Safety authentication method of webpage and apparatus thereof
What is Al technical title?
Al technical title is built by PatSnap Al team. It summarizes the technical point description of the patent document.
A security authentication and web page technology, applied in the field of security authentication, can solve problems such as poor web authentication security
Active Publication Date: 2017-10-24
HANGZHOU ANHENG INFORMATION TECH CO LTD
View PDF8 Cites 21 Cited by
Summary
Abstract
Description
Claims
Application Information
AI Technical Summary
This helps you quickly interpret patents by identifying the three key elements:
Problems solved by technology
Method used
Benefits of technology
Problems solved by technology
[0006] In view of this, the purpose of the present invention is to provide a method and device for security authentication of webpag...
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more
Image
Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
Click on the blue label to locate the original text in one second.
Reading with bidirectional positioning of images and text.
Smart Image
Examples
Experimental program
Comparison scheme
Effect test
Embodiment 1
[0054] The embodiment of the present invention provides a security authentication method for web pages, refer to figure 1 , the authentication methods include:
[0055] S101. Generate a random number according to the service request sent by the user terminal, wherein the service request includes any of the following: a login request, a registration request, and the service request includes the address of the server requesting the service;
[0056] In the embodiment of the present invention, when the server receives the service request sent by the user terminal, it will generate a random number.
[0057] A random number generated by the server, which refers to the generated string salt (salt). There are a lot of specialties in the formation of salt, and it is not safe to add salt. This is because, if the randomness and security of the salt are not high enough, it still faces the problem of password vulnerability. There are mainly the following points to note:
[0058] 1. Fi...
Embodiment 2
[0124] A security authentication device for web pages, refer to Figure 4 , applied to the server, the means include:
[0125] The generation module 11 is used to generate random numbers according to the service request sent by the user terminal, wherein the service request includes any of the following: a login request, a registration request, and the service request includes the server address of the requested service;
[0126] The sending module 12 is configured to send the random number to the user terminal, so that the user terminal hashes the random number, the server address, and the password input by the user to obtain the target information;
[0127] Judging module 13, for judging whether the target information and the user name input by the user meet the service authentication conditions, wherein the service authentication conditions include: login authentication conditions, registration authentication conditions;
[0128] Through module 14, if the service authentic...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more
PUM
Login to view more
Abstract
The invention provides a safety authentication method of a webpage and an apparatus thereof. The method comprises the following steps of generating a random number according to a service request sent by a user terminal; sending the random number to the user terminal so that the user terminal carries out Hash encryption on the random number, a server address and a password input by a user, and acquiring target information; determining whether the target information and a user name input by the user accord with a service authentication condition; and if the target information and the user name input accord with the service authentication condition, passing authentication of the service request. In the safety authentication method of the webpage of the invention, when the hash encryption is performed, the hash encryption is performed on the random number, the server address and the password. Because of existence of the random number, encryption objects are different each time so that the target information acquired through encryption each time is also different. Therefore, the target information is safe in a transmission process, replay attacks can be effectively prevented, safety of webpage authentication is increased, and technical problems that traditional webpage authentication safety is poor and a hidden trouble of the replay attacks exists are alleviated.
Description
technical field [0001] The invention relates to the technical field of security authentication, in particular to a method and device for security authentication of a webpage. Background technique [0002] Previous webpage authentication (for example, webpage login) basically just designed a page in the form of a form, and the client accesses the login page, which requires the user to fill in the corresponding user name and password, and then press the "OK" or "Login" button, Submit the filled information to the server, compare it with the user registration information saved in the database, and determine whether to allow login. In this login method, during the user authentication process, since the login information of the webpage system is transmitted on the channel in plain text or close to plain text, the user name and password are easily intercepted, analyzed or cracked, so the security is not high. [0003] Traditional identity authentication usually uses static passwo...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more
Application Information
Patent Timeline
Application Date:The date an application was filed.
Publication Date:The date a patent or application was officially published.
First Publication Date:The earliest publication date of a patent with the same application number.
Issue Date:Publication date of the patent grant document.
PCT Entry Date:The Entry date of PCT National Phase.
Estimated Expiry Date:The statutory expiry date of a patent right according to the Patent Law, and it is the longest term of protection that the patent right can achieve without the termination of the patent right due to other reasons(Term extension factor has been taken into account ).
Invalid Date:Actual expiry date is based on effective date or publication date of legal transaction data of invalid patent.