Website user password encryption and verification method

A verification method and user technology, which is applied in the field of website user password encryption and verification, can solve problems such as easy guessing of passwords by hackers and easy disclosure of user plaintext passwords.

Inactive Publication Date: 2016-04-13
韦昱灵
View PDF2 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

And these passwords are always fixed in the database, such as plain text: 123456, or 123456 encrypted by MD5: 49ba59abbe56e057, making it easy for hackers to guess the password
In addition, the popularity of keyboard Trojan horses makes it easy for users to leak passwords in plain text

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Website user password encryption and verification method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0025] Embodiment 1: (login method of common user)

[0026] 1. Before user A logs in, the website database stores user A's verification time, verification information, random code and login time limit, where the verification time is the time when the user successfully logged in to the website last time, such as (2015 / 10 / 27 14:54:41 ), the verification information is obtained by the encryption algorithm of the present invention after the user's last successful landing on the website, such as (p73M3PPEa98lkGSGglXLWjHPEphVfsXhtpFs+siE / 3HTj9m0YJFp / A==), the random code is the length generated by the random function after the user's last successful landing on the website For a string of more than 2 characters, such as (NJj), the login time limit is a unified time range set by the website administrator for ordinary users. Users must enter the password within this time range and submit it to the server to enter the next page. One step, otherwise it will prompt wrong password. The ti...

Embodiment 2

[0043] Embodiment 2: (login method of website administrator B)

[0044]1. Before user B logs in, the website database stores user B's verification time, verification information, random code and login time limit. The verification time is the time when the user successfully logged in to the website last time, such as (2015 / 10 / 27 14:54:41 ), the verification information is obtained by the encryption algorithm of the present invention after the user's last successful landing on the website, such as: (p73M3PPEa98lkGSGglXLWjHPEphVfsXhtpFs+siE / 3HTj9m0YJFp / A==), the random code is generated by a random function after the user's last successful landing on the website For a character string longer than 2 characters, such as (NJj), the login time limit is a unified time range set by the website administrator for ordinary users. Users must enter the password within this time range and submit it to the server before they can enter Next step, otherwise it will prompt wrong password. The t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention belongs to the field of website user password encryption and verification, and mainly comprises the following steps: coming to a landing page by a user, inputting a password and submitting; if the password input time is not within a landing limited time range, then returning to the landing page; combining a login password, a verification time and a random code in order into a verification sequence, placing the verification sequence into an MD5 (Message Digest 5), using a DES (Data Encryption Standard) symmetric encryption algorithm to carry out calculation, and obtaining a secrete key; matching the secrete key with verification information, if the secrete key is not matched with the verification information, then returning to the landing page; updating the verification time into a current time, updating the random code into a character string whose length is greater than 2 characters generated by a random function, combining the login password, the verification time and the random code in order into the verification sequence, placing the verification sequence into the MD5, using the DES symmetric encryption algorithm to carry out calculation, and obtaining the secrete key; and updating the verification information into the secrete key. The invention discloses a website user password encryption and verification method, which can solve the problem in the prior art that the information security is not high since user passwords are easily broken maliciously.

Description

technical field [0001] The invention belongs to the field of protecting website user data for network security, and in particular relates to a method for encrypting and verifying website user passwords. Background technique [0002] The user passwords of the current website are stored in plain text or a simple MD5-encrypted string in the password field of the user table in the database, so that as long as the attacker obtains the database, he will easily obtain the user password. In addition to using the password on this website, the attacker will also get other websites to try to log in, causing greater damage and loss. For example, when CSDN was exploded last year, it was stored in plain text in the database, which caused the password to be leaked. However, if the user password is not long, it can be obtained through violent input if the password is only encrypted with MD5. And these passwords are always fixed in the database, such as plain text: 123456, or 123456 encrypt...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/0815H04L63/0428
Inventor 黄健
Owner 韦昱灵
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap