is used for recording the login time of the current unit department, setting a password-free login time period, and performing system login by the current unit department in the password-free login time period in a verification code mode;
and the clearing module is used for clearing the stored passwords and the user names corresponding to the current unit departments after the password-free login time period is reached, and verifying the user names and the passwords when the current unit departments access the multifunctional integrated office system again.
Further, the recording module includes:
the time period setting module is used for the multifunctional integrated office system to record the login time of the password and the user name and set a password-free login time period;
the storage recording module is used for carrying out storage recording on the password and the user name and setting storage time, wherein the storage time is the same as the password-free login time period;
And the login mode switching module is used for automatically ejecting a login verification code from a login page by the multifunctional integrated office system when the department logs in again the multifunctional integrated office system in the storage time, and directly logging in the system through the login verification code.
Further, the login mode switching module includes:
the determining module is used for determining the login interval time length corresponding to the current login time through the time difference between the current login time and the recorded password and the time before the login time of the user name when the department performs the login of the multifunctional integrated office system again;
the verification code generation module is used for comparing the login interval time length with the password-free login time period, and when the login interval time length is smaller than the password-free login time period, the multifunctional integrated office system generates a digital verification code of eight digits;
the prompting module is used for sending the digital verification code to a login port interface of the department, and prompting the six-digit verification after the data verification code is input to the login port corresponding to the department within a first set time;
And the verification module is used for comparing the six digits after the work number and the identification card with the file storage information of the multifunctional integrated office system after the six digits after the work number and the identification card number are input at the login port corresponding to the department within the first specified time, and completing login verification when the information is consistent, and allowing the department to carry out system login access.
Further, the verification code generation module includes:
the number extraction module is used for extracting any continuous two-digit numbers in the department numbers as substitution codes, wherein the department numbers adopt a four-digit number;
the initial digital code generation module is used for randomly generating an eight-bit initial digital code, wherein each bit of the initial digital code is any random number from 0 to 9;
and the exchange module is used for randomly selecting two continuous numbers at any position in the initial digital code to exchange with the replacement code, so that the replacement code replaces the positions corresponding to the two continuous numbers at any position in the initial digital code selected randomly to form a final eight-digit digital verification code.
Further, the time period setting module includes:
The initial time period extraction module is used for extracting an initial password-free login time period corresponding to each department;
the password-free login time period setting module I is used for correspondingly setting the password-free login time period to be 55% of the time length corresponding to the initial password-free login time period when the departments log in for the first time every day;
a secret-free login time period setting module II, configured to set the secret-free login time period as a time length corresponding to 85% of the initial secret-free login time period when the login frequency of the multifunctional integrated office system of the department exceeds a preset first time threshold but exceeds a preset second time threshold in the next secret-free login time period setting;
and a secret-free login time period setting module III, configured to set the secret-free login time period as a time length corresponding to the initial secret-free login time period when the login times of the multifunctional integrated office system of the department exceeds a preset second time threshold in the secret-free login time period, and the next secret-free login time period is set. Wherein the value range of the initial password-free login time period is 60-90 minutes, preferably 80 minutes.
The invention has the beneficial effects that:
the authority management authentication method and system applied to the multifunctional integrated office system can effectively reduce the input times of the user name and the password under the condition that the user frequently logs in a short time, and effectively reduce the leakage probability and the stolen probability of the user name and the password. Meanwhile, when the user name and the password are replaced by the verification code mode in the password-free time period, under the condition of reducing the input of the user name and the password, the security of authority management authentication of the verification code is effectively improved, and other non-department personnel are prevented from logging in and stealing department data.
Drawings
FIG. 1 is a flow chart of the method of the present invention;
fig. 2 is a system block diagram of the system of the present invention.
Detailed Description
The preferred embodiments of the present invention will be described below with reference to the accompanying drawings, it being understood that the preferred embodiments described herein are for illustration and explanation of the present invention only, and are not intended to limit the present invention.
The embodiment of the invention provides a rights management authentication method applied to a multifunctional integrated office system, as shown in fig. 1, the method comprises the following steps:
s1, inputting a login authentication password and a user name to the multifunctional integrated office system through a system port corresponding to each unit department;
S2, allowing the system to log in after the authentication password and the user name of the multifunctional integrated office system are correct;
s3, recording the login time of the current unit department, and setting a password-free login time period, wherein the current unit department carries out system login in the password-free login time period in a verification code mode;
and S4, after the password-free login time period is reached, clearing the stored password and user name corresponding to the current unit department, and performing user name and password verification when the current unit department accesses the multifunctional integrated office system again.
The principle of the technical scheme is as follows: firstly, inputting a login authentication password and a user name to the multifunctional integrated office system through a system port corresponding to each unit department; then, after the authentication password and the user name of the multifunctional integrated office system are correct, allowing the system to log in; then, recording the login time of the current unit department, and setting a password-free login time period, wherein the current unit department carries out system login in the password-free login time period in a verification code mode; and finally, after the password-free login time period is reached, clearing the stored password and user name corresponding to the current unit department, and performing user name and password verification when the current unit department accesses the multifunctional integrated office system again.
The technical scheme has the effects that: the method can effectively reduce the input times of the user name and the password under the condition that the user frequently logs in a short time, and effectively reduce the leakage probability and the stolen probability of the user name and the password. Meanwhile, when the user name and the password are replaced by the verification code mode in the password-free time period, under the condition of reducing the input of the user name and the password, the security of authority management authentication of the verification code is effectively improved, and other non-department personnel are prevented from logging in and stealing department data.
In one embodiment of the present invention, a login time of a current unit department is recorded, and a password-free login time period is set, and in the password-free login time period, the current unit department performs system login by means of a verification code, including:
s301, the multifunctional integrated office system records the login time of the password and the user name, and sets a password-free login time period;
s302, storing and recording the password and the user name, and setting storage time, wherein the storage time is the same as the password-free login time period;
and S303, automatically ejecting a login verification code in a login page by the multifunctional integrated office system when the department logs in again in the multifunctional integrated office system in the storage time, and directly logging in the system through the login verification code.
The principle of the technical scheme is as follows: firstly, the multifunctional integrated office system records the login time of the password and the user name, and sets a password-free login time period; then, storing and recording the password and the user name, and setting storage time, wherein the storage time is the same as the password-free login time period; and finally, in the storage time, when the department logs in the multifunctional integrated office system again, the multifunctional integrated office system automatically pops out a login verification code in a login page, and carries out direct system login through the login verification code.
The technical scheme has the effects that: and storing the user name and the password and recording the login time, so that the recording condition of the department login can be effectively improved, and the follow-up password-free login time tracking accuracy is further improved.
In one embodiment of the present invention, in a storage time, when the department performs a second login of the multifunctional integrated office system, the multifunctional integrated office system automatically pops a login verification code in a login page, and performs a direct system login through the login verification code, including:
s3031, when the department logs in the multifunctional integrated office system again, the multifunctional integrated office system determines the login interval time length corresponding to the current login time through the time difference between the current login time and the recorded password and the time before the login time of the user name;
S3032, comparing the login interval time length with the password-free login time period, and generating an eight-bit digital verification code by the multifunctional integrated office system when the login interval time length is smaller than the password-free login time period;
s3033, sending the digital verification code to a login port interface of the department, and prompting to carry out six-digit number verification after the data verification code is input into a login port corresponding to the department within a first specified time;
s3034, after the six digits behind the work number and the identification card number are input to the login port corresponding to the department within the first specified time, the six digits behind the work number and the identification card are compared with the file storage information of the multifunctional integrated office system, and when the information is consistent, login verification is completed, and the department is allowed to carry out system login access.
The principle of the technical scheme is as follows: firstly, when the department logs in the multifunctional integrated office system again, the multifunctional integrated office system determines the login interval time length corresponding to the current login time through the time difference between the current login time and the recorded password and the time before the login time of the user name; then, comparing the login interval time length with the password-free login time period, and generating a digital verification code of eight digits by the multifunctional integrated office system when the login interval time length is smaller than the password-free login time period; then, the digital verification code is sent to a login port interface of the department, and after the data verification code is input into a login port corresponding to the department within a first set time, the six-digit verification after the work number and the identity card number is prompted to be carried out; and finally, after the six digits after the work number and the identification card number are input to the login port corresponding to the department within the first specified time, comparing the six digits after the work number and the identification card with the file stored information of the multifunctional integrated office system, and when the information is consistent, completing login verification and allowing the department to carry out system login access.
The technical scheme has the effects that: by the method, the identity authority authentication degree in the password-free login process can be effectively improved, the security of system login is improved, and the situation that department data or data are revealed and stolen due to the fact that other non-department personnel login by using a simple verification code in a password-free login time period is prevented. The occurrence of data or data leakage caused by no-secret login is effectively avoided. Meanwhile, by means of verification in the mode, verification time can be effectively shortened, verification efficiency is improved, identity verification strength of login personnel is improved, and the problem of login efficiency reduction caused by complex reverse locking of an authentication link caused by complex decryption or encryption and other methods is avoided.
In one embodiment of the present invention, the multifunctional integrated office system generates a digital authentication code of eight digits, comprising:
step 1, extracting any continuous two digits in the serial numbers of the departments as substitution codes, wherein the serial numbers of the departments adopt serial numbers of four digits;
step 2, randomly generating an initial digital code with eight digits, wherein each digit of the initial digital code is any random number from 0 to 9;
And 3, randomly selecting two continuous numbers at any position in the initial digital code to exchange with the replacement code, so that the replacement code replaces the positions corresponding to the two continuous numbers at any position in the initial digital code, which are randomly selected, to form a final eight-digit digital verification code.
The principle of the technical scheme is as follows: firstly, extracting any continuous two-digit numbers in the serial numbers of the departments as substitution codes, wherein the serial numbers of the departments adopt serial numbers of four digits; then, randomly generating an initial digital code with eight digits, wherein each digit of the initial digital code is any random number from 0 to 9; and finally, randomly selecting two continuous numbers at any position in the initial digital code to exchange with the replacement code, so that the replacement code replaces the positions corresponding to the two continuous numbers at any position in the initial digital code, which are randomly selected, to form the final eight-digit digital verification code.
The technical scheme has the effects that: by the method, the irregularity of the eight-bit verification code can be effectively improved, meanwhile, the security of the verification code can be effectively improved through the verification code generated in a combination mode of the random number and the department number, and the problem that the malicious third party is imposed as a system to generate the verification code to be in butt joint with a department port to cause the theft of department data is effectively prevented. The security of system management and authentication management is effectively improved.
In one embodiment of the present invention, the setting the password-free login time period includes:
firstly, extracting an initial password-free login time period corresponding to each department;
secondly, when the departments log in for the first time every day, correspondingly setting the password-free login time period to be 55% of the initial password-free login time period;
thirdly, setting the password-free login time period as a time length corresponding to 85% of the initial password-free login time period when the login times of the multifunctional integrated office system of the department exceeds a preset first time threshold value but exceeds a preset second time threshold value in the next password-free login time period;
and fourthly, setting the password-free login time period as the time length corresponding to the initial password-free login time period when the login times of the multifunctional integrated office system of the department exceeds a preset second time threshold value in the password-free login time period and the next password-free login time period is set. Wherein the value range of the initial password-free login time period is 60-90 minutes, preferably 80 minutes.
Firstly, extracting an initial password-free login time period corresponding to each department; when the departments log in for the first time every day, correspondingly setting the password-free login time period to be 55% of the initial password-free login time period; then, when the login times of the multifunctional integrated office system of the department exceeds a preset first time threshold value but exceeds a preset second time threshold value in the password-free login time period, setting the password-free login time period as a time length corresponding to 85% of the initial password-free login time period when the next password-free login time period is set; and finally, when the login times of the multifunctional integrated office system of the department exceeds a preset second time threshold in the password-free login time period, setting the password-free login time period as the time length corresponding to the initial password-free login time period when the next password-free login time period is set.
The technical scheme has the effects that: through the setting of the password-free login time period, the password and the user name login times of the department action personnel can be kept low in use frequency, and the safety of the user name and the password is improved while the system login safety performance is reduced due to the fact that the password-free login time is overlong.
Meanwhile, by means of the percentage distribution mode of the password-free time period, an effective and enough password-free login time period can be set according to the actual working condition of departments and the service condition of a system, the problem that the password-free login time period is too short to cause the increase of the login frequency of the user name and the password caused by frequent user name and password login is prevented, and the effective user name and password use frequency can be reduced to be in an anti-theft safety index.
The embodiment of the invention provides a rights management authentication system applied to a multifunctional integrated office system, as shown in fig. 2, the system comprises:
the login module is used for inputting login authentication passwords and user names to the multifunctional integrated office system through system ports corresponding to each unit department;
the login allowing module is used for allowing the system to login after the authentication password and the user name of the multifunctional integrated office system are correct;
the recording module is used for recording the login time of the current unit department, setting a password-free login time period, and performing system login by the current unit department in the password-free login time period in a verification code mode;
and the clearing module is used for clearing the stored passwords and the user names corresponding to the current unit departments after the password-free login time period is reached, and verifying the user names and the passwords when the current unit departments access the multifunctional integrated office system again.
The principle of the technical scheme is as follows: firstly, inputting a login authentication password and a user name to the multifunctional integrated office system through a system port corresponding to each unit department by using a login module; then, adopting a login allowing module to allow the system to login after the authentication password and the user name of the multifunctional integrated office system are correct; then, recording the login time of the current unit department by adopting a recording module, and setting a password-free login time period, wherein the current unit department carries out system login in the password-free login time period in a verification code mode; and finally, after the password-free login time period is reached, the stored password and user name corresponding to the current unit department are cleared through the clearing module, and when the current unit department accesses the multifunctional integrated office system again, user name and password verification is carried out.
The technical scheme has the effects that: the method can effectively reduce the input times of the user name and the password under the condition that the user frequently logs in a short time, and effectively reduce the leakage probability and the stolen probability of the user name and the password. Meanwhile, when the user name and the password are replaced by the verification code mode in the password-free time period, under the condition of reducing the input of the user name and the password, the security of authority management authentication of the verification code is effectively improved, and other non-department personnel are prevented from logging in and stealing department data.
In one embodiment of the present invention, the recording module includes:
the time period setting module is used for the multifunctional integrated office system to record the login time of the password and the user name and set a password-free login time period;
the storage recording module is used for carrying out storage recording on the password and the user name and setting storage time, wherein the storage time is the same as the password-free login time period;
and the login mode switching module is used for automatically ejecting a login verification code from a login page by the multifunctional integrated office system when the department logs in again the multifunctional integrated office system in the storage time, and directly logging in the system through the login verification code.
The principle of the technical scheme is as follows: firstly, controlling the multifunctional integrated office system to record the login time of the password and the user name through a time period setting module, and setting a password-free login time period; then, the password and the user name are stored and recorded by using a storage and recording module, and storage time is set, wherein the storage time is the same as the password-free login time period; and then, when the department carries out the login of the multifunctional integrated office system again within the storage time by adopting a login mode switching module, the multifunctional integrated office system automatically ejects a login verification code in a login page and carries out direct system login through the login verification code.
The technical scheme has the effects that: and storing the user name and the password and recording the login time, so that the recording condition of the department login can be effectively improved, and the follow-up password-free login time tracking accuracy is further improved.
In one embodiment of the present invention, the login mode switching module includes:
the determining module is used for determining the login interval time length corresponding to the current login time through the time difference between the current login time and the recorded password and the time before the login time of the user name when the department performs the login of the multifunctional integrated office system again;
the verification code generation module is used for comparing the login interval time length with the password-free login time period, and when the login interval time length is smaller than the password-free login time period, the multifunctional integrated office system generates a digital verification code of eight digits;
the prompting module is used for sending the digital verification code to a login port interface of the department, and prompting the six-digit verification after the data verification code is input to the login port corresponding to the department within a first set time;
And the verification module is used for comparing the six digits after the work number and the identification card with the file storage information of the multifunctional integrated office system after the six digits after the work number and the identification card number are input at the login port corresponding to the department within the first specified time, and completing login verification when the information is consistent, and allowing the department to carry out system login access.
The principle of the technical scheme is as follows: firstly, when a determining module carries out the login of the multifunctional integrated office system again in the department, the multifunctional integrated office system determines the login interval time length corresponding to the current login time through the time difference between the current login time and the recorded password and the recorded login time of the user name; then, comparing the login interval time length with the password-free login time period by using a verification code generation module, and generating a digital verification code of eight digits by the multifunctional integrated office system when the login interval time length is smaller than the password-free login time period; then, a prompting module is adopted to send the digital verification code to a login port interface of the department, and after the data verification code is input into a login port corresponding to the department within a first set time, the six-digit number verification after the work number and the identity card number is prompted; finally, after the six digits after the work number and the identification card number are input to the login port corresponding to the department within the first specified time through the verification module, the six digits after the work number and the identification card are compared with the file storage information of the multifunctional integrated office system, and when the information is consistent, login verification is completed, and the department is allowed to carry out system login access.
The technical scheme has the effects that: by the method, the identity authority authentication degree in the password-free login process can be effectively improved, the security of system login is improved, and the situation that department data or data are revealed and stolen due to the fact that other non-department personnel login by using a simple verification code in a password-free login time period is prevented. The occurrence of data or data leakage caused by no-secret login is effectively avoided. Meanwhile, by means of verification in the mode, verification time can be effectively shortened, verification efficiency is improved, identity verification strength of login personnel is improved, and the problem of login efficiency reduction caused by complex reverse locking of an authentication link caused by complex decryption or encryption and other methods is avoided.
In one embodiment of the present invention, the verification code generating module includes:
the number extraction module is used for extracting any continuous two-digit numbers in the department numbers as substitution codes, wherein the department numbers adopt a four-digit number;
the initial digital code generation module is used for randomly generating an eight-bit initial digital code, wherein each bit of the initial digital code is any random number from 0 to 9;
And the exchange module is used for randomly selecting two continuous numbers at any position in the initial digital code to exchange with the replacement code, so that the replacement code replaces the positions corresponding to the two continuous numbers at any position in the initial digital code selected randomly to form a final eight-digit digital verification code.
The principle of the technical scheme is as follows: firstly, extracting any continuous two digits in the serial numbers of the departments as substitution codes through a serial number extraction module, wherein the serial numbers of the departments adopt serial numbers of four digits; then, an initial digital code generating module is utilized to randomly generate an initial digital code with eight digits, wherein each digit of the initial digital code is any random number from 0 to 9; and finally, randomly selecting two continuous numbers at any position in the initial digital code by adopting an interchange module to interchange with the replacement code, so that the replacement code replaces the positions corresponding to the two continuous numbers at any position in the initial digital code which are randomly selected, and a final eight-bit digital verification code is formed.
The technical scheme has the effects that: by the method, the irregularity of the eight-bit verification code can be effectively improved, meanwhile, the security of the verification code can be effectively improved through the verification code generated in a combination mode of the random number and the department number, and the problem that the malicious third party is imposed as a system to generate the verification code to be in butt joint with a department port to cause the theft of department data is effectively prevented. The security of system management and authentication management is effectively improved.
In one embodiment of the present invention, the time period setting module includes:
the initial time period extraction module is used for extracting an initial password-free login time period corresponding to each department;
the password-free login time period setting module I is used for correspondingly setting the password-free login time period to be 55% of the time length corresponding to the initial password-free login time period when the departments log in for the first time every day;
a secret-free login time period setting module II, configured to set the secret-free login time period as a time length corresponding to 85% of the initial secret-free login time period when the login frequency of the multifunctional integrated office system of the department exceeds a preset first time threshold but exceeds a preset second time threshold in the next secret-free login time period setting;
and a secret-free login time period setting module III, configured to set the secret-free login time period as a time length corresponding to the initial secret-free login time period when the login times of the multifunctional integrated office system of the department exceeds a preset second time threshold in the secret-free login time period, and the next secret-free login time period is set. Wherein the value range of the initial password-free login time period is 60-90 minutes, preferably 80 minutes.
The principle of the technical scheme is as follows: firstly, extracting an initial password-free login time period corresponding to each department by using an initial time period extraction module; then, adopting a secret-free login time period setting module to correspondingly set the secret-free login time period to be 55% of the time length corresponding to the initial secret-free login time period when the departments log in for the first time every day; secondly, adopting a secret-free login time period setting module II, setting the secret-free login time period as a time length corresponding to 85% of the initial secret-free login time period when the login times of the multifunctional integrated office system of the department exceeds a preset first time threshold value but exceeds a preset second time threshold value in the next secret-free login time period setting; and finally, setting the password-free login time period as the time length corresponding to the initial password-free login time period when the login times of the multifunctional integrated office system of the department exceeds a preset second time threshold in the password-free login time period through a password-free login time period setting module. Wherein the value range of the initial password-free login time period is 60-90 minutes, preferably 80 minutes.
The technical scheme has the effects that: through the setting of the password-free login time period, the password and the user name login times of the department action personnel can be kept low in use frequency, and the safety of the user name and the password is improved while the system login safety performance is reduced due to the fact that the password-free login time is overlong.
Meanwhile, by means of the percentage distribution mode of the password-free time period, an effective and enough password-free login time period can be set according to the actual working condition of departments and the service condition of a system, the problem that the password-free login time period is too short to cause the increase of the login frequency of the user name and the password caused by frequent user name and password login is prevented, and the effective user name and password use frequency can be reduced to be in an anti-theft safety index.
It will be apparent to those skilled in the art that various modifications and variations can be made to the present invention without departing from the spirit or scope of the invention. Thus, it is intended that the present invention also include such modifications and alterations insofar as they come within the scope of the appended claims or the equivalents thereof.
Claims (4)
1. The authority management authentication method applied to the multifunctional integrated office system is characterized by comprising the following steps of:
inputting a login authentication password and a user name to the multifunctional integrated office system through a system port corresponding to each unit department;
allowing the system to log in after the authentication password and the user name of the multifunctional integrated office system are correct;
recording the login time of a current unit department, setting a password-free login time period, and performing system login by the current unit department in the password-free login time period in a verification code mode;
after the password-free login time period is reached, clearing the stored password and user name corresponding to the current unit department, and performing user name and password verification when the current unit department accesses the multifunctional integrated office system again;
recording the login time of the current unit department, setting a password-free login time period, and performing system login of the current unit department in the password-free login time period by a verification code mode, wherein the method comprises the following steps of:
the multifunctional integrated office system records the login time of the password and the user name, and sets a password-free login time period;
storing and recording the password and the user name, and setting storage time, wherein the storage time is the same as the password-free login time period;
In the storage time, when the department carries out the login of the multifunctional integrated office system again, the multifunctional integrated office system automatically ejects a login verification code in a login page, and carries out direct system login through the login verification code;
and in the storage time, when the department logs in the multifunctional integrated office system again, the multifunctional integrated office system automatically ejects a login verification code in a login page and carries out direct system login through the login verification code, and the method comprises the following steps:
when the department logs in the multifunctional integrated office system again, the multifunctional integrated office system determines the login interval time length corresponding to the current login time through the time difference between the current login time and the recorded password and the time before the login time of the user name;
comparing the login interval time length with the password-free login time period, and generating a digital verification code of eight digits by the multifunctional integrated office system when the login interval time length is smaller than the password-free login time period;
the digital verification code is sent to a login port interface of the department, and after the digital verification code is input into a login port corresponding to the department within a first set time, the six-digit verification after the work number and the identity card number is prompted to be carried out;
After the six digits after the work number and the identification card number are input to the login port corresponding to the department within the first set time, comparing the six digits after the work number and the identification card with the file storage information of the multifunctional integrated office system, and when the information is consistent, completing login verification and allowing the department to carry out system login access;
the multifunctional integrated office system generates a digital verification code of eight digits, comprising:
extracting any continuous two-digit numbers in the serial numbers of the departments as substitution codes, wherein the serial numbers of the departments adopt serial numbers of four digits;
randomly generating an initial digital code with eight digits, wherein each digit of the initial digital code is any random number from 0 to 9;
and randomly selecting two continuous numbers at any position in the initial digital code to exchange with the replacement code, so that the replacement code replaces the positions corresponding to the two continuous numbers at any position in the initial digital code, which are randomly selected, to form the final eight-digit digital verification code.
2. The method of claim 1, wherein the setting a password-free login period comprises:
Extracting an initial password-free login time period corresponding to each department;
when the departments log in for the first time every day, correspondingly setting the password-free login time period to be 55% of the initial password-free login time period;
when the login times of the multifunctional integrated office system of the department exceeds a preset first time threshold value in the password-free login time period, but exceeds a preset second time threshold value, setting the password-free login time period as a time length corresponding to 85% of the initial password-free login time period when the next password-free login time period is set;
and when the login times of the multifunctional integrated office system of the department exceeds a preset second time threshold in the password-free login time period, setting the password-free login time period as the time length corresponding to the initial password-free login time period when the next password-free login time period is set.
3. A rights management authentication system for use in a multi-function integrated office system, the system comprising:
the login module is used for inputting login authentication passwords and user names to the multifunctional integrated office system through system ports corresponding to each unit department;
The login allowing module is used for allowing the system to login after the authentication password and the user name of the multifunctional integrated office system are correct;
the recording module is used for recording the login time of the current unit department, setting a password-free login time period, and performing system login by the current unit department in the password-free login time period in a verification code mode;
the clearing module is used for clearing the stored passwords and the user names corresponding to the current unit departments after the password-free login time period is reached, and verifying the user names and the passwords when the current unit departments access the multifunctional integrated office system again;
the recording module includes:
the time period setting module is used for the multifunctional integrated office system to record the login time of the password and the user name and set a password-free login time period;
the storage recording module is used for carrying out storage recording on the password and the user name and setting storage time, wherein the storage time is the same as the password-free login time period;
the login mode switching module is used for automatically ejecting a login verification code from a login page by the multifunctional integrated office system when the department performs the login of the multifunctional integrated office system again in the storage time, and performing direct system login through the login verification code;
The login mode switching module comprises:
the determining module is used for determining the login interval time length corresponding to the current login time through the time difference between the current login time and the recorded password and the time before the login time of the user name when the department performs the login of the multifunctional integrated office system again;
the verification code generation module is used for comparing the login interval time length with the password-free login time period, and when the login interval time length is smaller than the password-free login time period, the multifunctional integrated office system generates a digital verification code of eight digits;
the prompting module is used for sending the digital verification code to a login port interface of the department, and prompting the six-digit verification after the digital verification code is input to the login port corresponding to the department within a first set time;
the verification module is used for comparing the six digits after the work number and the identification card with the file storage information of the multifunctional integrated office system after the six digits after the work number and the identification card number are input at the login port corresponding to the department in the first set time, and when the information is consistent, login verification is completed, and the department is allowed to carry out system login access;
The verification code generation module comprises:
the number extraction module is used for extracting any continuous two-digit numbers in the department numbers as substitution codes, wherein the department numbers adopt a four-digit number;
the initial digital code generation module is used for randomly generating an eight-bit initial digital code, wherein each bit of the initial digital code is any random number from 0 to 9;
and the exchange module is used for randomly selecting two continuous numbers at any position in the initial digital code to exchange with the replacement code, so that the replacement code replaces the positions corresponding to the two continuous numbers at any position in the initial digital code selected randomly to form a final eight-digit digital verification code.
4. The system of claim 3, wherein the time period setting module comprises:
the initial time period extraction module is used for extracting an initial password-free login time period corresponding to each department;
the password-free login time period setting module I is used for correspondingly setting the password-free login time period to be 55% of the time length corresponding to the initial password-free login time period when the departments log in for the first time every day;
A secret-free login time period setting module II, configured to set the secret-free login time period as a time length corresponding to 85% of the initial secret-free login time period when the login frequency of the multifunctional integrated office system of the department exceeds a preset first time threshold but exceeds a preset second time threshold in the next secret-free login time period setting;
and a secret-free login time period setting module III, configured to set the secret-free login time period as a time length corresponding to the initial secret-free login time period when the login times of the multifunctional integrated office system of the department exceeds a preset second time threshold in the secret-free login time period, and the next secret-free login time period is set.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110981967.2A CN113836504B (en) | 2021-08-25 | 2021-08-25 | Authority management authentication method and system applied to multifunctional integrated office system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110981967.2A CN113836504B (en) | 2021-08-25 | 2021-08-25 | Authority management authentication method and system applied to multifunctional integrated office system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113836504A CN113836504A (en) | 2021-12-24 |
| CN113836504B true CN113836504B (en) | 2024-02-06 |
Family
ID=78961246
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110981967.2A Active CN113836504B (en) | 2021-08-25 | 2021-08-25 | Authority management authentication method and system applied to multifunctional integrated office system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113836504B (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103618717A (en) * | 2013-11-28 | 2014-03-05 | 北京奇虎科技有限公司 | Multi-account client information dynamic authentication method, device and system |
| CN108647501A (en) * | 2018-05-09 | 2018-10-12 | 平安科技(深圳)有限公司 | Multiple utility program shares password unlocking method, device, equipment and storage medium |
| CN110247901A (en) * | 2019-05-29 | 2019-09-17 | 苏宁云计算有限公司 | The cross-platform method for exempting from close sign-on access, system and equipment |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101272237B (en) * | 2008-04-22 | 2010-10-06 | 北京飞天诚信科技有限公司 | Method and system for automatically generating and filling login information |
| CN102591889A (en) * | 2011-01-17 | 2012-07-18 | 腾讯科技(深圳)有限公司 | Method and device for assisting user input based on browser of mobile terminal |
-
2021
- 2021-08-25 CN CN202110981967.2A patent/CN113836504B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103618717A (en) * | 2013-11-28 | 2014-03-05 | 北京奇虎科技有限公司 | Multi-account client information dynamic authentication method, device and system |
| CN108647501A (en) * | 2018-05-09 | 2018-10-12 | 平安科技(深圳)有限公司 | Multiple utility program shares password unlocking method, device, equipment and storage medium |
| CN110247901A (en) * | 2019-05-29 | 2019-09-17 | 苏宁云计算有限公司 | The cross-platform method for exempting from close sign-on access, system and equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113836504A (en) | 2021-12-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101237353B (en) | A method and system for monitoring mobile storage device based on USBKEY | |
| CN107547203B (en) | Anti-counterfeiting tracing method and system | |
| CN105978856A (en) | POS (point of sale) machine key downloading method, device and system | |
| CN112508564B (en) | Seal use management method based on block chain, electronic equipment and storage medium | |
| CN103530581A (en) | Hard disk encrypting method and operation system | |
| CN109960917A (en) | A kind of time slot scrambling and device of document | |
| CN110674538B (en) | Optical disk safety burning monitoring and warning method | |
| CN102542645B (en) | A kind of entrance guard authentication method and Verification System | |
| CN104363093A (en) | Method for encrypting file data by dynamic authorization code | |
| CN113836504B (en) | Authority management authentication method and system applied to multifunctional integrated office system | |
| CN101324913B (en) | Method and apparatus for protecting computer file | |
| CN111711521B (en) | Block chain account private key resetting method and system | |
| CN109101798A (en) | A kind of login method of BIOS, login system and relevant apparatus | |
| CN105511821A (en) | Printing and recording control system and realizing method based on intelligent password keys | |
| CN117094036A (en) | Electronic signature method based on blockchain technology | |
| CN111783153B (en) | Information processing method and device, electronic equipment and storage medium | |
| CN114154965A (en) | Collaborative law enforcement and case handling management method and system based on block chain | |
| CN100464338C (en) | Method for binding security mechanism of application software and large database | |
| US8612758B2 (en) | System and method for inherently secure identification over insecure data communications networks | |
| CN107315963A (en) | A kind of financial management method with remote access function | |
| CN108769012B (en) | Method for independently authenticating bank electronic credit archive | |
| CN102789563A (en) | Protecting system for information safety of website background program and protecting method thereof | |
| CN114640479A (en) | Key management system | |
| CN105306220A (en) | Smart secret key based file record control system and realization method thereof | |
| CN112039921A (en) | Verification method for parking access, parking user terminal and node server |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |