CN116055036A - Dynamic password generation method of non-networking system and identity authentication method of non-networking system - Google Patents

Dynamic password generation method of non-networking system and identity authentication method of non-networking system Download PDF

Info

Publication number
CN116055036A
CN116055036A CN202211571506.9A CN202211571506A CN116055036A CN 116055036 A CN116055036 A CN 116055036A CN 202211571506 A CN202211571506 A CN 202211571506A CN 116055036 A CN116055036 A CN 116055036A
Authority
CN
China
Prior art keywords
authorization
current
login password
password
authorization code
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202211571506.9A
Other languages
Chinese (zh)
Other versions
CN116055036B (en
Inventor
方忠诚
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jiangsu Tuomiluo High End Equipment Co ltd
Original Assignee
Jiangsu Tuomiluo High End Equipment Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jiangsu Tuomiluo High End Equipment Co ltd filed Critical Jiangsu Tuomiluo High End Equipment Co ltd
Priority to CN202211571506.9A priority Critical patent/CN116055036B/en
Publication of CN116055036A publication Critical patent/CN116055036A/en
Application granted granted Critical
Publication of CN116055036B publication Critical patent/CN116055036B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0863Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0838Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/108Network architectures or network communication protocols for network security for controlling access to devices or network resources when the policy decisions are valid for a limited amount of time
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0872Generation of secret information including derivation or calculation of cryptographic keys or passwords using geo-location information, e.g. location data, time, relative position or proximity to other entities

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The embodiment of the invention discloses a dynamic password generation method of a non-networking system and an identity authentication method of the non-networking system. The non-networked system comprises an operation end device and a remote end device; the dynamic password generation method of the non-networking system comprises the following steps: the operation terminal equipment generates an authorization code and an authorization code according to the current date and the current time, stores the authorization code and displays the authorization code; the remote terminal equipment generates a login password according to the authorization code, the current time and the authorization time length, and displays the login password; or the remote terminal equipment generates a login password according to the current time and the authorization time length and displays the login password. The scheme enhances the randomness, the dynamic property, the non-repeatability and the better concealment of the generated authorization code, the generated authorization code and the generated login code, thereby enhancing the protection of the operation terminal equipment on the debugging page/menu and enhancing the security of the debugging page/menu.

Description

Dynamic password generation method of non-networking system and identity authentication method of non-networking system
Technical Field
The embodiment of the invention relates to the technical field of information, in particular to a non-networking system dynamic password generation method and a non-networking system identity authentication method.
Background
At present, the password protection information security mode is widely applied in various fields of debugging, after-sale, maintenance, etc. of product equipment. For example, environmental test equipment is typically provided with a debug page/menu within its control system that requires password authorization to access. For this, a fixed password set in advance is input at a password input position, so that the right of opening or use is obtained; or the dynamic password is adopted, and the dynamic password of access authorization is obtained in a network mode. However, the defect of using a fixed password set in advance to log in the debug page/menu is: the fixed password is easy to peep to cause the leakage of the preset fixed password. The dynamic password for obtaining access authorization through a network mode has the following defects: the dynamic password needs to be generated by means of an additional device and provided with a transmitting device, which is difficult to implement for products and devices without network conditions. In addition, for receiving dynamic passwords by means of other devices (such as mobile phones and U shields), the use conditions of the devices are severe, and the cost of the devices is increased. In addition, if only the password information is available for a period of time without authorization, information leakage or tampering of important information caused by overlong stay of information in a debugging page/menu and forgetting to close by an operator may occur.
Disclosure of Invention
The embodiment of the invention provides a non-networking system dynamic password generation method and a non-networking system identity authentication method, which are used for generating a dynamic password under the non-networking condition, improving the security of equipment passwords and information, reducing the requirements of using equipment on the use environment and reducing the cost of using equipment.
In a first aspect, an embodiment of the present invention provides a method for generating a dynamic password of a non-networking system, where the non-networking system includes an operation end device and a remote end device;
the method for generating the dynamic password of the non-networking system comprises the following steps:
the operation terminal equipment generates an authorization code and an authorization code according to the current date and the current time, stores the authorization code and displays the authorization code;
the remote terminal equipment generates a login password according to the authorization code, the current time and the authorization time length, and displays the login password; or the remote terminal equipment generates a login password according to the application date and the authorization time length and displays the login password.
Optionally, the method for generating the authorization code and the authorization password by the operation terminal device according to the current date and the current time includes:
acquiring a current day number according to the current date, and acquiring a current second number according to the current time;
generating the authorization code according to the current day number and the current second number;
and generating the authorization password according to the current day number.
Optionally, the method for generating the authorization code according to the current day number and the current second number comprises the following steps:
calculating the sum of the current day number and the current second number;
combining the current second number, the current day number and the sum of the current second number sequentially to generate the authorization code;
the method for generating the authorization password according to the current day number comprises the following steps:
calculating the sum of the current day number and a first threshold value, and calculating the sum of the current day number and a second threshold value;
and sequentially combining the sum of the current day number and the first threshold value and the sum of the current day number and the second threshold value to generate the authorization password.
Optionally, the method for generating the login password by the remote terminal device according to the authorization code, the current time and the authorization time length includes:
acquiring the last two digits of the authorization code and the current second of the current time;
calculating the difference between the last two digits of the authorization code and the seconds of the current time to obtain the current day number;
calculating the sum of the authorization time length and a third threshold value, the difference between the authorization time length and a fourth threshold value and the sum of the current day number and a fifth threshold value;
and sequentially combining the sum of the authorization time length and the third threshold value, the difference of the authorization time length and the fourth threshold value and the sum of the current day number and the fifth threshold value to generate the login password.
Optionally, the method for generating the login password by the remote terminal device according to the current time and the authorization time length includes:
acquiring a current day number according to the current date;
calculating the sum of the authorization time length and a third threshold value, the difference between the authorization time length and a fourth threshold value and the sum of the current day number and a fifth threshold value;
and sequentially combining the sum of the authorization time length and the third threshold value, the difference of the authorization time length and the fourth threshold value and the sum of the current day number and the fifth threshold value to generate the login password.
Optionally, before the operation end device generates and stores the authorization code and the authorization password according to the current date and the current time, the method further comprises:
clicking a hidden button of a login page of the operation terminal device, wherein the time for clicking the hidden button is longer than the preset time.
In a second aspect, the embodiment of the invention also provides a non-networking system identity authentication method, which comprises the non-networking system dynamic password generation method provided by any embodiment of the invention;
acquiring the login password generated by the remote terminal equipment and inputting the login password into the operation terminal equipment;
the operation terminal equipment acquires the using time length of the setting menu according to the login password;
the operation terminal equipment verifies whether the input login password is correct;
if the input login password is correct, the operation terminal equipment starts a set menu permission, records the starting time of the set menu permission, and closes the set menu permission until the starting time of the set menu permission is equal to the using time of the set menu.
Optionally, the method for obtaining the use duration of the setting menu by the operation terminal device according to the login password includes:
acquiring a first parameter according to the login password;
the set-up menu has a use-time length equal to the difference between the first parameter and a sixth threshold multiplied by 24.
Optionally, the method for verifying whether the login password is correct by the operation end device includes:
generating a check code and a first authentication code according to the login password;
generating a second authentication code according to the authorization code and the check code;
judging whether the first authentication code is equal to the second authentication code;
if yes, the login password is correct;
if not, the login password is wrong.
Optionally, if the login password input by the non-networking system identity authentication method is wrong, the operation terminal device prompts that the password is input wrong, and calculates the number of errors of continuously inputting the login password;
if the error times of continuously inputting the login password is larger than the preset times, the operation end equipment changes the login password, and the authorization code is changed into a regenerated authorization code;
the operation terminal equipment displays a prompt: the number of password input errors overruns-! Please regenerate the authorization code and apply for the password.
According to the embodiment of the invention, the authorization code and the authorization code are generated through the operation terminal equipment according to the current date and the current time, the authorization code and the authorization code are stored, and the authorization code is displayed. The remote terminal equipment generates a login password according to the authorization code, the current time and the authorization time length, and displays the login password; or the remote terminal equipment generates a login password according to the application time and the authorization time length and displays the login password. Therefore, the randomness, the dynamic property, the non-repeatability and the better concealment of the authorization code and the authorization code generated by the operation terminal equipment are enhanced, and the randomness, the dynamic property, the non-repeatability and the better concealment of the login code generated by the remote terminal equipment are enhanced, so that the protection of the operation terminal equipment on a debugging page/menu can be enhanced, and the security of the debugging page/menu is enhanced. In addition, the login password generated by the remote terminal device is generated based on the time length (authorized time length) that the operator needs to authorize access to the protected debugging page/menu, so that the time length that the operator authorizes access to the protected debugging page/menu can be accurately positioned, information leakage or important information tampering caused by overlong stay time in the debugging page/menu and forgetting to close the debugging page/menu when the operator debugs information in the page/menu is prevented, and the security of the device password and the information is further improved. In addition, the operation end equipment and the remote end equipment do not need to carry out information interaction through network communication, and can be used under the non-networking condition, so that the requirement of the use equipment on the use environment is reduced, and the cost of the use equipment is reduced.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required for the description of the embodiments will be briefly described below, and it is apparent that the drawings in the following description are only some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a schematic diagram of a non-networking system according to an embodiment of the present invention;
fig. 2 is a login page for entering a debugging page/menu in a touch screen of an operation end device according to an embodiment of the present invention;
FIG. 3 is a schematic flow chart of a method for generating dynamic passwords of a non-networked system according to an embodiment of the invention;
FIG. 4 is a flowchart of a method for generating an authorization code and an authorization code according to an embodiment of the present invention;
FIG. 5 is a flowchart of a method for generating an authorization code according to an embodiment of the present invention;
FIG. 6 is a flowchart illustrating a method for generating an authorization code according to an embodiment of the present invention;
FIG. 7 is a flowchart illustrating a method for generating a login password according to an embodiment of the present invention;
FIG. 8 is a flowchart illustrating another method for generating a login password according to an embodiment of the present invention;
FIG. 9 is a schematic flow chart of a non-networking system identity authentication method according to an embodiment of the present invention;
fig. 10 is a flowchart of a method for an operation terminal device to obtain a usage duration of a setup menu according to a login password according to an embodiment of the present invention;
FIG. 11 is a flowchart illustrating a method for verifying whether a login password is correct by an operation terminal device according to an embodiment of the present invention;
FIG. 12 is a flowchart of another method for authentication of non-networked system according to an embodiment of the present invention;
fig. 13 is a flowchart of another method for authenticating identity of a non-networked system according to an embodiment of the present invention.
Detailed Description
In order that those skilled in the art will better understand the present invention, a technical solution in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in which it is apparent that the described embodiments are only some embodiments of the present invention, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the present invention without making any inventive effort, shall fall within the scope of the present invention.
It should be noted that the terms "first," "second," and the like in the description and the claims of the present invention and the above figures are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments of the invention described herein may be implemented in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
Fig. 1 is a schematic structural diagram of a non-networking system according to an embodiment of the present invention, and as shown in fig. 1, the non-networking system 100 includes an operation end device 01 and a remote end device 02.
Specifically, the operation end device 01 is a field device that an operator needs to perform an access operation. The operation end device is provided with a touch screen which can be used for man-machine interaction operation, and the touch screen of the operation end device 01 has a real-time date and real-time recording function. A touch screen of the operation terminal device 01 is internally provided with a plurality of pages/menus for display and operation, and the debugging pages/menus to be protected are logged in and set. Fig. 2 is an exemplary illustration of a login page for entering a debug page/menu in a touch screen of an operation terminal device according to an embodiment of the present invention. As shown in fig. 2, the login page includes a login password input box 11, an authorized user identification prompt 12, a hidden operation area 13, an authorized code display area 14, a login button 15, a logout button 16, and a push button 17. The hidden operation area 13 may be disposed in any area on the touch screen display page, so as to avoid random access or misoperation of unrelated personnel.
The remote terminal device 02 is a device for acquiring an access password of the operating terminal device 01 by a remote customer service center personnel according to the application requirement of the operating personnel. The remote terminal device 02 is provided with a touch screen for man-machine interaction operation, and the touch screen of the remote terminal device 02 has a real-time date and real-time recording function. An operator application demand input interface and a password display frame are arranged in the touch screen of the remote terminal device 02.
When the field operator knows the login password in advance, the field operator inputs the login password on a login page of a touch screen of the operation end device 01, and the operation end device 01 obtains the access right and the available time according to the login password. If access rights are available and the available access duration is not zero, a debug page/menu may be entered. If the access right is not available or the available access time length is zero, the debugging page/menu can not be accessed.
When the operator does not know the login password, the access time is zero or the login password input times exceeds a certain number of times, the operation end device 01 can change the login password again and give a prompt of regenerating the authorization code and applying for the password. At this time, the operator needs to apply for the login password again, that is, the operator of the remote customer service center needs to ask for help to operate the remote terminal device 02 to obtain the login password.
Specifically, when the operator needs to re-apply for the login password, the operator may apply for the login password in advance or apply for the login password according to the authorization code displayed by the field operation terminal device.
Illustratively, the general procedure for an operator to pre-apply for a login password is:
s1, an operator applies to a remote customer service center and provides application information. The application information comprises a date and an authorized duration of the debugging equipment;
s2, a remote customer service center personnel inputs application information provided by an operator into remote terminal equipment, and the remote terminal equipment generates a login password according to a specific rule;
s3, the remote customer service center personnel provide the login password generated by the remote terminal equipment for the operators who apply for.
Illustratively, the general procedure for an operator to apply for a login password according to an authorization code displayed by the field operation terminal device is as follows:
s1', after the operation end equipment is started, a login page appears on a touch screen of the operation end equipment, and when an operator continuously presses the position of a hidden operation area of a login password prompt box and meets the requirement of more than a preset time, an authorization code can be obtained;
s2', recording authorization codes by field operators, evaluating the time length of the debugging page/menu needing to be authorized to access the protected, and connecting with remote customer service center personnel;
s3', a remote customer service center person inputs application information provided by an operator into remote terminal equipment according to the application information of the operator, and the remote terminal equipment generates a login password according to a specific rule;
s4', the remote customer service center personnel provide the login password generated by the remote terminal equipment for the operator who submits the application.
The operation end device and the remote end device are required to regenerate the same login password no matter the login password is pre-applied or the login password is applied according to the authorization code displayed by the field operation end device, and the operation end device and the remote end device are not connected through a network, so that the operation end device can check the input login password and open a protected debugging page/menu after the verification is passed.
Fig. 3 is a flow chart of a dynamic password generation method of a non-networking system, which is provided by the embodiment of the invention, and the method can be implemented by the non-networking system, and the system can be implemented by adopting a hardware and/or software method. The method specifically comprises the following steps:
s110, the operation end equipment generates an authorization code and an authorization code according to the current date and the current time, stores the authorization code and displays the authorization code.
The touch screen of the operation terminal equipment has a real-time date and real-time recording function. When the operator continuously presses the hidden operation area position of the login password prompt box and meets the requirement of more than the preset time, the operation end equipment acquires data of the current date and the current time, and processes the acquired data of the current date and the current time according to a certain rule, so that a dynamic authorization code and an authorization password related to the current time can be obtained.
And when the operation end equipment generates the authorization code, the authorization code is stored, and when the operation end equipment generates the authorization code, the operation end equipment stores the authorization code, so that the operation end equipment can call the authorization code and the authorization code later. In addition, if the authorization code is generated, the authorization code display area of the login page of the touch screen can be clicked, and the authorization code can be queried at any time.
According to the description, the authorization code and the authorization password generated by the operation end device according to the current date and the current time as reference data are adopted by the operation end device, so that the randomness, the dynamic property, the non-repeatability and the better concealment of the authorization code and the authorization password generated by the operation end device are enhanced, the protection of the operation end device on the debug page/menu can be enhanced, and the security of the debug page/menu is enhanced.
S120, the remote terminal equipment generates a login password according to the authorization code, the current time and the authorization time length, and displays the login password; or the remote terminal equipment generates a login password according to the application date and the authorization time length and displays the login password.
The authorization time length refers to the time length, which is evaluated by an operator, of requiring authorization to access the protected debugging page/menu.
When an operator applies for a login password in advance, the remote terminal device needs to input application information provided by the operator. The application information includes application time (specific time of the debugging device) and authorization duration (duration of requiring authorization to access the protected debugging page/menu). At this time, the remote terminal device may generate a login password according to the specific application information of the operator, and display the login password. Therefore, the remote customer service center personnel can obtain the login password generated by the remote terminal equipment, and the login password generated by the remote terminal equipment is provided for the operators who apply for.
When an operator applies for a login password according to an authorization code displayed by the field operation end device, the remote end device needs to input application information provided by the operator. The application information includes the current time, authorization code and authorization duration (the duration of time required to authorize access to the protected debug page/menu). At this time, the remote terminal device may generate a login password according to the specific application information of the operator, and display the login password. Therefore, the remote customer service center personnel can obtain the login password generated by the remote terminal equipment, and the login password generated by the remote terminal equipment is provided for the operators who apply for.
According to the description, the login password generated by the remote terminal device is generated based on the authorization code, the current time and the authorization time of the operator operating the operation terminal device, or the login password generated by the remote terminal device is generated based on the application date and the authorization time, so that the randomness, the dynamic property, the non-repeatability and the better concealment of the login password generated by the remote terminal device can be enhanced, the protection of the remote terminal device on the debug page/menu can be enhanced, and the security of the debug page/menu can be enhanced.
In addition, the login password generated by the remote terminal device is generated based on the time length that the operator needs to authorize access to the protected debugging page/menu, so that the time length that the operator authorizes access to the protected debugging page/menu can be accurately positioned, and information leakage or important information tampering caused by overlong stay time in the debugging page/menu when the operator debugs information in the debugging page/menu and forgets to close the debugging page/menu can be prevented.
According to the embodiment of the invention, the authorization code and the authorization code are generated through the operation terminal equipment according to the current date and the current time, the authorization code and the authorization code are stored, and the authorization code is displayed. The remote terminal equipment generates a login password according to the authorization code, the current time and the authorization time length, and displays the login password; or the remote terminal equipment generates a login password according to the application time and the authorization time length and displays the login password. Therefore, the randomness, the dynamic property, the non-repeatability and the better concealment of the authorization code and the authorization code generated by the operation terminal equipment are enhanced, and the randomness, the dynamic property, the non-repeatability and the better concealment of the login code generated by the remote terminal equipment are enhanced, so that the protection of the operation terminal equipment on a debugging page/menu can be enhanced, and the security of the debugging page/menu is enhanced. In addition, the login password generated by the remote terminal device is generated based on the time length (authorized time length) that the operator needs to authorize access to the protected debugging page/menu, so that the time length that the operator authorizes access to the protected debugging page/menu can be accurately positioned, information leakage or important information tampering caused by overlong stay time in the debugging page/menu and forgetting to close the debugging page/menu when the operator debugs information in the page/menu is prevented, and the security of the device password and the information is further enhanced. In addition, the operation end equipment and the remote end equipment do not need to carry out information interaction through network communication, and can be used under the non-networking condition, so that the requirement of the use equipment on the use environment is reduced, and the cost of the use equipment is reduced.
Fig. 4 is a schematic flow chart of a method for generating an authorization code and an authorization code according to an embodiment of the present invention, and further details the steps of the method for generating an authorization code and an authorization code based on the above embodiment.
S210, acquiring a current day number according to the current date, and acquiring the current second number according to the current time.
Wherein, if the current date is YYYYMMDD, where YYYY refers to year, MM refers to month, and DD refers to day number. Thus, the current day number DD can be obtained from the current date YYYYMMDD. If the current time is hhmmss, where hh denotes hours, mm denotes minutes, and ss denotes seconds. Thus, the current seconds ss can be obtained from the current time hhmmss.
Illustratively, if the current date is 20220524, then the current day number is 24. If the current time is 084623, the current number of seconds is 23.
S220, generating an authorization code according to the current day number and the current second number.
If the authorization code is generated by taking the current date and the current time as reference data, that is, the obtained current date and the obtained current second number can be calculated and combined according to a certain rule to obtain the authorization code, so that the randomness, the dynamic property, the non-repeatability and the better concealment of the authorization code generated by the operation terminal equipment can be enhanced, the protection of the operation terminal equipment on the debugging page/menu can be enhanced, and the security of the debugging page/menu can be enhanced.
S230, generating an authorization password according to the current day number.
The authorization password is generated by taking the current day number as reference data, namely the acquired current day number can be calculated and combined according to a certain rule to obtain the authorization password, so that the randomness, the dynamic property, the non-repeatability and the better concealment of the authorization password generated by the operation terminal equipment can be enhanced, the protection of the operation terminal equipment on the debugging page/menu is enhanced, and the security of the debugging page/menu is enhanced.
Fig. 5 is a schematic flow chart of a method for generating an authorization code according to an embodiment of the present invention, and further details of steps of the method for generating an authorization code are described on the basis of the foregoing embodiment:
s310, calculating the sum of the current day number and the current second number.
Illustratively, if the current day number is 24 and the current number of seconds is 23, the sum of the current day number and the current number of seconds is 47.
S320, combining the current second number, the current day number and the sum of the current second number sequentially to generate an authorization code.
Illustratively, if the current day number is 24 and the current second number is 23, the authorization code generated by sequentially combining the current second number (23), the current day number and the sum of the current second number (23+24=47) is: 2347
Fig. 6 is a schematic flow chart of a method for generating an authorization code according to an embodiment of the present invention, and further details the steps of the method for generating an authorization code based on the above embodiment are described:
s410, calculating the sum of the current day number and the first threshold value, and calculating the sum of the current day number and the second threshold value.
Illustratively, if the current day number is 24, the first threshold is 55, and the second threshold is 17, the sum of the current day number and the first threshold is 24+55=79, and the sum of the current day number and the second threshold is 24+18=42.
S420, the sum of the current day number and the first threshold value and the sum of the current day number and the second threshold value are sequentially combined to generate an authorization password.
For example, if the sum of the current day number and the first threshold is 79 and the sum of the current day number and the second threshold is 42, the generated authorization code is 7942.
Fig. 7 is a schematic flow chart of a method for generating a login password according to an embodiment of the present invention, and further details of steps of the method for generating a login password are described on the basis of the above embodiment:
s510, acquiring the last two digits of the authorization code and the current second of the current time.
For example, if the authorization code is 2347 and the current time is 084623, the last two digits of the authorization code are 47 and the current second is 23.
S520, calculating the difference between the last two digits of the authorization code and the seconds of the current time to obtain the current day number.
The authorization code is generated by combining the current second number, the current day number and the sum of the current second number, and obviously the last two digits of the authorization code are the sum of the current day number and the current second number, so that the current day number can be obtained by making a difference between the last two digits of the authorization code and the second number of the current time.
S530, calculating the sum of the authorization time length and the third threshold value, the difference of the authorization time length and the fourth threshold value and the sum of the current day number and the fifth threshold value.
For example, if the authorization duration is 3 days, the current day number is 24, the third threshold is 5, the fourth threshold is 3, and the fifth threshold is 18, the sum of the authorization duration and the third threshold is 08, the difference between the authorization duration and the fourth threshold is 00, and the sum of the current day number and the fifth threshold is 42.
S540, sequentially combining the sum of the authorization time length and the third threshold value, the difference of the authorization time length and the fourth threshold value and the sum of the current day number and the fifth threshold value to generate a login password.
If the sum of the authorization time length and the third threshold value is 08, the difference between the authorization time length and the fourth threshold value is 00, and the sum of the current day number and the fifth threshold value is 42, the generated login password is 080042.
Fig. 8 is a schematic flow chart of another method for generating a login password according to an embodiment of the present invention, and further details of steps of the method for generating a login password are described on the basis of the above embodiment:
s610, acquiring a current day number according to the current date.
Illustratively, if the current date is 20220524, then the current day number is 24.
S620, calculating the sum of the authorization time length and the third threshold value, the difference of the authorization time length and the fourth threshold value and the sum of the current day number and the fifth threshold value.
For example, if the authorization duration is 3 days, the current day number is 24, the third threshold is 5, the fourth threshold is 3, and the fifth threshold is 18, the sum of the authorization duration and the third threshold is 08, the difference between the authorization duration and the fourth threshold is 00, and the sum of the current day number and the fifth threshold is 42.
S630, sequentially combining the sum of the authorization time length and the third threshold value, the difference of the authorization time length and the fourth threshold value and the sum of the current day number and the fifth threshold value to generate a login password.
If the sum of the authorization time length and the third threshold value is 08, the difference between the authorization time length and the fourth threshold value is 00, and the sum of the current day number and the fifth threshold value is 42, the generated login password is 080042.
Optionally, before the operation end device generates and stores the authorization code and the authorization password according to the current date and the current time, the method further includes: clicking a hidden button of a login page of the operation end device, wherein the time for clicking the hidden button is longer than the preset time.
The touch screens of the operation terminal equipment have the recording functions of real-time dates and real-time times. When the hidden button of the login page of the operation end device is clicked and the time for clicking the hidden button is longer than the preset time, the operation end device can acquire data of the current date and the current time, so that the operation end device can generate an authorization code and an authorization password according to the current date and the current time.
Fig. 9 is a flow chart of a non-networking system identity authentication method according to an embodiment of the present invention, where the non-networking system identity authentication method includes the non-networking system dynamic password generation method according to any embodiment. The identity authentication method of the non-networking system specifically comprises the following steps:
s710, acquiring a login password generated by the remote terminal equipment, and inputting the login password into the operation terminal equipment.
The operator needs to acquire the login password generated by the remote terminal device through a remote customer service center personnel, and input the acquired login password into the operation terminal device.
S720, the operation terminal equipment acquires the using time length of the setting menu according to the login password.
Specifically, the login password generated by the remote terminal device is generated based on the time length of the operator needing to authorize access to the protected debugging page/menu, so that the use time length of the operator setting menu, namely the time length of the operator authorizing access to the protected debugging page/menu, can be accurately obtained according to the login password, and information leakage or important information tampering caused by overlong stay time in the debugging page/menu and forgetting to close the debugging page/menu can be prevented when the operator debugs information in the page/menu.
S730, the operation terminal equipment verifies whether the input login password is correct.
Specifically, the login password is a key for opening the set menu authority, so the operation end device needs to verify whether the input login password is correct, so as to determine whether to open the set menu authority of the operation end device
And S740, if the input login password is correct, the operation terminal equipment starts the set menu permission, records the starting time of the set menu permission, and closes the set menu permission until the starting time of the set menu permission is equal to the using time of the set menu.
Fig. 10 is a schematic flow chart of a method for obtaining, by an operation end device, a usage duration of a setting menu according to a login password according to an embodiment of the present invention, where, on the basis of the foregoing embodiment, steps of the method for obtaining, by the operation end device, the usage duration of the setting menu according to the login password are further elaborated and described:
s810, acquiring a first parameter according to the login password.
The first parameter is a part of digits of the login password, for example, the first parameter is the middle two digits of the login password, and the middle two digits of the login password are the first parameter. If the login password is 120988, the first parameter is 09.
S820, the use time length of the setting menu is equal to the difference between the first parameter and the sixth threshold multiplied by 24.
Here, the use duration of the setting menu= (first parameter-sixth threshold value) ×24h. If the first parameter is 09 and the sixth threshold is 2, the use duration of the menu is set to = (9-2) ×24=168 h.
Fig. 11 is a schematic flow chart of a method for verifying whether a login password is correct by an operation end device according to an embodiment of the present invention, and on the basis of the above embodiment, the steps of the method for verifying whether the login password is correct by the operation end device are further elaborated.
S910, generating a check code and a first authentication code according to the login password.
Specifically, the check code is equal to the sum of the first parameter obtained from the login password and the seventh threshold. The first authentication code is a digital string which is sequentially formed by the difference between the second parameter and the eighth threshold value which are acquired according to the login password, the difference between the second parameter and the ninth threshold value which are acquired according to the login password and the third parameter which is acquired according to the login password.
The first parameter, the second parameter and the third parameter are all part of digits of the login password, for example, the first parameter may be the middle two digits of the login password, the second parameter may be the right two digits of the login password, and the third parameter may be the left two digits of the login password. If the login password is: ABCDEF, the first parameter is CD, the second parameter is EF, and the third parameter is AB. The check code is: the cd+seventh threshold, the first authentication code is: (EF-eighth threshold) (EF-ninth threshold) AB.
Illustratively, if the login password is: 120988, the seventh threshold is 3, the eighth threshold is 9, the ninth threshold is 46, the first parameter is 09, the second parameter is 88, the third parameter is 12, the check code is 12, and the first authentication code is 794212.
S920, generating a second authentication code according to the authorization code and the check code.
Wherein the second authentication code is composed of an authorization code and a check code in sequence, and if the authorization code is 7942 and the check code is 12, the second authentication code is 794212
S930, judging whether the first authentication code is equal to the second authentication code; if yes, then execute S940; if not, then S950 is performed.
S940, the login password is correct.
S950, a login password error.
Fig. 12 is a flow chart of another non-networking system identity authentication method according to an embodiment of the present invention, where the non-networking system identity authentication method specifically includes the following steps:
s101, acquiring a login password generated by the remote terminal equipment, and inputting the login password into the operation terminal equipment.
S102, the operation terminal equipment acquires the using time length of the setting menu according to the login password.
S103, the operation end equipment verifies whether the input login password is correct.
And S104, if the input login password is correct, the operation terminal equipment starts the set menu permission, records the starting time of the set menu permission, and closes the set menu permission until the starting time of the set menu permission is equal to the using time of the set menu.
S105, if the input login password is wrong, the operation end device prompts 'password input wrong', and the number of errors of continuously inputting the login password is calculated.
S106, if the error times of continuously inputting the login password is larger than the preset times, the operation end equipment changes the login password, and the authorization code is changed into a regenerated authorization code.
S107, the operation terminal equipment displays a prompt: the number of password input errors overruns-! Please regenerate the authorization code and apply for the password.
Fig. 13 is a flow chart of another non-networking system identity authentication method according to an embodiment of the present invention, where the non-networking system identity authentication method specifically includes the following steps:
1) And the operator applies to the remote customer service center and provides application information. The application information comprises a date and an authorized duration of the debugging equipment; or after the operation end equipment is started, a login page appears on a touch screen of the operation end equipment, an operator continuously presses the position of a hidden operation area of a login password prompt box and obtains an authorization code when the hidden operation area meets the preset time, on-site operators record the authorization code, evaluate the time length of the debugging page/menu which needs to be authorized to be accessed, and connect with remote customer service center personnel.
2) And the remote customer service center personnel inputs the application information provided by the operator into the remote terminal equipment according to the application information of the operator, and the remote terminal equipment generates a login password according to a specific rule.
3) The remote terminal equipment receives the application information of the operator input by the remote customer service center personnel, acquires date information (current date or application date) according to the application information, acquires the authorization time, generates a login password, and displays the login password.
4) The remote customer service center personnel provides the login password generated by the remote terminal equipment for the operator who applies for.
5) The method comprises the steps that an operation terminal device receives a login password input by an operator, demodulates the authorization time according to the equal-green password, verifies the login password (authentication code contrast), starts a set menu authority after the login password is verified to be correct, records the start time of the set menu authority, sets the start time of the menu authority to be equal to the authorization time, and finishes access.
It should be appreciated that various forms of the flows shown above may be used to reorder, add, or delete steps. For example, the steps described in the present invention may be performed in parallel, sequentially, or in a different order, so long as the desired results of the technical solution of the present invention are achieved, and the present invention is not limited herein.
The above embodiments do not limit the scope of the present invention. It will be apparent to those skilled in the art that various modifications, combinations, sub-combinations and alternatives are possible, depending on design requirements and other factors. Any modifications, equivalent substitutions and improvements made within the spirit and principles of the present invention should be included in the scope of the present invention.

Claims (10)

1. The method for generating the dynamic password of the non-networking system is characterized in that the non-networking system comprises an operation terminal device and a remote terminal device;
the method for generating the dynamic password of the non-networking system comprises the following steps:
the operation terminal equipment generates an authorization code and an authorization code according to the current date and the current time, stores the authorization code and displays the authorization code;
the remote terminal equipment generates a login password according to the authorization code, the current time and the authorization time length, and displays the login password; or the remote terminal equipment generates a login password according to the application date and the authorization time length and displays the login password.
2. The method for generating dynamic passwords of a non-networked system according to claim 1, wherein the method for generating the authorization code and the authorization password by the operation terminal device according to the current date and the current time comprises the following steps:
acquiring a current day number according to the current date, and acquiring a current second number according to the current time;
generating the authorization code according to the current day number and the current second number;
and generating the authorization password according to the current day number.
3. The method of generating a dynamic password for a non-networked system according to claim 2, wherein the method of generating the authorization code according to the current day number and the current seconds comprises:
calculating the sum of the current day number and the current second number;
combining the current second number, the current day number and the sum of the current second number sequentially to generate the authorization code;
the method for generating the authorization password according to the current day number comprises the following steps:
calculating the sum of the current day number and a first threshold value, and calculating the sum of the current day number and a second threshold value;
and sequentially combining the sum of the current day number and the first threshold value and the sum of the current day number and the second threshold value to generate the authorization password.
4. The method for generating dynamic passwords of a non-networked system according to claim 1, wherein the method for generating login passwords by the remote terminal device according to the authorization code, the current time and the authorization time length comprises the following steps:
acquiring the last two digits of the authorization code and the current second of the current time;
calculating the difference between the last two digits of the authorization code and the seconds of the current time to obtain the current day number;
calculating the sum of the authorization time length and a third threshold value, the difference between the authorization time length and a fourth threshold value and the sum of the current day number and a fifth threshold value;
and sequentially combining the sum of the authorization time length and the third threshold value, the difference of the authorization time length and the fourth threshold value and the sum of the current day number and the fifth threshold value to generate the login password.
5. The method for generating a dynamic password of a non-networked system according to claim 1, wherein the method for generating a login password by the remote terminal device according to the current time and the authorization time length comprises the following steps:
acquiring a current day number according to the current date;
calculating the sum of the authorization time length and a third threshold value, the difference between the authorization time length and a fourth threshold value and the sum of the current day number and a fifth threshold value;
and sequentially combining the sum of the authorization time length and the third threshold value, the difference of the authorization time length and the fourth threshold value and the sum of the current day number and the fifth threshold value to generate the login password.
6. The method for generating dynamic passwords of a non-networked system according to claim 1, wherein before the operation end device generates and stores the authorization code and the authorization password according to the current date and the current time, further comprising:
clicking a hidden button of a login page of the operation terminal device, wherein the time for clicking the hidden button is longer than the preset time.
7. A non-networking system identity authentication method, which is characterized by comprising the non-networking system dynamic password generation method according to claims 1-3;
acquiring the login password generated by the remote terminal equipment and inputting the login password into the operation terminal equipment;
the operation terminal equipment acquires the using time length of the setting menu according to the login password;
the operation terminal equipment verifies whether the input login password is correct;
if the input login password is correct, the operation terminal equipment starts a set menu permission, records the starting time of the set menu permission, and closes the set menu permission until the starting time of the set menu permission is equal to the using time of the set menu.
8. The method for authenticating the identity of the non-networked system according to claim 7, wherein the method for obtaining the use duration of the setting menu by the operation terminal device according to the login password comprises the following steps:
acquiring a first parameter according to the login password;
the set-up menu has a use-time length equal to the difference between the first parameter and a sixth threshold multiplied by 24.
9. The method for authenticating an identity of a non-networked system according to claim 7, wherein the method for verifying whether the login password is correct by the operation terminal device comprises:
generating a check code and a first authentication code according to the login password;
generating a second authentication code according to the authorization code and the check code;
judging whether the first authentication code is equal to the second authentication code;
if yes, the login password is correct;
if not, the login password is wrong.
10. The non-networked system identity authentication method of claim 7, further comprising:
if the input login password is wrong, the operation terminal equipment prompts that the password is input wrong, and calculates the error times of continuously inputting the login password;
if the error times of continuously inputting the login password is larger than the preset times, the operation end equipment changes the login password, and the authorization code is changed into a regenerated authorization code;
the operation terminal equipment displays a prompt: the number of password input errors overruns-! Please regenerate the authorization code and apply for the password.
CN202211571506.9A 2022-12-08 2022-12-08 Dynamic password generation method of non-networking system and identity authentication method of non-networking system Active CN116055036B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211571506.9A CN116055036B (en) 2022-12-08 2022-12-08 Dynamic password generation method of non-networking system and identity authentication method of non-networking system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211571506.9A CN116055036B (en) 2022-12-08 2022-12-08 Dynamic password generation method of non-networking system and identity authentication method of non-networking system

Publications (2)

Publication Number Publication Date
CN116055036A true CN116055036A (en) 2023-05-02
CN116055036B CN116055036B (en) 2024-03-12

Family

ID=86132135

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211571506.9A Active CN116055036B (en) 2022-12-08 2022-12-08 Dynamic password generation method of non-networking system and identity authentication method of non-networking system

Country Status (1)

Country Link
CN (1) CN116055036B (en)

Citations (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100083370A1 (en) * 2008-09-26 2010-04-01 Mitac Technology Corp. System and method for dynamic cypher authentication
US8484482B1 (en) * 2011-03-07 2013-07-09 Sprint Communications Company L.P. Password generation and validation system and method
CN107733650A (en) * 2016-08-11 2018-02-23 中国二十冶集团有限公司 The dynamic setting method of account password
CN109561159A (en) * 2018-12-28 2019-04-02 厦门中控生物识别信息技术有限公司 A kind of data processing method and system based on Websocket long connection
CN109741500A (en) * 2018-12-29 2019-05-10 北京方正数码有限公司 A kind of setting of the temporary password of smart lock and its verification method
CN109886014A (en) * 2019-02-28 2019-06-14 上海龙旗科技股份有限公司 A kind of method and apparatus logging in testing tool
CN110022326A (en) * 2019-04-19 2019-07-16 上海法诺光电技术有限公司 A kind of Internet of Things cipher authentication method using cipher table synchronization
CN110519056A (en) * 2019-10-11 2019-11-29 广东虹勤通讯技术有限公司 A kind of login method, method for generating cipher code and its relevant apparatus
CN111159657A (en) * 2019-11-22 2020-05-15 深圳智链物联科技有限公司 Application program authentication method and system
CN113656775A (en) * 2021-08-19 2021-11-16 广东好太太智能家居有限公司 Offline password verification method and system with expiration date and intelligent lock
CN113689610A (en) * 2021-08-31 2021-11-23 深圳指芯物联技术有限公司 Off-line authorization method and system for rental period password of rental house tenant
CN114117376A (en) * 2022-01-28 2022-03-01 蘑菇物联技术(深圳)有限公司 Identity authentication method, method for distributing dynamic password and corresponding equipment
CN114299636A (en) * 2020-09-22 2022-04-08 云丁网络技术(北京)有限公司 Method and apparatus for processing device offline password
CN114339742A (en) * 2021-12-27 2022-04-12 深圳市国电科技通信有限公司 Offline SSH login authentication method and device based on security chip and terminal
CN115223281A (en) * 2022-07-19 2022-10-21 中国核电工程有限公司 Access control system and access control method

Patent Citations (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100083370A1 (en) * 2008-09-26 2010-04-01 Mitac Technology Corp. System and method for dynamic cypher authentication
US8484482B1 (en) * 2011-03-07 2013-07-09 Sprint Communications Company L.P. Password generation and validation system and method
CN107733650A (en) * 2016-08-11 2018-02-23 中国二十冶集团有限公司 The dynamic setting method of account password
CN109561159A (en) * 2018-12-28 2019-04-02 厦门中控生物识别信息技术有限公司 A kind of data processing method and system based on Websocket long connection
CN109741500A (en) * 2018-12-29 2019-05-10 北京方正数码有限公司 A kind of setting of the temporary password of smart lock and its verification method
CN109886014A (en) * 2019-02-28 2019-06-14 上海龙旗科技股份有限公司 A kind of method and apparatus logging in testing tool
CN110022326A (en) * 2019-04-19 2019-07-16 上海法诺光电技术有限公司 A kind of Internet of Things cipher authentication method using cipher table synchronization
CN110519056A (en) * 2019-10-11 2019-11-29 广东虹勤通讯技术有限公司 A kind of login method, method for generating cipher code and its relevant apparatus
CN111159657A (en) * 2019-11-22 2020-05-15 深圳智链物联科技有限公司 Application program authentication method and system
CN114299636A (en) * 2020-09-22 2022-04-08 云丁网络技术(北京)有限公司 Method and apparatus for processing device offline password
CN113656775A (en) * 2021-08-19 2021-11-16 广东好太太智能家居有限公司 Offline password verification method and system with expiration date and intelligent lock
CN113689610A (en) * 2021-08-31 2021-11-23 深圳指芯物联技术有限公司 Off-line authorization method and system for rental period password of rental house tenant
CN114339742A (en) * 2021-12-27 2022-04-12 深圳市国电科技通信有限公司 Offline SSH login authentication method and device based on security chip and terminal
CN114117376A (en) * 2022-01-28 2022-03-01 蘑菇物联技术(深圳)有限公司 Identity authentication method, method for distributing dynamic password and corresponding equipment
CN115223281A (en) * 2022-07-19 2022-10-21 中国核电工程有限公司 Access control system and access control method

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
ZHEN-YU WU等: "A Reliable Dynamic User-Remote Password Authentication Scheme over Insecure Network", 2012 26TH INTERNATIONAL CONFERENCE ON ADVANCED INFORMATION NETWORKING AND APPLICATIONS WORKSHOPS, 19 April 2012 (2012-04-19) *
康海燕;张仰森;: "基于网络隐私保护的动态密码研究", 北京信息科技大学学报(自然科学版), no. 02 *
落红卫: "移动互联网身份认证关键技术研究", 《中国博士学位论文全文数据库》, 31 May 2021 (2021-05-31) *

Also Published As

Publication number Publication date
CN116055036B (en) 2024-03-12

Similar Documents

Publication Publication Date Title
CN109272617B (en) Unlocking verification method, server, door lock, electronic device and storage medium
US9580295B2 (en) Systems and methods for fuel dispenser security
CA2930171C (en) Systems and methods for fuel dispenser security
CN105119931A (en) Application logging method and application logging system
KR101742900B1 (en) Secure automatic authorized access to any application through a third party
US20150143124A1 (en) Systems and methods for fuel dispenser security
CN111415443A (en) Remote unlocking method and device
CN116055036B (en) Dynamic password generation method of non-networking system and identity authentication method of non-networking system
CN104837159A (en) OAuth protocol misuse security detection method on Android platform
WO2000016190A9 (en) Apparatus and methods for unlocking password protected software systems to recover master password
CN108259163A (en) The authorization method of terminal device
CN109886014A (en) A kind of method and apparatus logging in testing tool
CN103441857A (en) Value-added service integration method and system for network television user
CN112351043A (en) Vehicle navigation factory setting password management method and system
CN107872688A (en) The authorization data statistical method and system of a kind of functions of television set item
CN117241273A (en) Internet of vehicles card authentication method and device, electronic equipment and readable storage medium
CN105828322A (en) User login method, mobile terminal and safety center
CN112116997A (en) Method, device and system for remote diagnosis, electronic equipment and computer readable storage medium
CN111984961B (en) Password resetting system, method, device, equipment and storage medium
CN110738759A (en) fingerprint storage method, identity verification method, device and system
CN105471920A (en) Identifying code processing method and device
CN108259424B (en) Authorization verification method of terminal equipment
CN112579374B (en) System and method for secure debugging of embedded device
CN112865970B (en) Electronic test equipment and configuration method of matching function
CN112738103B (en) Information verification method and device and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant