Method and system for dynamically authenticating password by multi-password seed self-defined by user

Abstract

The invention aims to disclose a system for dynamically authenticating a password by a multi-password seed self-defined by a user. The method and the system are implemented by user equipment, a server system, server password generation equipment, a registration method and an authentication method. A user inputs a primary password and a secondary password at the user equipment, performs conversion to obtain a password seed, and submits the password seed to a server for registration and binding. When authentication is required, the server obtains a current authentication time by a real time clock, displays the current authentication time on a user interface, and can obtain a current server password of the user by the password seed submitted in the registration of the user and the authentication time. The user inputs the primary and secondary passwords at the user equipment, the server displays the current authentication time, and the conversion is performed to obtain a user password. The user password is judged whether to be consistent with the server password by comparison, and then a user operation can be verified whether to be legal or not. By the authentication method and the authentication system, all authentication needs of online authentication, offline authentication and the like can be satisfied. By the method provided by the invention, not only the absolute privacy of password information set by the user can be ensured, but also the problem of middleman breach of confidence which cannot be solved by a conventional dynamic password system is solved; and when using a multi-authentication server, the user is not required to buy and carry a plurality of pieces of user dynamic password equipment, so the user cost is reduced.

Description

technical field [0001] The invention relates to a two-factor dynamic password identity authentication method and system thereof, in particular to a user-defined multi-password seed dynamic password authentication system. technical background [0002] With the rapid development of Internet applications, more and more commercial activities take place on the Internet, such as online shopping, online banking, online payment, online games, etc., people have higher and higher requirements for network information security. In the process of traditional network business activities, the user performs identity authentication by entering a fixed account number and password from the client. Such a system has many potential security risks. Trojan horses, peeping, and network interception may all lead to user account and password disclosure. [0003] At present, the industry generally adopts two-factor authentication to improve the security of identity authentication, among which dynamic...

AI Technical Summary

Problems solved by technology

[0005] 1. The client device adopts a built-in password seed, and there is a possibility of password seed leakage during the production, storage and distribution process of the client device

[0006] 2. If the user loses the client device with the built-in password seed, the identity may be impersonated

[0008] 4. Since the existing client devices only have a built-in single password seed, for security reasons, a client device can only be bound to one operator service

[0009] 5. The dynamic password system with a single password seed cannot realize two confirmations, and the existing dynamic password system is helpless to the "man in the middle" type of stealing means

[0010] 6. It is difficult to fully synchronize the time of the client device and the server system, and the server system regards passwords within a certain period of time as legal

If the time period is set too short, it is difficult to solve the asynchronous problem; if it is too long, there will be security holes

Images