CN103812651A - Password authentication method, device and system - Google Patents

Password authentication method, device and system Download PDF

Info

Publication number
CN103812651A
CN103812651A CN201210453453.0A CN201210453453A CN103812651A CN 103812651 A CN103812651 A CN 103812651A CN 201210453453 A CN201210453453 A CN 201210453453A CN 103812651 A CN103812651 A CN 103812651A
Authority
CN
China
Prior art keywords
password
user
module
bill
authentication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201210453453.0A
Other languages
Chinese (zh)
Other versions
CN103812651B (en
Inventor
向坤
秦雷
郭计伟
袁丽娜
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Tencent Computer Systems Co Ltd
Original Assignee
Shenzhen Tencent Computer Systems Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Tencent Computer Systems Co Ltd filed Critical Shenzhen Tencent Computer Systems Co Ltd
Priority to CN201210453453.0A priority Critical patent/CN103812651B/en
Publication of CN103812651A publication Critical patent/CN103812651A/en
Application granted granted Critical
Publication of CN103812651B publication Critical patent/CN103812651B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Abstract

The invention discloses a password authentication method, device and system and belongs to the internet terminal system. The password authentication method comprises receiving an authentication bill which comprises user identification, service identification and a password which is corresponding to a combination of the user identification and the service identification; inquiring a pre-stored password according to the user identification and the service identification; detecting whether the password in the authentication bill is identical with the inquired password or not; passing the authentication if the two passwords are identical. The password authentication method has the advantages of solving the safety problem caused by the fact that multiple services share a group of user names and passwords and achieving the effect that if one password of a user is exposed, potential safety hazards are brought to only one service but not brought to other services due to the fact that the password authentication process is achieved through a plurality of passwords which are corresponding to the user identification and different service systems.

Description

Method of password authentication, Apparatus and system
Technical field
The present invention relates to internet terminal field, particularly a kind of method of password authentication, Apparatus and system.
Background technology
The Internet mostly provides service for user.In the time that needs carry out authentication to user, with username and password be one of most popular means.
Because present internet, applications is diversified development, same ISP may provide multiple different Internet service simultaneously, such as: service that mailbox, search, instant messaging, notes and cloud are synchronous etc.In order to simplify user's operation, to improve user and experience, existing ISP, in the time that many services is provided, only needs user to use one group of identical username and password just can use whole services.That is to say, when user is after a certain ISP registers, all services that can use this group username and password of registration to login arbitrarily and use this ISP to provide.
Realizing in process of the present invention, inventor finds that prior art at least exists following problem: provide users with the convenient although multinomial service shares one group of username and password, but be very easy to occur safety issue, once this group username and password is revealed, all can there is potential safety hazard in all services that user uses.
Summary of the invention
Share one group of safety issue that username and password causes in order to solve multinomial service, the embodiment of the present invention provides a kind of method of password authentication, Apparatus and system.Described technical scheme is as follows:
According to an aspect of the present invention, provide a kind of method of password authentication, described method comprises:
Receipt Validation bill, described checking bill comprises user ID, service identifiers and the password corresponding with the combination of described user ID and service identifiers;
Inquire about pre-stored password according to described user ID and described service identifiers;
Whether the password that detects the password in described checking bill and inquire is identical;
If detect, two passwords are identical, are verified.
Further, in described checking bill, also comprise one or more in timestamp, user's current IP address and identifying code,
Detect that if described two passwords are identical, before being verified, also comprise:
Whether the timestamp, user's current IP address and/or the identifying code that detect in described checking bill all conform to a predetermined condition, and IP address, the identifying code of described identifying code for providing in advance when described timestamp meets predetermined amount of time, described user's current IP address and meets last checking is provided described predetermined condition;
Detect that if described two passwords are identical, be verified, specifically comprise:
If detect when timestamp, user's current IP address and/or identifying code in the identical and described checking bill of two passwords all conforms to a predetermined condition, be verified.
Further, timestamp, user's current IP address and/or identifying code in described checking bill are to utilize described password to carry out the ciphertext after reversible encryption as key, before whether timestamp, user's current IP address and/or the identifying code in the described checking bill of described detection all conforms to a predetermined condition, also comprise:
Utilize the password in described checking bill as key, other data in described checking bill to be decrypted, obtain described timestamp, user's current IP address and/or identifying code.
Further, the password in described checking bill and described pre-stored password are the ciphertext of encrypting by irreversible encryption mode, before described Receipt Validation bill, also comprise:
Receive user ID and service identifiers;
Inquire about whether pre-stored have corresponding password and cipher mode according to described user ID and service identifiers;
Inquiring pre-storedly while having corresponding password and cipher mode, feed back described cipher mode.
Further, detect that if described two passwords are identical, after being verified, also comprise:
Receive first password management request, described first password management request comprises delete instruction or modify instruction;
According to described first password management request, described password is deleted or revised.
Further, before described Receipt Validation bill, also comprise:
Corresponding relation between storage user ID, service identifiers and the password corresponding with the combination of described user ID and service identifiers;
Wherein, corresponding one or more service identifiers of user ID, the number of password corresponding to the combination of described and described user ID and service identifiers is identical with the number of described service identifiers.
Further, described corresponding relation also stores the authentication bill corresponding with described user ID, described authentication bill comprises the authentication information that mailbox authentication mode, certificate verification mode, dynamic password authentication mode or default problem authentication mode produce, described method, also comprises:
Receive user ID, authentication bill and the second Password Management request, described the second Password Management request comprises a kind of instruction in service identifiers and delete instruction and modify instruction;
Inquire about the authentication bill corresponding with described user ID;
Whether the authentication bill that detection receives is identical with the authentication bill inquiring;
If two authentication bills are identical, delete or revise according to described the second Password Management request pair password corresponding with described service identifiers.
According to a further aspect in the invention, provide a kind of password authentication device, described device comprises:
Checking receiver module, for Receipt Validation bill, described checking bill comprises user ID, service identifiers and the password corresponding with the combination of described user ID and service identifiers;
Cipher inquiry module, inquires about pre-stored password for the user ID and the service identifiers that receive according to described checking receiver module;
Password detection module, whether the password that the password in the checking bill receiving for detection of described checking receiver module and described cipher inquiry module inquire is identical;
Password authentication module, if detect that for described password detection module two passwords are identical, is verified.
Further, in the checking bill that described checking receiver module receives, also comprise one or more in timestamp, user's current IP address and identifying code,
Described device, also comprises: additional detected module;
Described additional detected module, whether all conform to a predetermined condition for detection of the timestamp in described checking bill, user's current IP address and/or identifying code, IP address, the identifying code of described identifying code for providing in advance when described timestamp meets predetermined amount of time, described user's current IP address and meets last checking is provided described predetermined condition;
Described password authentication module, if when detecting that timestamp, user's current IP address and/or identifying code in the identical and described checking bill of two passwords all conforms to a predetermined condition, is verified.
Further, timestamp, user's current IP address and/or identifying code in the checking bill that described checking receiver module receives are to utilize described password to carry out the ciphertext after reversible encryption as key;
Described device, also comprises: checking deciphering module;
Described checking deciphering module, is decrypted other data in described checking bill as key for the password that utilizes described checking bill, obtains described timestamp, user's current IP address and/or identifying code.
Further, password and described pre-stored password in the checking bill that described checking receiver module receives are the ciphertext of encrypting by irreversible encryption mode;
Described device, also comprises: mark receiver module, encrypted query module and encryption feedback module;
Described mark receiver module, for receiving user ID and service identifiers;
Described encrypted query module, inquires about whether pre-stored have corresponding password and cipher mode for the user ID and the service identifiers that receive according to described mark receiver module;
Described encryption feedback module, pre-stored while having corresponding password and cipher mode for inquiring in described encrypted query module, feed back described cipher mode.
Further, described device, also comprises: the first request receiving module and first password administration module;
Described the first request receiving module, for receiving first password management request, described first password management request comprises delete instruction or modify instruction;
Described first password administration module, deletes or revises described password for the first password management request receiving according to described the first request receiving module.
Further, described device, also comprises: relationship storage module;
Described relationship storage module, for storing the corresponding relation between user ID, service identifiers and the password corresponding with the combination of described user ID and service identifiers;
Wherein, corresponding one or more service identifiers of user ID, the number of password corresponding to the combination of described and described user ID and service identifiers is identical with the number of described service identifiers.
Further, described corresponding relation also stores the authentication bill corresponding with described user ID, described authentication bill comprises the authentication information that mailbox authentication mode, certificate verification mode, dynamic password authentication mode or default problem authentication mode produce, described device, also comprises: the second request receiving module, bill enquiry module, bill detection module and the second Password Management module;
Described the second request receiving module, for receiving user ID, authentication bill and the second Password Management request, described the second Password Management request comprises a kind of instruction in service identifiers and delete instruction and modify instruction;
Described bill enquiry module, for inquiring about authentication bill corresponding to user ID receiving with described the second request receiving module;
Described bill detection module, whether the authentication bill that the authentication bill receiving for detection of described the second request receiving module and described bill enquiry module inquire is identical;
Described the second Password Management module, if identical for two authentication bills, delete or revises according to described the second Password Management request pair password corresponding with described service identifiers.
In accordance with a further aspect of the present invention, provide a kind of service system, having comprised:
Password acquisition module, for obtaining user ID and the password of user under current service system;
Checking sending module, for send checking bill to password authentication device, described checking bill comprises user ID, for identifying the service identifiers of current service system and the described password corresponding with the combination of described user ID and service identifiers, so that described password authentication device carries out password authentification according to described checking bill.
Further, described system also comprises:
Acquisition of information module;
Described acquisition of information module, for one or more of acquisition time stamp, user's current IP address and identifying code;
Described checking sending module, specifically for send checking bill to described password authentication device, described checking bill also comprises timestamp, user's current IP address and/or the identifying code that described acquisition of information module gets.
Further, described system also comprises:
Bill encrypting module;
Described bill encrypting module, for utilizing timestamp, user's current IP address and/or the identifying code that password that described password acquisition module obtains gets described acquisition of information module as key to carry out reversible encryption, obtains the ciphertext after reversible encryption;
Described checking sending module, specifically for send checking bill to described password authentication device, described checking bill also comprises and utilizes described password, as key, described timestamp, user's current IP address and/or identifying code are carried out to the ciphertext after reversible encryption.
Further, described system, also comprises:
Mark sending module, encryption receiver module and cryptographic module;
Described mark sending module, for sending user ID and service identifiers to described password authentication device;
Described encryption receiver module, for receiving described password authentication device according to the cipher mode of feedback after described user ID and service identifiers inquiry;
Described cryptographic module, the password described password acquisition module being got for the cipher mode receiving according to described encryption receiver module carries out irreversible encryption;
Described checking sending module, specifically for send checking bill to described password authentication device, described checking bill comprises the password after described cryptographic module is encrypted.
Further, described system also comprises: the first command reception module and the first request sending module;
Described the first command reception module, for receiving user's delete instruction or modify instruction;
Described the first request sending module, for send first password management request to described password authentication device, described first password management request comprises described delete instruction or modify instruction.
Further, described system also comprises: authentication module and the second request sending module;
Described authentication module, for obtaining user's user ID and authentication bill, described authentication bill comprises the authentication information that mailbox authentication mode, certificate verification mode, dynamic password authentication mode or default problem authentication mode produce;
Described the second request sending module, for sending described user ID, authentication bill and the second Password Management request to described password authentication device, described the second Password Management request comprises a kind of instruction in service identifiers and delete instruction and modify instruction.
Also on the one hand provide a kind of password validation system according to of the present invention, comprised that one as described on the other hand password authentication device, and at least one service system as described in one side again.
The beneficial effect that the technical scheme that the embodiment of the present invention provides is brought is:
By adopt a user ID and from different service systems respectively corresponding multiple passwords complete password authentification process, solve multinomial service and shared one group of safety issue that username and password causes, even if having reached user's a password reveals, bring potential safety hazard also only can to the wherein safety of a service, and can not bring the effect of potential safety hazard to other service.
Accompanying drawing explanation
In order to be illustrated more clearly in the technical scheme in the embodiment of the present invention, below the accompanying drawing of required use during embodiment is described is briefly described, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skills, do not paying under the prerequisite of creative work, can also obtain according to these accompanying drawings other accompanying drawing.
Fig. 1 is the structural representation of the related a kind of implementation environment of the embodiment of the present invention;
Fig. 2 is the method flow diagram of the method for password authentication that provides of the embodiment of the present invention one;
Fig. 3 is the method flow diagram of the method for password authentication that provides of the embodiment of the present invention two;
Fig. 4 is the block diagram of the password validation system that provides of the embodiment of the present invention three;
Fig. 5 is the block diagram of the password validation system that provides of the embodiment of the present invention four;
Fig. 6 is the block diagram of the password validation system that provides of the embodiment of the present invention five;
Fig. 7 is the block diagram of the password validation system that provides of the embodiment of the present invention six.
Embodiment
For making the object, technical solutions and advantages of the present invention clearer, below in conjunction with accompanying drawing, embodiment of the present invention is described further in detail.
Please refer to Fig. 1, it shows the structural representation of the related a kind of implementation environment of the embodiment of the present invention.This implementation environment comprises a password authentication device 120 and multiple service system 140.
Multiple passwords can be safeguarded, manage and be verified to password authentication device 120.Specifically, password authentication device 120 can be safeguarded separately a user ID to each user, then all safeguard separately a password corresponding to different service system 140, such as, service system 140 has 5, if user has used whole 5 services, user can have 1 user ID and 5 passwords corresponding to different service systems 140; If user has only used 2 services, user has 1 user ID and 2 passwords corresponding to different service systems 140.
Service system 140 can be two or more, and the service that each service system 140 provides is different, such as, first service system 140 provides mailbox service; Second service system 140 provides instant messaging service; The 3rd service system 140 provides microblogging service,,,,, by that analogy, repeat no more.
Embodiment mono-
Please refer to Fig. 2, it shows the method flow diagram of the method for password authentication that the embodiment of the present invention one provides.This method of password authentication can be in password authentication device as shown in Figure 1, and this method of password authentication, comprising:
Step 202, Receipt Validation bill, checking bill comprises user ID, service identifiers and the password corresponding with the combination of user ID and service identifiers;
Wherein, service identifiers is the mark corresponding to service system.
Step 204, inquires about pre-stored password according to user ID and service identifiers;
Step 206, whether the password in detection validation bill is identical with the password inquiring;
Step 208, if detect, two passwords are identical, are verified.
In sum, the method of password authentication that the present embodiment provides, by adopt a user ID and from different service systems respectively corresponding multiple passwords complete password authentification process, solve multinomial service and shared one group of safety issue that username and password causes, even if having reached user's a password reveals, bring potential safety hazard also only can to the wherein safety of a service, and can not bring the effect of potential safety hazard to other service.
Embodiment bis-
Please refer to Fig. 3, it shows the method flow diagram of the method for password authentication that the embodiment of the present invention two provides.This method of password authentication can be in implementation environment as shown in Figure 1, and this method of password authentication, comprising:
Step 301, the corresponding relation between password authentication device storage user ID, service identifiers and the password corresponding with the combination of user ID and service identifiers;
Password authentication device can pre-stored user ID, corresponding relation between service identifiers and the password corresponding with the combination of user ID and service identifiers, wherein, corresponding one or more service identifiers of user ID, the number of password corresponding with the combination of user ID and service identifiers is identical with the number of service identifiers.This storing process can carry out at user registration course, and can adopt database to store.As an example, above-mentioned corresponding relation can be divided into two form stores, specific as follows:
User ID Service identifiers 1 Service identifiers 2 Service identifiers 3
User1 App1 App2 App3
User2 App2 App4
User3 App5
Table 1
User ID Service identifiers Cipher mode Password ciphertext Creation-time
User1 App1 md5^2 enc_passwd1 2012/3/21
User1 App2 md5^2salt enc_passwd2 2012/3/21
User1 App3 md5^3 enc_passwd3 2012/3/21
User2 App2 md5^3salt enc_passwd4 2012/4/01
User2 App4 md5^3 enc_passwd5 2012/5/12
User3 App5 md5^3 enc_passwd6 2012/11/11
Table 2
Wherein, table 1 is USI user service information table, store user's user ID and the corresponding service identifiers of service system that user uses, such as, user 1 user ID is 1, the service system of its use comprises service system 1, service system 2 and service system 3, corresponds respectively to service identifiers App1, App2 and App3.Table 2 item is user password information table, stores user's user ID, service identifiers, cipher mode, password and the creation-time corresponding with the combination of user ID and service identifiers.
Preferably, in order to guarantee also cannot oppositely to decrypt original password after user data is stolen, original password all adopts irreversible encryption mode to be encrypted rear storage, corresponding irreversible encryption mode is the cipher mode of storage in table 2, and the corresponding password of different service identifiers can adopt different cipher modes.
Implement under scene at other, this corresponding relation can also store the authentication bill corresponding with user ID, and authentication bill comprises the authentication information that other Verification System such as mailbox authentication mode, certificate verification mode, dynamic password authentication mode or default problem authentication mode produces.
Step 302, service system is obtained user ID and the password of user under current service system;
In the time that user uses certain service system, service system can be obtained user ID and the password that user inputs or preserves under current service system, such as, the user ID that service system 1 gets is User1, password is enc_passwd1.
Then, service system can be first sends user ID and represents self service identifiers to password authentication device.
Step 303, password authentication device receives user ID and service identifiers;
Password authentication device can receive user ID and the service identifiers that service system sends, such as, the user ID receiving is User1, service identifiers is App1.
Step 304, password authentication device is inquired about whether pre-stored have corresponding password and cipher mode according to user ID and service identifiers;
Password authentication device can be inquired about whether pre-stored have cipher mode and corresponding password according to the user ID receiving and service identifiers, such as, the user ID that password authentication device receives is User1, service identifiers is App1, and password authentication device can inquire and have corresponding cipher mode md5^2 and password enc_passwd1.
Step 305, password authentication device inquire pre-stored while having corresponding password and cipher mode, feedback cipher mode;
Password authentication device, in the time inquiring corresponding cipher mode, feeds back this cipher mode to service system, such as, password authentication device feeds back cipher mode md5^2 to service system 1.
It should be noted that, if password authentication device is inquired about less than cipher mode and corresponding password in step 304, such as, the user ID that password authentication device receives is User3, service identifiers is App1, and password authentication device is inquired about less than cipher mode and corresponding password; Now, password authentication device can feedback query failure information, and service system, after receiving this query failure message, can trigger user and register under current service system.
Step 306, service system is carried out irreversible encryption according to the cipher mode receiving to password;
After service system receives the cipher mode of password authentication device feedback, can carry out irreversible encryption according to the cipher mode receiving to the user's who gets in step 302 password.
Through after the processing of this step, service system by password authentication device transmission be the password ciphertext after irreversible encryption, even if transmitting procedure is monitored or intercept, other people also cannot oppositely decrypt user's password.
Step 307, one or more of service system acquisition time stamp, user's current IP address and identifying code;
In order to complete more accurately password authentification process, service system can also be obtained active user's additional essential information, and this additional essential information can comprise timestamp, one or more in user's current IP address and identifying code.
Step 308, service system utilizes password, as key, timestamp, user's current IP address and/or identifying code are carried out to reversible encryption, obtains the ciphertext after reversible encryption;
Service system can also adopt the password after encryption in step 306 as key, the timestamp getting in step 307, user's current IP address and/or identifying code to be carried out to reversible encryption, obtains the ciphertext after reversible encryption.This reversible encryption mode can be service system and the password authentication device cipher mode of agreement in advance.
Afterwards, timestamp, user's current IP address and/or identifying code in password in step 306 after irreversible encryption, this step after reversible encryption, will be jointly as the checking bill for identifying user identity.
Service system sends this checking bill to password authentication device.
Step 309, password authentication device Receipt Validation bill;
Password authentication device can receive the checking bill that service system sends.In this checking bill, include user ID, service identifiers, password after irreversible encryption, and utilize the password after this irreversible encryption, as key, timestamp, user's current IP address and/or identifying code are carried out to the ciphertext after reversible encryption.
Step 310, password authentication device is inquired about pre-stored password according to user ID and service identifiers;
Password authentication device is inquired about from the password of having stored in step 301 according to user ID and service identifiers.
Step 311, whether the password in password authentication device detection validation bill is identical with the password inquiring;
Whether the password of password authentication device in can detection validation bill be identical with the password inquiring.
In execution step 310 and step 311, on the other hand:
Step 312, the password in password authentication device utilization checking bill is decrypted other data in checking bill as key, obtains timestamp, user's current IP address and/or identifying code;
Password authentication device can also utilize the password in checking bill as key, other data except password in checking bill to be decrypted, and obtains timestamp, user's current IP address and/or identifying code.
Step 313, whether timestamp, user's current IP address and/or identifying code in password authentication device detection validation bill all conform to a predetermined condition,
Wherein, IP address, the identifying code of identifying code for providing in advance when timestamp meets predetermined amount of time, user's current IP address and meets last checking is provided predetermined condition.
Eachly judging separately in timestamp, user's current IP address and/or the identifying code of password authentication device after to deciphering, judges whether it conforms to a predetermined condition.
Step 314, if detect when timestamp, user's current IP address and/or identifying code in the identical and checking bill of two passwords all conforms to a predetermined condition, is verified;
Detect that at password authentication device two passwords are identical, and timestamp, user current IP address and/or the identifying code of checking in bill is while all conforming to a predetermined condition, is verified; Otherwise checking is not passed through.Password authentication device can send to service system by the result.
After being verified, the service function that user can normally use service system to provide.
Easily full of beard and, if user is after normally logging in, need to password be deleted or be revised, user can trigger delete instruction or modify instruction in service system.Now, service system receives user's delete instruction or modify instruction; And sending first password management request to password authentication device, this first password management request comprises delete instruction or modify instruction.
Step 315, password authentication device receives first password management request, and according to first password management request, password is deleted or revised;
Password authentication device can receive the first password management request that service system sends, and according to first password management request, password is deleted accordingly or revised.
It should be noted that, because current of user has carried out authentication under this service system, therefore first password management request is merely able to the corresponding password of this service system to delete or revise.
In the time that user uses service system and password authentication device, also may occur that a kind of situation is: user has forgotten the password under some or multiple service systems.Now, the present embodiment also provides extra mechanism to manage password.Specific as follows:
Step 316, service system is obtained user's user ID and authentication bill, and authentication bill comprises the authentication information that mailbox authentication mode, certificate verification mode, dynamic password authentication mode or default problem authentication mode produce;
Forget user under the scene of the password under some or multiple service systems, service system can be obtained user's user ID and authentication bill, and authentication bill comprises the authentication information that mailbox authentication mode, certificate verification mode, dynamic password authentication mode or default problem authentication mode produce.This process need service system and corresponding mailbox Verification System, certificate authentication system, dynamic password authentication system or default problem Verification System complete separately.After this authentication process success, service system can obtain the authentication information corresponding with this user ID.
After service system obtains the authentication information corresponding with this user ID, service system can send user ID, authentication bill and the second Password Management request to password authentication device, and the second Password Management request comprises a kind of instruction in service identifiers and delete instruction and modify instruction.
Step 317, password authentication device receives user ID, authentication bill and the second Password Management request;
Password authentication device can receive user ID, authentication bill and the second Password Management request that service system sends.
Step 318, the authentication bill that password authentication device inquiry is corresponding with user ID;
Password authentication device can be inquired about the authentication bill corresponding with user ID pre-stored in step 301.
Step 319, whether password authentication device detects the authentication bill receiving identical with the authentication bill inquiring;
Whether password authentication device detects the authentication bill receiving identical with the authentication bill inquiring, if two authentication bills are identical, also can represent that user's authentication is passed through.
Step 320, if password authentication device detects that two authentication bills are identical, deletes or revises according to the second Password Management request pair password corresponding with service identifiers.
Under the identical scene of two authentication bills, password authentication device can be deleted accordingly or revise password according to the second Password Management request.
It should be noted that, owing in fact having got around in such cases normal checking approach, other Verification System of converting is carried out authentication, so user is after the authentication completing in such cases, the second Password Management request can delete or revise the corresponding arbitrary password of this user ID.
In sum, the method of password authentication that the present embodiment provides, by adopt a user ID and from different service systems respectively corresponding multiple passwords complete password authentification process, solve multinomial service and shared one group of safety issue that username and password causes, even if having reached user's a password reveals, bring potential safety hazard also only can to the wherein safety of a service, and can not bring the effect of potential safety hazard to other service.Also, by optional irreversible encryption mode, guarantee the fail safe of password in the time of storage and transmission; Also verify essential information by increase, make proof procedure more accurate; Also, by optional reversible encryption mode, guarantee the fail safe of checking essential information in the time of transmission; Also, by increasing the support of other Verification Systems, guarantee the availability of whole password validation system when password passes into silence.
Embodiment tri-
Please refer to Fig. 4, it shows the block diagram of the password validation system that the embodiment of the present invention three provides.This password validation system comprises service system 400 and password authentication device 500.Wherein:
An aspect, service system 400 comprises password acquisition module 420 and checking sending module 440.
Password acquisition module 420, for obtaining user ID and the password of user under current service system;
Checking sending module 440, for sending checking bill to password authentication device 500, described checking bill comprises user ID that described password acquisition module 420 gets, for identifying the service identifiers of current service system and the described password corresponding with the combination of described user ID and service identifiers, so that described password authentication device 500 carries out password authentification according to described checking bill.
On the other hand, password authentication device 500, comprises checking receiver module 520, cipher inquiry module 540, password detection module 560 and password authentication module 580.
Checking receiver module 520, for Receipt Validation bill, described checking bill comprises user ID, service identifiers and the password corresponding with the combination of described user ID and service identifiers;
Cipher inquiry module 540, inquires about pre-stored password for the user ID and the service identifiers that receive according to described checking receiver module 520;
Password detection module 560, whether the password that the password in the checking bill receiving for detection of described checking receiver module 520 and described cipher inquiry module 540 inquire is identical;
Password authentication module 580, if detect that for described password detection module 560 two passwords are identical, is verified.
In sum, the password authentication device that the present embodiment provides, by adopt a user ID and from different service systems respectively corresponding multiple passwords complete password authentification process, solve multinomial service and shared one group of safety issue that username and password causes, even if having reached user's a password reveals, bring potential safety hazard also only can to the wherein safety of a service, and can not bring the effect of potential safety hazard to other service.
Embodiment tetra-
Please refer to Fig. 5, it shows the block diagram of the password validation system that the embodiment of the present invention four provides.This password validation system comprises service system 400 and password authentication device 500.
An aspect, service system 400 comprises password acquisition module 420, acquisition of information module 438 and checking sending module 440.
Password acquisition module 420, for obtaining user ID and the password of user under current service system;
Acquisition of information module 438, for one or more of acquisition time stamp, user's current IP address and identifying code;
Checking sending module 440, for send checking bills to password authentication device 500, described checking bill comprises user ID that described password acquisition module 420 gets, for identifying the service identifiers of current service system and the described password corresponding with the combination of described user ID and service identifiers.Described checking bill also comprises timestamp, user's current IP address and/or the identifying code that described acquisition of information module 438 gets.
On the other hand, password authentication device 500, comprises checking receiver module 520, cipher inquiry module 540, password detection module 560, additional detected module 570 and password authentication module 580.
Checking receiver module 520, for Receipt Validation bill, described checking bill comprises user ID, service identifiers and the password corresponding with the combination of described user ID and service identifiers; In the checking bill that described checking receiver module 520 receives, also comprise one or more in timestamp, user's current IP address and identifying code.
Cipher inquiry module 540, inquires about pre-stored password for the user ID and the service identifiers that receive according to described checking receiver module 520;
Password detection module 560, whether the password that the password in the checking bill receiving for detection of described checking receiver module 520 and described cipher inquiry module 540 inquire is identical;
Additional detected module 570, whether timestamp, user's current IP address and/or identifying code in the checking bill receiving for detection of described checking receiver module 520 all conform to a predetermined condition, and IP address, the identifying code of described identifying code for providing in advance when described timestamp meets predetermined amount of time, described user's current IP address and meets last checking is provided described predetermined condition;
Described password authentication module 580, if while detecting that for described password detection module 560 identical the and described additional detected module 570 of two passwords detects that timestamp, user's current IP address and/or the identifying code of checking bill all conform to a predetermined condition, be verified.
In sum, the password authentication device that the present embodiment provides, by adopt a user ID and from different service systems respectively corresponding multiple passwords complete password authentification process, solve multinomial service and shared one group of safety issue that username and password causes, even if having reached user's a password reveals, bring potential safety hazard also only can to the wherein safety of a service, and can not bring the effect of potential safety hazard to other service.Also verify essential information by increase, make proof procedure more accurate.
Embodiment five
Please refer to Fig. 6, it shows the block diagram of the password validation system that the embodiment of the present invention five provides.This password validation system comprises service system 400 and password authentication device 500.
An aspect, service system 400 comprises password acquisition module 420, mark sending module 432, encrypts receiver module 434, cryptographic module 436, acquisition of information module 438, bill encrypting module 439 and verify sending module 440.
Password acquisition module 420, for obtaining user ID and the password of user under current service system;
Mark sending module 432, for sending user ID and service identifiers to described password authentication device 500;
Encrypt receiver module 434, for receiving described password authentication device 500 according to the cipher mode of feedback after described user ID and service identifiers inquiry;
Described cryptographic module 436, the password described password acquisition module 420 being got for the cipher mode receiving according to described encryption receiver module 434 carries out irreversible encryption;
Acquisition of information module 438, for one or more of acquisition time stamp, user's current IP address and identifying code;
Bill encrypting module 439, the timestamp, user's current IP address and/or the identifying code that as key, described acquisition of information module 438 are got for the password utilizing after described cryptographic module 436 is encrypted carry out reversible encryption, obtain the ciphertext after reversible encryption.
Checking sending module 440, for send checking bills to password authentication device 500, described checking bill comprises user ID that described password acquisition module 420 gets, for identifying described password corresponding to the combination with described user ID and service identifiers after the service identifiers of current service system and described cryptographic module 436 are encrypted.Described checking bill also comprises that described bill encrypting module 439 utilizes the password after described encryption, as key, described timestamp, user's current IP address and/or identifying code are carried out to the ciphertext after reversible encryption.
On the other hand, password authentication device 500, comprises that mark receiver module 512, encrypted query module 514 encrypt feedback module 516, checking receiver module 520, cipher inquiry module 540, password detection module 560, checking deciphering module 565, additional detected module 570 and password authentication module 580.
Mark receiver module 512, for receiving user ID and service identifiers;
Encrypted query module 514, inquires about whether pre-stored have corresponding password and cipher mode for the user ID and the service identifiers that receive according to described mark receiver module 512;
Encrypt feedback module 516, pre-stored while having corresponding password and cipher mode for inquiring in described encrypted query module 514, feed back described cipher mode;
Checking receiver module 520, for Receipt Validation bill, described checking bill comprises user ID, service identifiers and the password corresponding with the combination of described user ID and service identifiers; The timestamp, user's current IP address and/or the identifying code that in the checking bill that described checking receiver module 520 receives, also comprise are to utilize described password to carry out the ciphertext after reversible encryption as key.Described password is the ciphertext of encrypting by irreversible encryption mode.
Cipher inquiry module 540, inquires about pre-stored password for the user ID and the service identifiers that receive according to described checking receiver module 520;
Password detection module 560, whether the password that the password in the checking bill receiving for detection of described checking receiver module 520 and described cipher inquiry module 540 inquire is identical;
Checking deciphering module 565, is decrypted other data in described checking bill as key for the password that utilizes the checking bill that described checking receiver module 520 receives, and obtains described timestamp, user's current IP address and/or identifying code;
Additional detected module 570, whether all conform to a predetermined condition for detection of timestamp, user's current IP address and/or identifying code in the checking bill after 565 deciphering of described checking deciphering module, IP address, the identifying code of described identifying code for providing in advance when described timestamp meets predetermined amount of time, described user's current IP address and meets last checking is provided described predetermined condition;
Described password authentication module 580, if while detecting that for described password detection module 560 identical the and described additional detected module 570 of two passwords detects that timestamp, user's current IP address and/or the identifying code of checking bill all conform to a predetermined condition, be verified.
In sum, the password authentication device that the present embodiment provides, by adopt a user ID and from different service systems respectively corresponding multiple passwords complete password authentification process, solve multinomial service and shared one group of safety issue that username and password causes, even if having reached user's a password reveals, bring potential safety hazard also only can to the wherein safety of a service, and can not bring the effect of potential safety hazard to other service.Also, by optional irreversible encryption mode, guarantee the fail safe of password in the time of storage and transmission; Also verify essential information by increase, make proof procedure more accurate; Also, by optional reversible encryption mode, guarantee the fail safe of checking essential information in the time of transmission.
It should be noted that, in the present embodiment, adopted irreversible encryption mode, also adopted reversible encryption mode, if only adopt irreversible encryption mode, or only adopt reversible encryption mode, can form new embodiment.
Embodiment six
Please refer to Fig. 7, it shows the block diagram of the password validation system that the embodiment of the present invention six provides.This password validation system comprises service system 400 and password authentication device 500.
Compared with above-mentioned several embodiment, service system 400 can also comprise: the first command reception module 460, the first request sending module 470, authentication module 480 and the second request sending module 490;
Described the first command reception module 460, for receiving user's delete instruction or modify instruction;
Described the first request sending module 470, for send first password management request to described password authentication device 500, described first password management request comprises delete instruction or the modify instruction that described the first command reception module 460 receives.
Described authentication module 480, for obtaining user's user ID and authentication bill, described authentication bill comprises the authentication information that mailbox authentication mode, certificate verification mode, dynamic password authentication mode or default problem authentication mode produce;
Described the second request sending module 490, for sending to described password authentication device 500 user ID, authentication bill and the second Password Management request that described authentication module 480 is obtained, described the second Password Management request comprises a kind of instruction in service identifiers and delete instruction and modify instruction.
Compared with above-described embodiment, password authentication device 500 can also comprise: relationship storage module 591, the first request receiving module 592, first password administration module 593, the second request receiving module 594, bill enquiry module 595, bill detection module 596 and the second Password Management module 597.
Described relationship storage module 591, for storing the corresponding relation between user ID, service identifiers and the password corresponding with the combination of described user ID and service identifiers;
Wherein, corresponding one or more service identifiers of user ID, the number of password corresponding to the combination of described and described user ID and service identifiers is identical with the number of described service identifiers.
Described corresponding relation also stores the authentication bill corresponding with described user ID, and described authentication bill comprises the authentication information that mailbox authentication mode, certificate verification mode, dynamic password authentication mode or default problem authentication mode produce.
Described the first request receiving module 592, for receiving first password management request, described first password management request comprises delete instruction or modify instruction;
Described first password administration module 593, the password of described relationship storage module 591 being stored for the first password management request receiving according to described the first request receiving module 592 is deleted or is revised.
Described the second request receiving module 594, for receiving user ID, authentication bill and the second Password Management request, described the second Password Management request comprises a kind of instruction in service identifiers and delete instruction and modify instruction;
Described bill enquiry module 595, inquires about for the data of storing in described relationship storage module 591 authentication bill corresponding to user ID receiving with described the second request receiving module 594;
Described bill detection module 596, whether the authentication bill that the authentication bill receiving for detection of described the second request receiving module 594 and described bill enquiry module 595 inquire is identical;
Described the second Password Management module 597, if identical for two authentication bills, delete or revises according to described the second Password Management request pair password corresponding with described service identifiers.
In sum, the password authentication device that the present embodiment provides, compared with above-mentioned several embodiment, also, by increasing the support of other Verification Systems, has guaranteed the availability of whole password validation system when password passes into silence.
It should be noted that, the first request receiving module 592 and first password administration module 593 in the present embodiment, are adopted, also the second request receiving module 594, bill enquiry module 595, bill detection module 596 and the second Password Management module 597 have been adopted, if only adopt the first request receiving module 592 and first password administration module 593, or only adopt the second request receiving module 594, bill enquiry module 595, bill detection module 596 and the second Password Management module 597, can form new embodiment.
It should be noted that: the password validation system that above-described embodiment provides and device are in the time of authentication password, only be illustrated with the division of above-mentioned each functional module, in practical application, can above-mentioned functions be distributed and completed by different functional modules as required, be divided into different functional modules by the internal structure of equipment, to complete all or part of function described above.In addition, the password validation system that above-described embodiment provides and device and method of password authentication embodiment belong to same design, and its specific implementation process refers to embodiment of the method, repeats no more here.
The invention described above embodiment sequence number, just to describing, does not represent the quality of embodiment.
One of ordinary skill in the art will appreciate that all or part of step that realizes above-described embodiment can complete by hardware, also can carry out the hardware that instruction is relevant by program completes, described program can be stored in a kind of computer-readable recording medium, the above-mentioned storage medium of mentioning can be read-only memory, disk or CD etc.
The foregoing is only preferred embodiment of the present invention, in order to limit the present invention, within the spirit and principles in the present invention not all, any modification of doing, be equal to replacement, improvement etc., within all should being included in protection scope of the present invention.

Claims (21)

1. a method of password authentication, is characterized in that, described method comprises:
Receipt Validation bill, described checking bill comprises user ID, service identifiers and the password corresponding with the combination of described user ID and service identifiers;
Inquire about pre-stored password according to described user ID and described service identifiers;
Whether the password that detects the password in described checking bill and inquire is identical;
If detect, two passwords are identical, are verified.
2. method according to claim 1, is characterized in that, also comprises one or more in timestamp, user's current IP address and identifying code in described checking bill,
Detect that if described two passwords are identical, before being verified, also comprise:
Whether the timestamp, user's current IP address and/or the identifying code that detect in described checking bill all conform to a predetermined condition, and IP address, the identifying code of described identifying code for providing in advance when described timestamp meets predetermined amount of time, described user's current IP address and meets last checking is provided described predetermined condition;
Detect that if described two passwords are identical, be verified, specifically comprise:
If detect when timestamp, user's current IP address and/or identifying code in the identical and described checking bill of two passwords all conforms to a predetermined condition, be verified.
3. method according to claim 2, it is characterized in that, timestamp, user's current IP address and/or identifying code in described checking bill are to utilize described password to carry out the ciphertext after reversible encryption as key, before whether timestamp, user's current IP address and/or the identifying code in the described checking bill of described detection all conforms to a predetermined condition, also comprise:
Utilize the password in described checking bill as key, other data in described checking bill to be decrypted, obtain described timestamp, user's current IP address and/or identifying code.
4. according to the arbitrary described method of claims 1 to 3, it is characterized in that, the password in described checking bill and described pre-stored password are the ciphertext of encrypting by irreversible encryption mode, before described Receipt Validation bill, also comprise:
Receive user ID and service identifiers;
Inquire about whether pre-stored have corresponding password and cipher mode according to described user ID and service identifiers;
Inquiring pre-storedly while having corresponding password and cipher mode, feed back described cipher mode.
5. according to the arbitrary described method of claims 1 to 3, it is characterized in that, detect that if described two passwords are identical, after being verified, also comprise:
Receive first password management request, described first password management request comprises delete instruction or modify instruction;
According to described first password management request, described password is deleted or revised.
6. according to the arbitrary described method of claims 1 to 3, it is characterized in that, before described Receipt Validation bill, also comprise:
Corresponding relation between storage user ID, service identifiers and the password corresponding with the combination of described user ID and service identifiers;
Wherein, corresponding one or more service identifiers of user ID, the number of password corresponding to the combination of described and described user ID and service identifiers is identical with the number of described service identifiers.
7. method according to claim 6, it is characterized in that, described corresponding relation also stores the authentication bill corresponding with described user ID, described authentication bill comprises the authentication information that mailbox authentication mode, certificate verification mode, dynamic password authentication mode or default problem authentication mode produce, described method, also comprises:
Receive user ID, authentication bill and the second Password Management request, described the second Password Management request comprises a kind of instruction in service identifiers and delete instruction and modify instruction;
Inquire about the authentication bill corresponding with described user ID;
Whether the authentication bill that detection receives is identical with the authentication bill inquiring;
If two authentication bills are identical, delete or revise according to described the second Password Management request pair password corresponding with described service identifiers.
8. a password authentication device, is characterized in that, described device comprises:
Checking receiver module, for Receipt Validation bill, described checking bill comprises user ID, service identifiers and the password corresponding with the combination of described user ID and service identifiers;
Cipher inquiry module, inquires about pre-stored password for the user ID and the service identifiers that receive according to described checking receiver module;
Password detection module, whether the password that the password in the checking bill receiving for detection of described checking receiver module and described cipher inquiry module inquire is identical;
Password authentication module, if detect that for described password detection module two passwords are identical, is verified.
9. device according to claim 8, is characterized in that, also comprises one or more in timestamp, user's current IP address and identifying code in the checking bill that described checking receiver module receives,
Described device, also comprises: additional detected module;
Described additional detected module, whether all conform to a predetermined condition for detection of the timestamp in described checking bill, user's current IP address and/or identifying code, IP address, the identifying code of described identifying code for providing in advance when described timestamp meets predetermined amount of time, described user's current IP address and meets last checking is provided described predetermined condition;
Described password authentication module, if when detecting that timestamp, user's current IP address and/or identifying code in the identical and described checking bill of two passwords all conforms to a predetermined condition, is verified.
10. device according to claim 9, is characterized in that, timestamp, user's current IP address and/or identifying code in the checking bill that described checking receiver module receives are to utilize described password to carry out the ciphertext after reversible encryption as key;
Described device, also comprises: checking deciphering module;
Described checking deciphering module, is decrypted other data in described checking bill as key for the password that utilizes described checking bill, obtains described timestamp, user's current IP address and/or identifying code.
Device described in 11. according to Claim 8 to 10 are arbitrary, is characterized in that, the password in the checking bill that described checking receiver module receives and described pre-stored password are the ciphertext of encrypting by irreversible encryption mode;
Described device, also comprises: mark receiver module, encrypted query module and encryption feedback module;
Described mark receiver module, for receiving user ID and service identifiers;
Described encrypted query module, inquires about whether pre-stored have corresponding password and cipher mode for the user ID and the service identifiers that receive according to described mark receiver module;
Described encryption feedback module, pre-stored while having corresponding password and cipher mode for inquiring in described encrypted query module, feed back described cipher mode.
Device described in 12. according to Claim 8 to 10 are arbitrary, is characterized in that, described device, also comprises: the first request receiving module and first password administration module;
Described the first request receiving module, for receiving first password management request, described first password management request comprises delete instruction or modify instruction;
Described first password administration module, deletes or revises described password for the first password management request receiving according to described the first request receiving module.
Device described in 13. according to Claim 8 to 10 are arbitrary, is characterized in that, described device, also comprises: relationship storage module;
Described relationship storage module, for storing the corresponding relation between user ID, service identifiers and the password corresponding with the combination of described user ID and service identifiers;
Wherein, corresponding one or more service identifiers of user ID, the number of password corresponding to the combination of described and described user ID and service identifiers is identical with the number of described service identifiers.
14. devices according to claim 13, it is characterized in that, described corresponding relation also stores the authentication bill corresponding with described user ID, described authentication bill comprises the authentication information that mailbox authentication mode, certificate verification mode, dynamic password authentication mode or default problem authentication mode produce, described device, also comprises: the second request receiving module, bill enquiry module, bill detection module and the second Password Management module;
Described the second request receiving module, for receiving user ID, authentication bill and the second Password Management request, described the second Password Management request comprises a kind of instruction in service identifiers and delete instruction and modify instruction;
Described bill enquiry module, for inquiring about authentication bill corresponding to user ID receiving with described the second request receiving module;
Described bill detection module, whether the authentication bill that the authentication bill receiving for detection of described the second request receiving module and described bill enquiry module inquire is identical;
Described the second Password Management module, if identical for two authentication bills, delete or revises according to described the second Password Management request pair password corresponding with described service identifiers.
15. 1 kinds of service systems, is characterized in that, comprising:
Password acquisition module, for obtaining user ID and the password of user under current service system;
Checking sending module, for send checking bill to password authentication device, described checking bill comprises user ID, for identifying the service identifiers of current service system and the described password corresponding with the combination of described user ID and service identifiers, so that described password authentication device carries out password authentification according to described checking bill.
16. service systems according to claim 15, is characterized in that, described system also comprises:
Acquisition of information module;
Described acquisition of information module, for one or more of acquisition time stamp, user's current IP address and identifying code;
Described checking sending module, specifically for send checking bill to described password authentication device, described checking bill also comprises timestamp, user's current IP address and/or the identifying code that described acquisition of information module gets.
17. service systems according to claim 16, is characterized in that, described system also comprises:
Bill encrypting module;
Described bill encrypting module, for utilizing timestamp, user's current IP address and/or the identifying code that password that described password acquisition module obtains gets described acquisition of information module as key to carry out reversible encryption, obtains the ciphertext after reversible encryption;
Described checking sending module, specifically for send checking bill to described password authentication device, described checking bill also comprises and utilizes described password, as key, described timestamp, user's current IP address and/or identifying code are carried out to the ciphertext after reversible encryption.
18. according to claim 15 to 17 arbitrary described service systems, it is characterized in that, described service system, also comprises:
Mark sending module, encryption receiver module and cryptographic module;
Described mark sending module, for sending user ID and service identifiers to described password authentication device;
Described encryption receiver module, for receiving described password authentication device according to the cipher mode of feedback after described user ID and service identifiers inquiry;
Described cryptographic module, the password described password acquisition module being got for the cipher mode receiving according to described encryption receiver module carries out irreversible encryption;
Described checking sending module, specifically for send checking bill to described password authentication device, described checking bill comprises the password after described cryptographic module is encrypted.
19. according to claim 15 to 17 arbitrary described service systems, it is characterized in that, described system also comprises: the first command reception module and the first request sending module;
Described the first command reception module, for receiving user's delete instruction or modify instruction;
Described the first request sending module, for send first password management request to described password authentication device, described first password management request comprises described delete instruction or modify instruction.
20. according to claim 15 to 17 arbitrary described service systems, it is characterized in that, described system also comprises: authentication module and the second request sending module;
Described authentication module, for obtaining user's user ID and authentication bill, described authentication bill comprises the authentication information that mailbox authentication mode, certificate verification mode, dynamic password authentication mode or default problem authentication mode produce;
Described the second request sending module, for sending described user ID, authentication bill and the second Password Management request to described password authentication device, described the second Password Management request comprises a kind of instruction in service identifiers and delete instruction and modify instruction.
21. 1 kinds of password validation systems, is characterized in that, comprise a password authentication device as described in as arbitrary in claim 8 to 14, and at least one service system as described in as arbitrary in claim 15 to 20.
CN201210453453.0A 2012-11-13 2012-11-13 Method of password authentication, apparatus and system Active CN103812651B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201210453453.0A CN103812651B (en) 2012-11-13 2012-11-13 Method of password authentication, apparatus and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201210453453.0A CN103812651B (en) 2012-11-13 2012-11-13 Method of password authentication, apparatus and system

Publications (2)

Publication Number Publication Date
CN103812651A true CN103812651A (en) 2014-05-21
CN103812651B CN103812651B (en) 2018-06-22

Family

ID=50708899

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201210453453.0A Active CN103812651B (en) 2012-11-13 2012-11-13 Method of password authentication, apparatus and system

Country Status (1)

Country Link
CN (1) CN103812651B (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105024819A (en) * 2015-05-29 2015-11-04 北京中亦安图科技股份有限公司 Multifactor authentication method and system based on mobile terminal
CN107395644A (en) * 2017-09-01 2017-11-24 北京知道创宇信息技术有限公司 A kind of multi-protocols Verification System and method
CN107612904A (en) * 2017-09-13 2018-01-19 浙江电力建设监理有限公司 Identity identifying method and system for intelligent monitoring management
CN107645514A (en) * 2017-10-26 2018-01-30 北京知道创宇信息技术有限公司 Authentication protocol conversion method and device
CN107888656A (en) * 2017-10-09 2018-04-06 北京京东尚科信息技术有限公司 Service the call method and calling device of end interface
CN108600278A (en) * 2018-07-05 2018-09-28 湖州贝格信息安全科技有限公司 Asymmet-ric encryption method and Related product
CN108737431A (en) * 2018-05-28 2018-11-02 深圳职业技术学院 Based on graduation distributed authentication method, the apparatus and system obscured under IoT scenes
CN110796798A (en) * 2018-08-01 2020-02-14 北京思源理想控股集团有限公司 Intelligent inbox system and method
CN112929188A (en) * 2019-12-05 2021-06-08 中国电信股份有限公司 Device connection method, system, apparatus and computer readable storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101051934A (en) * 2006-04-05 2007-10-10 大唐移动通信设备有限公司 Power control method in network managing system
CN101359410A (en) * 2007-08-03 2009-02-04 陶正钰 Bank account and bank card password wall technology
CN101441734A (en) * 2007-11-19 2009-05-27 上海久隆电力科技有限公司 Unite identification authentication system
CN101478471A (en) * 2009-02-04 2009-07-08 中兴通讯股份有限公司 Deployment method and system for MPLS/BGP three-layer virtual private network
US20110066697A1 (en) * 2008-06-06 2011-03-17 Alibaba Group Holding Limited Promulgating Information on Websites Using Servers

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101051934A (en) * 2006-04-05 2007-10-10 大唐移动通信设备有限公司 Power control method in network managing system
CN101359410A (en) * 2007-08-03 2009-02-04 陶正钰 Bank account and bank card password wall technology
CN101441734A (en) * 2007-11-19 2009-05-27 上海久隆电力科技有限公司 Unite identification authentication system
US20110066697A1 (en) * 2008-06-06 2011-03-17 Alibaba Group Holding Limited Promulgating Information on Websites Using Servers
CN101478471A (en) * 2009-02-04 2009-07-08 中兴通讯股份有限公司 Deployment method and system for MPLS/BGP three-layer virtual private network

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105024819A (en) * 2015-05-29 2015-11-04 北京中亦安图科技股份有限公司 Multifactor authentication method and system based on mobile terminal
CN105024819B (en) * 2015-05-29 2019-02-12 北京中亦安图科技股份有限公司 A kind of multiple-factor authentication method and system based on mobile terminal
CN107395644A (en) * 2017-09-01 2017-11-24 北京知道创宇信息技术有限公司 A kind of multi-protocols Verification System and method
CN107612904A (en) * 2017-09-13 2018-01-19 浙江电力建设监理有限公司 Identity identifying method and system for intelligent monitoring management
CN107888656A (en) * 2017-10-09 2018-04-06 北京京东尚科信息技术有限公司 Service the call method and calling device of end interface
CN107645514A (en) * 2017-10-26 2018-01-30 北京知道创宇信息技术有限公司 Authentication protocol conversion method and device
CN107645514B (en) * 2017-10-26 2020-03-17 北京知道创宇信息技术股份有限公司 Authentication protocol conversion method and device
CN108737431A (en) * 2018-05-28 2018-11-02 深圳职业技术学院 Based on graduation distributed authentication method, the apparatus and system obscured under IoT scenes
CN108600278A (en) * 2018-07-05 2018-09-28 湖州贝格信息安全科技有限公司 Asymmet-ric encryption method and Related product
CN110796798A (en) * 2018-08-01 2020-02-14 北京思源理想控股集团有限公司 Intelligent inbox system and method
CN112929188A (en) * 2019-12-05 2021-06-08 中国电信股份有限公司 Device connection method, system, apparatus and computer readable storage medium

Also Published As

Publication number Publication date
CN103812651B (en) 2018-06-22

Similar Documents

Publication Publication Date Title
EP3661120B1 (en) Method and apparatus for security authentication
JP6215934B2 (en) Login verification method, client, server, and system
US9742560B2 (en) Key management in secure network enclaves
CN104065653B (en) A kind of interactive auth method, device, system and relevant device
CN103812651A (en) Password authentication method, device and system
US20170180123A1 (en) Discovery of secure network enclaves
US9219722B2 (en) Unclonable ID based chip-to-chip communication
EP2879421B1 (en) Terminal identity verification and service authentication method, system, and terminal
TW201545526A (en) Method, apparatus, and system for providing a security check
US10958630B2 (en) System and method for securely exchanging data between devices
US9942042B1 (en) Key containers for securely asserting user authentication
KR20220086580A (en) Non-custodial tool for building decentralized computer applications
CN101621794A (en) Method for realizing safe authentication of wireless application service system
CN108769029B (en) Authentication device, method and system for application system
CN106452770A (en) Data encryption method and apparatus, data decryption method and apparatus, and system
CN104883255A (en) Password resetting method and device
CN102404337A (en) Data encryption method and device
US10785193B2 (en) Security key hopping
KR101358375B1 (en) Prevention security system and method for smishing
US9917694B1 (en) Key provisioning method and apparatus for authentication tokens
KR101680536B1 (en) Method for Service Security of Mobile Business Data for Enterprise and System thereof
US9245097B2 (en) Systems and methods for locking an application to device without storing device information on server
KR102053993B1 (en) Method for Authenticating by using Certificate
US20150100777A1 (en) Secure Federated Identity Service
CN110493233B (en) Communication method, device, system, computer readable medium and equipment

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant