Method for protecting security of account

An account security and account technology, applied in electrical components, transmission systems, etc., can solve problems such as low reliability, high cost of use, and easy loss, and achieve the effect of high reliability, low cost, and enhanced authentication strength

Active Publication Date: 2014-11-05
陈珂
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This is because the account information and key used for identity authentication are not directly readable, external applications can only send input factors used for calculation, and the entire calculation process is completely completed by the CPU in the ePass online game anti-theft lock. The calculation result is transmitted to the external application, so that the key is absolutely impossible to be intercepted by an external hacker program, and the calculation of the key is an irreversible algorithm, and the value of the key cannot be reversed through the calculation structure, and then passed to ePass The external calculation results of the online game anti-theft lock will also change with each input data. Even if the value calculated for each authentication is recorded, the purpose of false identity cannot be achieved. Its advantages are: not afraid of eavesdropping, not afraid of peeping, cracking, No need for memory, small size, easy to carry, the disadvantages of this technology: high cost of use, easy to lose, easy to damage, low reliability, criminals can decipher the Ukey password through the Trojan virus in the computer, and users use the U key Need to install the driver, and constantly upgrade the driver, the operation is cumbersome
[0007] The above-mentioned methods can neither prevent the attack of account hacking Trojans, nor can the user verify the authenticity of the login interface. If criminals use phishing websites to attack users, the security of the account cannot be guaranteed: criminals use various means , Fake the URL address and page content of the real website, or use the loopholes in the real website server program to insert dangerous HTML codes into some webpages of the site, defraud the user's account number, password and other private information, and at the same time, in a very short period of time Use the user's account number and password to log in to the real website and steal the user's property

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for protecting security of account

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0038] Embodiment 1, Activation code, static password, identification code and mobile phone short message transmission two sets of dynamic password four-time verification method

[0039] The user needs to submit the user's account name, mobile phone number and static password to the registration authentication server system. The system binds the user's account name and mobile phone number to each other, and agrees on the activation code (account or agreed activation command) that is bound to the mobile phone number. ; When logging in, the user submits his own activation code to the system SMS platform through the SMS gateway in the form of a mobile phone message; the system SMS platform extracts the activation code and the user's mobile phone number in the user's message after receiving the user's login request, and forwards it to To the system authentication server, after receiving the activation code and the user's mobile phone number, the authentication server retrieves it i...

Embodiment 2

[0040] Embodiment 2, activation code, static password, identification code, dynamic password card and mobile phone short message transmission dynamic password four-time verification method

[0041] The user needs to submit the user's account name, mobile phone number and static password to the registration authentication server system. The system binds the user's account and mobile phone number to each other, and agrees on the activation code (account or agreed activation command) that is bound to the mobile phone number. , obtain the dynamic password card provided by the service provider and bind it to the user's account; when the user needs to log in, the user submits his own activation code to the system SMS platform through the SMS gateway in the form of a mobile phone message; after receiving the user's login request, the system SMS platform Extract the activation code and the user's mobile phone number from the user's text message, and forward it to the system authenticat...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to an operational application technology combining short message transmission and computer database, in particular to a method for protecting the security of an account. The method is characterized in that: user login and server verification are required to be performed twice respectively, and passwords for the user login of each time are both dynamic passwords; in the login of the first time, the dynamic password A and the user account are input, and the dynamic password A becomes invalid instantly when the dynamic password A and the user account pass the verification; a dynamic identification code is displayed in a login interface in which the dynamic password A and the user account pass the verification; the user is required to compare the dynamic identification code in the login interface with the dynamic identification code in a received mobile phone short message, and then enters the login step of inputting the dynamic password B and a static password after confirming the two groups of dynamic identification codes are completely the same; and after the successful login of the user, the dynamic identification code and the dynamic password B become invalid instantly. By the method provided by the invention, attacks of account stealing Trojans can be effectively prevented, the phishing attacks of phishing sites to the users can be prevented, and the method is simple and intuitive for the user to operate and easy to master.

Description

technical field [0001] The invention relates to the operation and application technology combining short message transmission and computer database, in particular to a method for protecting account security. Background technique [0002] At present, there are mainly four methods of public account protection as follows: [0003] The first is the static password authentication technology, which uses the user's "account name" and "password" to authenticate and identify the legitimacy of the user. Its main feature is to use a fixed password to activate a specific account, but due to the password and As a soft identifier, the account number is static and unchanged, and it is transmitted in the network. There are many disadvantages and security holes. The cracking technology for it is constantly developing, and many tools and methods can be used to steal account passwords, such as stealing, deciphering, etc. , Peeping, cheating, etc. In addition, there are high requirements for u...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
Inventor 陈珂
Owner 陈珂
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap