Weak password checking method and device

A weak password and password technology, applied in the field of information security management, can solve the problems of weak password dictionary update, weak password verification efficiency, etc., and achieve the effect of improving security

Active Publication Date: 2016-06-08
亿阳安全技术有限公司
View PDF6 Cites 16 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0018] The purpose of the present invention is to provide a method and device for checking weak passwords to solve the problem of updating the weak password dictionary and the low efficiency of weak password checking in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Weak password checking method and device
  • Weak password checking method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0042] The embodiment of the present invention provides a weak password verification method, the flow chart is as follows figure 1 shown, including the following steps:

[0043] Step 101, preset a weak password dictionary containing multiple weak passwords.

[0044]In order to be easy to remember, many people use simple and easy-to-remember passwords, such as "88888888", "123456", "a1b2c3", etc., which are easy to crack. Write these commonly used passwords into the weak password dictionary first. The weak password dictionary can be a memory table or string file database composed of multiple weak passwords.

[0045] Step 102, obtaining account and password information of all system resources / application resources taken over by the third-party account password system; obtaining ciphertext information of login account passwords of the checked system.

[0046] For example, to check the weak password status of host A, you can obtain all accounts (such as zhangsan , lisi) and pa...

Embodiment 2

[0053] Based on the technical solution of Embodiment 1, the process of performing collision analysis on the ciphertext of the login account password of the checked system can be specifically as follows:

[0054] According to the weak password dictionary, the login account password ciphertext information of the checked system is collided and matched, if the collision is successful, then it is determined that the matched password is a weak password and output to the verification result; and the third-party account password system The number of occurrences of the password in is cumulatively counted.

[0055] This solution, on the basis of continuing the collision analysis based on the weak password dictionary in the prior art, adds consideration of the password factors in the third-party account password system to prepare for expanding the weak password dictionary.

[0056] For example, there are 30 passwords in the third-party account password system, including five passwords A,...

Embodiment 3

[0058] Based on the technical solution of Embodiment 1, the process of performing collision analysis on the ciphertext information of the login account password of the checked system can also be specifically:

[0059] According to the account and password information of all system resources / application resources taken over by the third-party account password system, the login account password ciphertext information of the checked system is collided and matched. If the collision is successful, it is determined whether the matched password is included in weak password dictionary; if included, the matching password is a weak password and output to the verification result, if not included, the number of occurrences of the matching password is cumulatively counted.

[0060] For example, extract an account number and corresponding ciphertext X1 (such as zhangsan, 14346e3e52c762f3) from the password ciphertext of host A of the checked system; qawsed);

[0061] The password encryptio...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a weak password checking method. The method comprises following steps: presetting a weak password dictionary containing multiple weak passwords; obtaining the accounts and password information of all system resources/application resources taken over in a third party account password system; obtaining the login account and password ciphertext information of a checked system; according to the weak password dictionary and the accounts and password information of all system resources/application resources taken over in the third party account password system, carrying out collision analysis to the login account and password ciphertext information of the checked system; finding out the weak password; outputting to a checking result; cumulatively counting the generating times of the passwords in the third party account password system; and updating the weak password dictionary according to the passwords and the counting values thereof in the third party account password system. The invention also discloses a weak password checking device. According to the method and the device provided by the invention, the problems of automatic extension of the weak password dictionary, reducing the limitation of independent weak password dictionary collision analysis, reducing the computing quantity of the collision analysis and increasing the weak password checking efficiency are innovatively solved.

Description

technical field [0001] The invention relates to the field of information security management, in particular to a method and device for checking weak passwords. Background technique [0002] Existing software systems generally perform security authentication management by setting account numbers and passwords. With the increasing use of application software, such as communication software, shopping software, e-banking, reading software, etc., it is a headache for software users to face so many types of software for security login authentication , so people often like to use familiar and easy-to-remember passwords for registration and login authentication. It is unavoidable to set a large number of weak passwords that are easy to be cracked. In order to improve the security of users using application software, it is necessary to solve the problem of weak password verification. [0003] There are two existing weak password verification methods: [0004] Method 1: Use techni...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06F21/46
CPCG06F21/46H04L63/0815H04L63/083
Inventor 何础成
Owner 亿阳安全技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap