A password recovery method, device, medium and equipment

By setting up hardware-associated storage devices and password recovery software in mechanical equipment, the problem of low password recovery success rate in existing technologies is solved, achieving a more efficient and secure password recovery process.

CN116451209BActive Publication Date: 2026-06-16FUJIAN CHAOZHI GRP CO LTD
View PDF 2 Cites 0 Cited by

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
FUJIAN CHAOZHI GRP CO LTD
Filing Date
2023-03-06
Publication Date
2026-06-16

AI Technical Summary

Technical Problem

In existing technologies, the success rate of recovering passwords for forgotten or lost login passwords of machinery equipment manufacturers by relying on security questions or private contact methods is low and highly uncertain, which affects the security of equipment use.

Method used

By setting up a first storage device and a second storage device to store password recovery software and device identification information respectively, password recovery is performed using hardware association, avoiding reliance on personal ability for password protection and ensuring the security and success rate of the password recovery process.

🎯Benefits of technology

It improves the success rate and security of password recovery, reduces the number of password recovery failures due to human error, and increases processing efficiency.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN116451209B_ABST
    Figure CN116451209B_ABST
Patent Text Reader

Abstract

The present application relates to a password recovery method, device, medium and equipment, by storing the first identification information and the password recovery software in the first storage device, only when the first storage device and the first processing device establish the connection, the password recovery software can be obtained, the password recovery software and the second identification information list required for the corresponding second storage device are made by using the first storage device and the first processing device, then the second storage device and the second processing device are connected, the password recovery operation is carried out on the device to be recovered, the password recovery process is split into the association relationship on the hardware from the recovery mode which depends on the personal ability such as the password protection and the contact method, thereby avoiding the situation that the password cannot be recovered due to the human factors in the password recovery process, improving the password recovery success rate, ensuring the security performance of the password, and improving the processing efficiency of the password recovery process.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This application relates to the field of computer technology, specifically to a password retrieval method, apparatus, medium, and device. Background Technology

[0002] All existing mechanical equipment requires corresponding software debugging and installation during the factory process. This includes adjustments to some detailed control methods during customer acceptance and subsequent maintenance. For safety protection, all mechanical equipment is configured with the password required for manufacturer login, which is managed by the debugging engineer to prevent customer misoperation that could affect the software functionality of the mechanical equipment.

[0003] In existing technologies, if the password required for manufacturer login is forgotten or lost due to personnel changes, it is necessary to recover or reset the password for manufacturer login of the machinery equipment. Current technical solutions involve using security questions or pre-reserved email addresses, phone numbers, or other private contact methods for password recovery. The problem with this process is that the data security of the machinery requiring password reset is tied to an individual, which introduces significant uncertainty and results in a low password recovery success rate. Specifically, the machinery in question has typically been in use for one to two years or more, making it easy for the corresponding commissioning engineer to forget their security questions, or the commissioning engineer may have already left their post, making their private contact information unavailable. Summary of the Invention

[0004] In view of the above problems, this application provides a password retrieval method, apparatus, medium and device, which solves the problem of low password recovery success rate caused by the existing technology of relying on security questions or private contact information to recover device passwords.

[0005] To achieve the above objectives, in a first aspect, the present invention provides a password retrieval method applicable to a password retrieval device, the password retrieval device comprising a first processing device, a second processing device, a first storage device, and a second storage device; the first storage device stores password recovery software and a first identification information list of all devices to be recovered;

[0006] The method also includes the following steps:

[0007] After the first processing device establishes connections with both the first storage device and the second storage device, the first processing device receives a password recovery generation instruction. The password recovery generation instruction includes a second identification information list, retrieves password recovery software from the first storage device, extracts the second identification information list from the first identification information list, and imports the password recovery software and the second identification information list into the second storage device. The second identification information list includes the identification information of the device to be recovered in this processing.

[0008] After the second processing device establishes a connection with the second storage device, the second processing device obtains the corresponding password recovery file according to the received operation instruction. The received operation instruction contains the identification information in the second identification information list. The second processing device imports the password recovery file into the password recovery software in the second storage device to parse the password recovery information and sends the password recovery information to the corresponding device to be recovered, so that the device to be recovered can restore the default password after receiving and verifying the password recovery information.

[0009] In some embodiments, the first storage device stores identification information of the processing device bound to it and / or the second storage device stores identification information of the processing device bound to it;

[0010] The method also includes:

[0011] After the first processing device establishes a connection with the first storage device, if it is detected that the identification information of the current first processing device does not match the identification information of the processing device bound to the first storage device, the current first processing device is denied access to the first storage device.

[0012] And / or, after the second processing device establishes a connection with the second storage device, if it is detected that the identification information of the current second processing device does not match the identification information of the processing device bound to the second storage device, the current second processing device is denied access to the second storage device.

[0013] In some embodiments, the method further includes:

[0014] If the first storage device does not store the identification information of the processing device bound to it, then after the first processing device establishes a connection with the first storage device, the identification information of the current first processing device will be used as the identification information of the processing device bound to the first storage device, and the identification information of the current first processing device will be stored in the first storage device.

[0015] And / or, if the second storage device does not store the identification information of the processing device bound to it, then after the current second processing device establishes a connection with the second storage device, the identification information of the current second processing device is used as the identification information of the processing device bound to the second storage device, and the identification information of the current second processing device is stored in the second storage device; and after receiving the binding relationship adjustment instruction issued by the password recovery software in the first storage device, the identification information of the processing device bound to the second storage device is adjusted.

[0016] In some embodiments, the method further includes:

[0017] The password recovery software in the first storage device configures access condition information for the second storage device. After the second processing device establishes a connection with the second storage device, if the access condition information is not met, the second processing device is denied access to the second storage device. The access condition information includes the allowed usage time of the second storage device.

[0018] In some embodiments, password recovery information includes a random number representing the password recovery file generation time and a device ID;

[0019] The verification of password recovery information by the device to be recovered includes:

[0020] Check if the password recovery file generation time has expired and / or check if the received random number is the same as the random number generated when the password recovery file was generated and / or check if the device ID matches its own device identification information. If so, the verification is considered successful; otherwise, the verification fails.

[0021] In some embodiments, the password recovery information is encrypted using a first encryption key and stored in encrypted form in a preset storage device, and can be obtained by downloading from a webpage;

[0022] The methods include:

[0023] The password recovery software in the second storage device obtains the first decryption key corresponding to the first encryption key and decrypts the password recovery file obtained from the webpage to extract the password recovery information.

[0024] In some embodiments, the method further includes:

[0025] The password recovery software in the second storage device uses the second encryption key to encrypt the parsed password recovery information, obtains the first password recovery information, and sends the first password recovery information to the corresponding device to be recovered;

[0026] After receiving the first password recovery information, the device to be recovered uses the second decryption key corresponding to the second encryption key to decrypt the first password recovery information and obtain the password recovery information.

[0027] In a second aspect, the present invention also provides a password retrieval device, the device comprising a first processing device, a second processing device, a first storage device, and a second storage device; the first storage device stores password recovery software and a first identification information list of all devices to be recovered;

[0028] The first processing device is configured to receive a password recovery generation instruction after establishing connections with both the first and second storage devices. The password recovery generation instruction includes a second identification information list, retrieves password recovery software from the first storage device, extracts the second identification information list from the first identification information list, and imports the password recovery software and the second identification information list into the second storage device. The second identification information list includes the identification information of the device to be recovered in this processing.

[0029] After establishing a connection with the second storage device, the second processing device obtains the corresponding password recovery file according to the received operation instruction. The received operation instruction includes the identification information in the second identification information list. The second processing device imports the password recovery file into the password recovery software in the second storage device to parse the password recovery information and sends the password recovery information to the corresponding device to be recovered, so that the device to be recovered can restore the default password after receiving and verifying the password recovery information.

[0030] In a third aspect, the present invention also provides a computer-readable storage medium having stored thereon computer program instructions that, when executed by a processor, implement the method described in the first aspect.

[0031] In a fourth aspect, the present invention also provides an electronic device including a memory and a processor, the memory being used to store one or more computer program instructions, wherein the one or more computer program instructions are executed by the processor to implement the method described in the first aspect.

[0032] Unlike existing technologies, the above technical solution improves the security of the password recovery process by setting up a first storage device to store the first identification information and password recovery software. The password recovery software can only be obtained when the first storage device and the first processing device are connected. Simultaneously, the first storage device and the first processing device are used to create a list of the password recovery software and second identification information required by the corresponding second storage device. Then, the second storage device is connected to the second processing device to perform the password recovery operation on the device to be recovered. By utilizing the hierarchical relationship between the first and second storage devices, the password recovery process is transformed from methods heavily reliant on personal skills, such as security questions and contact information, into a hardware-based connection. This avoids situations where passwords cannot be recovered due to human factors, improving the success rate of password recovery while ensuring password security and enhancing the processing efficiency of the password recovery process.

[0033] The above description of the invention is merely an overview of the technical solution of this application. In order to enable those skilled in the art to better understand the technical solution of this application and to implement it based on the description and drawings, and to make the above-mentioned objectives and other objectives, features and advantages of this application easier to understand, the following description is provided in conjunction with the specific embodiments and drawings of this application. Attached Figure Description

[0034] The accompanying drawings are only used to illustrate the principles, implementation methods, applications, features, and effects of specific embodiments of the present invention and other related contents, and should not be considered as limitations on this application.

[0035] In the accompanying drawings of the instruction manual:

[0036] Figure 1 This is a schematic diagram of the steps of the password retrieval method according to the first exemplary embodiment of the present invention;

[0037] Figure 2 This is a schematic diagram of the steps of the password retrieval method according to the second exemplary embodiment of the present invention;

[0038] Figure 3 This is a schematic diagram of the steps of the password retrieval method according to the third exemplary embodiment of the present invention;

[0039] Figure 4 This is a schematic diagram of a password retrieval device according to a specific embodiment of the present invention;

[0040] Figure 5 This is a schematic diagram of an electronic device according to a specific embodiment of the present invention;

[0041] Figure 6 This is a flowchart of the first application of the password retrieval method according to an embodiment of the present invention;

[0042] Figure 7 This is a second application flowchart of the password retrieval method according to an embodiment of the present invention;

[0043] Figure 8 This is a third application flowchart of the password retrieval method according to an embodiment of the present invention.

[0044] The reference numerals used in the above figures are explained as follows:

[0045] 1. Password retrieval device;

[0046] 11. First processing equipment;

[0047] 12. Second processing equipment;

[0048] 13. First storage device;

[0049] 14. Second storage device;

[0050] 2. Electronic equipment;

[0051] 21. Memory;

[0052] 22. Processor. Detailed Implementation

[0053] To illustrate the possible application scenarios, technical principles, implementable specific solutions, and achievable objectives and effects of this application in detail, the following description, in conjunction with the listed specific embodiments and accompanying drawings, provides a detailed explanation. The embodiments described herein are merely illustrative of the technical solutions of this application and are therefore intended to limit the scope of protection of this application.

[0054] In this document, the term "embodiment" means that a specific feature, structure, or characteristic described in connection with an embodiment may be included in at least one embodiment of this application. The term "embodiment" appearing in various places throughout the specification does not necessarily refer to the same embodiment, nor does it specifically limit its independence or connection with other embodiments. In principle, in this application, as long as there are no technical contradictions or conflicts, the technical features mentioned in each embodiment can be combined in any way to form corresponding implementable technical solutions.

[0055] Unless otherwise defined, the technical terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application pertains; the use of related terms herein is merely for the purpose of describing particular embodiments and is not intended to limit this application.

[0056] In the description of this application, the term "and / or" is used to describe the logical relationship between objects, indicating that three relationships can exist. For example, A and / or B means: A exists, B exists, and A and B exist simultaneously. Additionally, the character " / " in this document generally indicates that the preceding and following objects have an "or" logical relationship.

[0057] In this application, terms such as “first” and “second” are used only to distinguish one entity or operation from another, and do not necessarily require or imply any actual quantity, hierarchy or order relationship between these entities or operations.

[0058] Without further limitations, the use of terms such as “comprising,” “including,” “having,” or other similar open-ended expressions in this application is intended to cover non-exclusive inclusion, which does not exclude the presence of additional elements in a process, method, or product that includes the stated elements, such that a process, method, or product that includes a list of elements may include not only those defined elements but also other elements not expressly listed, or elements inherent to such a process, method, or product.

[0059] Similar to the understanding in the Examination Guidelines, in this application, expressions such as "greater than," "less than," and "exceeding" are understood to exclude the stated number; expressions such as "above," "below," and "within" are understood to include the stated number. Furthermore, in the description of the embodiments in this application, "multiple" means two or more (including two), and similar expressions related to "multiple" are also understood in this way, such as "multiple groups" and "multiple times," unless otherwise explicitly specified.

[0060] Please see Figure 1 In a first aspect, this embodiment provides a password retrieval method applicable to a password retrieval device, the password retrieval device including a first processing device, a second processing device, a first storage device, and a second storage device; the first storage device stores password recovery software and a first identification information list of all devices to be recovered;

[0061] The method also includes the following steps:

[0062] S11. After the first processing device establishes connections with both the first storage device and the second storage device, the first processing device receives a password recovery generation instruction. The password recovery generation instruction includes a second identification information list, retrieves password recovery software from the first storage device, extracts the second identification information list from the first identification information list, and imports the password recovery software and the second identification information list into the second storage device. The second identification information list includes the identification information of the device to be recovered in this processing.

[0063] S12. After the second processing device and the second storage device establish a connection, the second processing device obtains the corresponding password recovery file according to the received operation instruction. The received operation instruction includes the identification information in the second identification information list. The password recovery file is imported into the password recovery software in the second storage device to parse the password recovery information. The password recovery information is then sent to the corresponding device to be recovered so that the device to be recovered can restore the default password after receiving and verifying the password recovery information.

[0064] In this embodiment, the first processing device and the second processing device can be electronic devices such as computers and tablets capable of performing operation steps, and the first storage device and the second storage device can be electronic products with storage functions such as USB flash drives and hard drives. Password recovery software is a set of recovery software designed to recover passwords for devices manufactured by the same company; different manufacturers use different password recovery software. The first identification information list of devices to be recovered specifically represents the identification information of all products in a certain category of devices. The identification information in the first identification information list is used to identify the corresponding device code, which can be the serial number of each device or other combinations of numbers or letters. The devices to be recovered in the first identification information list are by default all products in this category. For example, if a video surveillance box manufacturer produces a type A video surveillance box device, and in the first batch of type A video surveillance box devices, a total of 4000 video surveillance box devices are produced, then there are 4000 pieces of identification information, all stored in the first identification information list of the first storage device corresponding to the type A video surveillance box.

[0065] The second identification information list records identification information for some products. If the identification information is the serial number information corresponding to the product, then the second identification information list records the serial number information of a portion of the products in the first identification information list. Specifically, the serial number information of this portion of the products corresponds to the identification information of the device to be recovered in this password recovery process. Using the first processing device, the identification information of a portion of the products in the first identification information list in the first storage device is imported into the second storage device. During this process, the password recovery software is simultaneously imported into the second storage device.

[0066] After the first processing device completes the import of the corresponding information from the second storage device, it disconnects from the second storage device, and the second storage device establishes a connection with the second processing device to complete the password recovery step. Upon receiving an operation instruction from the operator to retrieve the corresponding password recovery file, the second processing device sequentially retrieves the corresponding password recovery file according to the identifier information in the second identifier information list. The password recovery file is pre-set inside the device to be recovered; specifically, it stores multiple pieces of information about the device, including identifier information. By determining whether the identifier information in the second identifier information list in the second storage device matches the identifier information in the current password recovery file, matching password recovery files in the second identifier information list can be identified. Upon receiving an operation instruction to recover the password, the device to be recovered sends the password recovery file to the second processing device. After establishing a connection with the second storage device, the second processing device retrieves the password recovery file corresponding to the identifier information in the second identifier information list and imports it into the password recovery software on the second storage device. The password recovery software parses the imported password recovery file to obtain the password recovery information. The second processing device performs the steps of receiving the password recovery file and sending the password recovery information. After receiving the current password recovery information, the device to be recovered verifies it. For example, the verification process may involve the device determining whether the identification information recorded in the current password recovery information matches its own identification information to determine if the current password recovery information is the correct password recovery information for its device. If yes, the password recovery steps are performed according to the password recovery information to recover the default password; otherwise, the steps to recover the default password are not performed.

[0067] By setting up a first storage device, the first identification information and password recovery software are stored in the first storage device. The password recovery software can only be obtained when the first storage device and the first processing device are connected, thereby improving the security of the password recovery process. At the same time, the first storage device and the first processing device are used to create a list of password recovery software and second identification information required by the corresponding second storage device. Then, the second storage device is connected to the second processing device to perform password recovery operations on the device to be recovered. By utilizing the subordinate relationship between the first storage device and the second storage device, the password recovery process is broken down from recovery methods that heavily rely on personal ability, such as security questions and contact information, into hardware-based associations. This avoids situations where passwords cannot be recovered due to human factors during the password recovery process, improves the password recovery success rate, ensures password security, and improves the processing efficiency of the password recovery process.

[0068] Please see Figure 2In some embodiments, the first storage device stores identification information of the processing device bound to it and / or the second storage device stores identification information of the processing device bound to it;

[0069] The method also includes:

[0070] S21. After the first processing device establishes a connection with the first storage device, if it is detected that the identification information of the current first processing device does not match the identification information of the processing device bound to the first storage device, the current first processing device is denied access to the first storage device.

[0071] And / or, after the second processing device establishes a connection with the second storage device, if it is detected that the identification information of the current second processing device does not match the identification information of the processing device bound to the second storage device, the current second processing device is denied access to the second storage device.

[0072] In this embodiment, the first storage device stores the identification information of the processing device bound to it. After the first processing device establishes a connection with the first storage device, if it is detected that the identification information of the current first processing device does not match the identification information of the processing device bound to the first storage device, access to the first storage device by the current first processing device is denied. Specifically, the first storage device can only allow one processing device to access it, and the identification information contained in this processing device must match the identification information stored in the first storage device; otherwise, access to the first storage device is not possible. This prevents the password recovery software and the first identification information list stored in the first storage device from being copied by other processing devices in the event of loss of the first storage device. By adding the function of judging the identification information of the first processing device, the security of the information stored in the first storage device can be improved.

[0073] In this embodiment, the second storage device stores the identification information of the processing device bound to it. After the second processing device establishes a connection with the second storage device, if it is detected that the identification information of the current second processing device does not match the identification information of the processing device bound to the second storage device, access to the second storage device by the current second processing device is denied. Specifically, the second storage device can only allow one processing device to access it, and the identification information contained in this processing device must match the identification information stored in the second storage device; otherwise, access to the second storage device is not possible. This prevents the password recovery software and the second identification information list stored in the second storage device from being copied by other processing devices in the event of loss of the second storage device. By adding the function of judging the identification information of the second processing device, the security of the information stored in the second storage device can be improved.

[0074] Please see Figure 2 In some embodiments, the method further includes:

[0075] S22. If the first storage device does not store the identification information of the processing device bound to it, after the first processing device establishes a connection with the first storage device, the identification information of the current first processing device is used as the identification information of the processing device bound to the first storage device, and the identification information of the current first processing device is stored in the first storage device.

[0076] And / or, if the second storage device does not store the identification information of the processing device bound to it, then after the current second processing device establishes a connection with the second storage device, the identification information of the current second processing device is used as the identification information of the processing device bound to the second storage device, and the identification information of the current second processing device is stored in the second storage device; and after receiving the binding relationship adjustment instruction issued by the password recovery software in the first storage device, the identification information of the processing device bound to the second storage device is adjusted.

[0077] In this embodiment, the first storage device does not store the identification information of the processing device it is bound to, indicating that the first storage device has not yet established a connection with any processing device. At this time, the current first processing device is the processing device bound to the first storage device. The first storage device obtains the identification information of the current first processing device and stores it in its own storage. During this process, when the first storage device first establishes a connection with the current first processing device, it is bound to that device, thereby achieving one-to-one data interaction between the first storage device and the current first processing device, ensuring the information security of the data in the first storage device.

[0078] In this embodiment, the second storage device does not store the identification information of the processing device it is bound to, indicating that the current second storage device has not yet established a connection with any processing device. At this time, the current second processing device is the processing device bound to the second storage device. The second storage device obtains the identification information of the current second processing device and stores it. It is worth noting that if the current processing device has already established a connection with the first storage device, its identification information will not be stored in the second storage device to avoid the first and second processing devices being the same device, which could affect data security. During this process, when the second storage device first establishes a connection with the current second processing device, it is bound to the current second processing device, thereby achieving one-to-one data interaction between the second storage device and the current second processing device, ensuring the information security of the data in the second storage device.

[0079] In some embodiments, the method further includes:

[0080] The password recovery software in the first storage device configures access condition information for the second storage device. After the second processing device establishes a connection with the second storage device, if the access condition information is not met, the second processing device is denied access to the second storage device. The access condition information includes the allowed usage time of the second storage device.

[0081] In this embodiment, the password recovery software in the first storage device is also used to configure access condition information for the second storage device. The access condition information includes the allowed usage time of the second storage device. If the second processing device bound to the second storage device accesses the second storage device during a time period other than the usage time of the second storage device, the second storage device determines that the current access time of the second processing device does not meet the access condition information, thereby refusing the second processing device access to the second storage device.

[0082] For example, when the first storage device imports password recovery software to the second storage device via the first processing device, if the access conditions allow the second storage device to be used from 8:00 AM to 10:00 AM, then the second processing device can establish a connection and access the second storage device during this time period. However, if the access occurs between 3:00 PM and 5:00 PM, the second processing device can still establish a connection, but because the access time does not conform to the usage time specified in the second storage device's settings, it is deemed to violate the access conditions, and the second storage device rejects the access request from the second processing device. The usage time of the second storage device can also be restricted. Specifically, if the usage time is restricted to within 24 hours of its creation, then access to the second storage device will be blocked for 25 hours after its creation. Alternatively, the usage date of the second storage device can be restricted. Specifically, if access to the second storage device is possible from January 1st to January 3rd, then access will be blocked from January 4th.

[0083] By incorporating a time period as a criterion, the connection security between the second storage device and the second processing device is further ensured, thereby guaranteeing the security of the data stored in the second storage device.

[0084] In some embodiments, password recovery information includes the password recovery file generation time, a random number, and a device ID;

[0085] The verification of password recovery information by the device to be recovered includes:

[0086] Check if the password recovery file generation time has expired and / or check if the received random number is the same as the random number generated when the password recovery file was generated and / or check if the device ID matches its own device identification information. If so, the verification is considered successful; otherwise, the verification fails.

[0087] In this embodiment, the password recovery information includes the password recovery file generation time, random number, and device ID. The device ID is the ID number corresponding to the device to be recovered, which can be the serial number configured at the factory for the device to be recovered. Optionally, the device ID can also be used as the identification information of the device to be recovered.

[0088] The password recovery file generation time indicates the time when the device to be recovered receives the password recovery operation signal and the password recovery file is generated accordingly. The random number is a string of random numbers automatically generated by the device to be recovered. This random number is generated before it is sent to the second processing device for password recovery operation. After the second processing device performs the password recovery step, the random number stored in the password recovery information returned to the device to be recovered should, in principle, be the same as the random number before the password recovery operation.

[0089] Optionally, the verification result can be output by determining whether the password recovery file generation time has expired. For example, if the password recovery software in the second storage device presets that the time between the password recovery file generation time and the processing time must not exceed 48 hours, then if the time between the password recovery file generation time and the current password recovery operation time for the device to be processed is greater than 48 hours, the password recovery file generation time is considered to have expired, the verification fails, and the password recovery operation signal must be re-executed in the device to be recovered, the password recovery file must be regenerated, and then sent to the second processing device to execute the corresponding password recovery steps. Conversely, if the time between the password recovery file generation time and the current password recovery operation time for the device to be processed is less than 48 hours, the password recovery file generation time is considered not to have expired, the verification passes, and the password recovery steps are executed.

[0090] Optionally, the system can determine whether the received random number is the same as the random number generated when the password recovery file was generated, and output a result indicating whether the verification is successful. The random number is a string of random numbers automatically generated by the device to be recovered. This random number is generated before being sent to the second processing device for password recovery. After the second processing device performs the password recovery step, the random number stored in the password recovery information returned to the device to be recovered should, in principle, be the same as the random number before the password recovery operation. If they are different, it means that the password recovery information received by the device to be recovered does not belong to the password recovery information corresponding to the device to be recovered, and the password recovery operation needs to be performed again. If they are the same, it means that the password recovery information received by the device to be recovered corresponds to the device to be recovered, and the password recovery step can be performed.

[0091] Optionally, the verification can be passed by determining whether the received device ID matches the device's own device identification information. Specifically, there are three scenarios: First, the device ID is not part of the identification information, but it corresponds to the device's own device identification information; that is, there is a one-to-one correspondence between the device ID and the device identification information. A device can have both device identification information and a device ID, and either one can distinguish the current device from other devices. If the received device ID matches the device's own device identification information, it means that the password recovery information received by the device to be recovered is its own password recovery information, and the password recovery step can be executed. If the received device ID does not match the device's own device identification information, the password recovery step is not executed. Second, the device ID is the device identification information. If the device ID is the same as the device's own device ID, the password recovery information received by the device to be recovered is its own password recovery information, and the password recovery step can be executed. If the received device ID does not match the device's own device ID, the password recovery step is not executed. In the third scenario, the device ID is part of the identification information. The device ID can still distinguish the current device from other devices. If the received device ID matches the device's own identification information (i.e., the device ID is completely identical to a part of the device's own identification information), then the password recovery information received by the device to be recovered is its own password recovery information, and the password recovery steps can be executed. If the received device ID does not match the device's own identification information (i.e., the device ID is not identical to a part of the device's own identification information), then the password recovery steps are not executed.

[0092] By setting up three different verification methods, it is easy to adapt to different types of devices to be recovered, thereby expanding the applicability of the password recovery method.

[0093] In some embodiments, the password recovery information is encrypted using a first encryption key and stored in encrypted form in a preset storage device, and can be obtained by downloading from a webpage;

[0094] The methods include:

[0095] The password recovery software in the second storage device obtains the first decryption key corresponding to the first encryption key and decrypts the password recovery file obtained from the webpage to extract the password recovery information.

[0096] The password recovery information is encrypted using a first encryption key. Specifically, when the device to be recovered sends the password recovery file to the second processing device, to ensure the security of the password recovery file on the second processing device, it is encrypted using the first encryption key and stored in a preset storage device, which is then retrieved via web download. The password recovery software on the second storage device is pre-configured with a first decryption key corresponding to the first encryption key. This first decryption key is used to decrypt the password recovery file, thereby retrieving the password recovery information. This process ensures the security of the data in the password recovery file sent to the second processing device, and also guarantees that the password recovery file on the second processing device can only be parsed by the password recovery software on the corresponding second storage device, further guaranteeing the security of the password data during the recovery process.

[0097] Please see Figure 3 In some embodiments, the method further includes:

[0098] S31. The password recovery software in the second storage device uses the second encryption key to encrypt the parsed password recovery information, obtains the first password recovery information, and sends the first password recovery information to the corresponding device to be recovered.

[0099] S32. After receiving the first password recovery information, the device to be recovered uses the second decryption key corresponding to the second encryption key to decrypt the first password recovery information and obtain the password recovery information.

[0100] In this embodiment, the password recovery software in the second storage device is pre-configured with a second encryption key. The parsed password recovery information is encrypted using the second encryption key to obtain the first password recovery information, and the first password recovery information is sent to the corresponding device to be recovered.

[0101] The device to be recovered is pre-configured with a second decryption key. After receiving the first password recovery information, the second decryption key is used to decrypt the first password recovery information to obtain the password recovery information before encryption, and then verification and password recovery steps are performed.

[0102] This operation ensures the security of the password recovery information corresponding to the file to be recovered in the second processing device, while also ensuring that the device to be recovered can only obtain the corresponding password recovery information through the second decryption key, thereby further guaranteeing the security of the password during transmission.

[0103] Please see Figure 4In a second aspect, this embodiment also provides a password retrieval device 1, which includes a first processing device 11, a second processing device 12, a first storage device 13, and a second storage device 14; the first storage device 13 stores password recovery software and a first identification information list of all devices to be recovered;

[0104] The first processing device 11 is configured to receive a password recovery generation instruction after establishing connections with both the first storage device 13 and the second storage device 14. The password recovery generation instruction includes a second identification information list, retrieves password recovery software from the first storage device 13, extracts the second identification information list from the first identification information list, and imports the password recovery software and the second identification information list into the second storage device 14. The second identification information list includes the identification information of the device to be recovered in this processing.

[0105] After establishing a connection with the second storage device 14, the second processing device 12 obtains the corresponding password recovery file according to the received operation instruction. The received operation instruction includes the identification information in the second identification information list. The second processing device 12 imports the password recovery file into the password recovery software in the second storage device 14 to parse the password recovery information and sends the password recovery information to the corresponding device to be recovered, so that the device to be recovered can restore the default password after receiving and verifying the password recovery information.

[0106] In this embodiment, the first processing device 11 and the second processing device 12 can be electronic devices such as computers and tablets capable of performing operation steps, and the first storage device 13 and the second storage device 14 can be electronic products with storage functions such as USB flash drives and hard drives. Password recovery software is a set of recovery software designed to recover passwords for devices manufactured by the same company; different manufacturers use different password recovery software. The first identification information list of devices to be recovered specifically represents the identification information of all products in a certain category of devices. The identification information in the first identification information list is used to identify the corresponding device code, which can be the serial number of each device or other combinations of numbers or letters. The devices to be recovered in the first identification information list are by default all products in this category. For example, if a video surveillance box manufacturer produces a type A video surveillance box device, and in the first batch of type A video surveillance box devices, a total of 4000 video surveillance box devices are produced, then there are 4000 pieces of identification information, all stored in the first identification information list of the first storage device 13 corresponding to the type A video surveillance box.

[0107] The second identification information list records identification information for some products. If the identification information is the serial number information corresponding to the product, then the second identification information list records the serial number information of a portion of the products in the first identification information list. Specifically, the serial number information of this portion of the products corresponds to the identification information of the device to be recovered in this password recovery process. Through the first processing device 11, the identification information of a portion of the products in the first identification information list in the first storage device 13 is imported into the second storage device 14. During this process, the password recovery software is simultaneously imported into the second storage device 14.

[0108] After the first processing device 11 completes the import of the corresponding information into the second storage device 14, the first processing device 11 disconnects from the second storage device 14, and the second storage device 14 establishes a connection with the second processing device 12, using the second processing device 12 to complete the password recovery step. Upon receiving an operation instruction from the operator to retrieve the corresponding password recovery file, the second processing device 12 sequentially retrieves the corresponding password recovery file according to the identifier information in the second identifier information list. The password recovery file is pre-set inside the device to be recovered; specifically, the password recovery file stores multiple pieces of information about the device to be recovered, including identifier information. By determining whether the identifier information in the second identifier information list in the second storage device 14 matches the identifier information in the current password recovery file, the matching password recovery files in the second identifier information list can be identified. Upon receiving an operation instruction to recover the password, the device to be recovered will send the password recovery file to the second processing device 12. After establishing a connection with the second storage device 14, the second processing device 12 obtains a password recovery file corresponding to the identification information in the second identification information list within the second processing device 12, and imports the password recovery file into the password recovery software of the second storage device 14. The password recovery software parses the imported password recovery file to obtain password recovery information. The second processing device 12 executes the steps of receiving the password recovery file and sending the password recovery information. After receiving the current password recovery information, the device to be recovered verifies the password recovery information. For example, the verification process may involve the device to be recovered determining whether the identification information recorded in the current password recovery information matches its own identification information, thereby determining whether the current password recovery information corresponds to its own device. If yes, the password recovery steps are executed according to the password recovery information to recover the default password; otherwise, the operation step of recovering the default password is not executed.

[0109] By setting up a first storage device 13, the first identification information and password recovery software are stored in the first storage device 13. The password recovery software can only be obtained when the first storage device 13 is connected to the first processing device 11, thereby improving the security of the password recovery process. At the same time, the first storage device 13 and the first processing device 11 are used to create a list of password recovery software and second identification information required by the corresponding second storage device 14. Then, the second storage device 14 is connected to the second processing device 12 to perform password recovery operations on the device to be recovered. By utilizing the subordinate relationship between the first storage device 13 and the second storage device 14, the password recovery process is broken down from recovery methods that heavily rely on personal ability, such as security questions and contact information, into hardware-based relationships. This avoids situations where passwords cannot be recovered due to human factors during the password recovery process, improves the password recovery success rate, ensures password security, and improves the processing efficiency of the password recovery process.

[0110] In a third aspect, this embodiment also provides a computer-readable storage medium storing computer program instructions thereon, which, when executed by a processor, implement the method described in the first aspect.

[0111] Please see Figure 5 In a fourth aspect, this embodiment also provides an electronic device 2, including a memory 21 and a processor 22, wherein the memory 21 is used to store one or more computer program instructions, wherein the one or more computer program instructions are executed by the processor 22 to implement the method described in the first aspect.

[0112] The storage medium / memory 21 includes, but is not limited to: RAM, ROM, magnetic disk, magnetic tape, optical disk, flash memory, USB flash drive, portable hard drive, memory card, memory stick, network server storage, network cloud storage, etc. The processor 22 includes, but is not limited to: CPU (Central Processing Unit 22), GPU (Graphics Processing Unit 22), MCU (Microprocessor 22), etc.

[0113] The above technical solution improves the security of the password recovery process by setting up a first storage device to store the first identification information and password recovery software. The password recovery software can only be obtained when the first storage device and the first processing device are connected. Simultaneously, the first storage device and the first processing device are used to create a list of the password recovery software and second identification information required by the corresponding second storage device. Then, the second storage device is connected to the second processing device to perform the password recovery operation on the device to be recovered. By utilizing the hierarchical relationship between the first and second storage devices, the password recovery process is broken down from recovery methods heavily reliant on personal skills, such as security questions and contact information, into hardware-based connections. This avoids situations where passwords cannot be recovered due to human factors, improving the success rate of password recovery while ensuring password security and increasing the processing efficiency of the password recovery process. Specific implementation examples:

[0115] Please see Figures 6 to 8 This is an application flowchart of a specific embodiment corresponding to the password retrieval method described above. In this embodiment, the first processing device is a first computer, the first storage device is a parent USB drive, the second storage device is a child USB drive, and the second processing device is a second computer. This embodiment specifically includes four stages: the first stage is the binding stage between the parent USB drive and the first computer; the second stage is the creation stage of the child USB drive; the third stage is the binding stage between the child USB drive and the second computer; and the fourth stage is the password recovery stage of the device to be recovered.

[0116] In the first phase, when a batch of devices leaves the factory, the manufacturer by default creates a single parent USB drive for all devices of the same type in that batch. This parent USB drive stores password recovery software and a list of initial identification information. The identification information in this list represents the individual identification information of each device of the same type in that batch. When the parent USB drive is initially connected to the first computer, it is bound to that computer by default. Therefore, if another computer is used, it cannot access the contents of the parent USB drive, thus ensuring the security of the data stored on the parent USB drive.

[0117] The second stage is the creation of the sub-USB drive. After the first computer is bound and connected to the parent USB drive, the sub-USB drive is connected to the first computer. The system retrieves password recovery files and corresponding device identification information from a webpage, showing all devices requiring password recovery for the current time period, stored on a preset storage device. Based on this identification information, it filters out matching identifiers from a first identifier list in the parent USB drive, creating a second identifier list, which is then imported into the sub-USB drive. Simultaneously, the password recovery software from the parent USB drive is imported into the sub-USB drive. The creation of the sub-USB drive is complete when the second identifier list and the password recovery software are successfully imported. Optionally, a usage period for the sub-USB drive can be set, allowing access only during the predetermined usage time.

[0118] The third stage is the binding stage between the sub-USB drive and the second computer. When the sub-USB drive is inserted into the second computer, it is bound to that computer. Optionally, the parent USB drive can unbind the sub-USB drive from the second computer, allowing for readjustment of the binding if the bound device is damaged, lost, or the maintenance personnel change. Optionally, a detection module can be added to the sub-USB drive to pre-detect whether the current computer is already bound to the parent USB drive; if so, it will not be bound to the current computer.

[0119] The fourth stage involves the USB drive using a second computer to parse and recover the password from the device to be recovered. In this stage, a password recovery file needs to be generated beforehand on the device to be recovered. The device will generate the password recovery file and send it to the web interface of the second computer. The password recovery file is encrypted using key A (the first encryption key) and sent to the web interface of the second computer. The USB drive decrypts the password recovery file using the decryption key corresponding to key A, extracts the password recovery information, and then encrypts it again using key B (the first encryption key) before sending it to the device to be recovered. The device to be recovered uses the decryption key corresponding to key B to decrypt the password recovery information, thereby obtaining the recovered password.

[0120] By judging one or more of the random number, device ID, identification information, and password recovery file generation time in the password recovery information, it is verified whether the password recovery standard (i.e., whether it is legal) is met. If so, the password recovery steps are executed.

[0121] Optionally, if the usage time of the sub-USB drive is exceeded, the sub-USB drive will become invalid and the password cannot be recovered using the sub-USB drive. The parent USB drive will need to re-authorize it.

[0122] (1) This invention does not require pre-reserved information or setting security questions; it only requires counting the device serial number at the time of manufacture.

[0123] (2) The present invention allows maintenance personnel to perform recovery operations using a sub-USB drive, and the maintenance personnel can arrange the time freely.

[0124] Finally, it should be noted that although the above embodiments have been described in the text and drawings of this application, this should not limit the scope of patent protection of this application. Any technical solutions that are based on the essential concept of this application and utilize the content described in the text and drawings of this application, resulting in equivalent structural or procedural substitutions or modifications, as well as the direct or indirect application of the technical solutions of the above embodiments to other related technical fields, are all included within the scope of patent protection of this application.

Claims

1. A password retrieval method, applicable to password retrieval devices, characterized in that, The password retrieval device includes a first processing device, a second processing device, a first storage device, and a second storage device; the first storage device stores password recovery software and a first identification information list of all devices to be recovered; The method further includes the following steps: After the first processing device establishes connections with both the first storage device and the second storage device, upon receiving a password recovery generation instruction, the first processing device receives a password recovery generation instruction that includes a second identification information list, retrieves the password recovery software from the first storage device, extracts the second identification information list from the first identification information list, and imports the password recovery software and the second identification information list into the second storage device; the second identification information list includes the identification information of the device to be recovered in this processing. After the second processing device establishes a connection with the second storage device, the second processing device obtains the corresponding password recovery file according to the operation instructions received from the operator. The operation instructions received from the operator include the identification information in the second identification information list, and imports the password recovery file into the password recovery software in the second storage device. The device to be recovered encrypts the password recovery information using a first encryption key and stores the encrypted password recovery information in a preset storage device. The information is then retrieved via webpage download. The password recovery information includes the password recovery file generation time, a random number, and the device ID. After the password recovery file is imported into the password recovery software in the second storage device, the password recovery software in the second storage device obtains the first decryption key corresponding to the first encryption key, decrypts the password recovery file obtained from the webpage to parse out the password recovery information, and sends the password recovery information to the corresponding device to be recovered, so that the device to be recovered can restore the default password after receiving and verifying the password recovery information.

2. The password retrieval method as described in claim 1, characterized in that, The first storage device stores the identification information of the processing device bound to it and / or the second storage device stores the identification information of the processing device bound to it; The method further includes: After the first processing device establishes a connection with the first storage device, if it is detected that the identification information of the current first processing device does not match the identification information of the processing device bound to the first storage device, the current first processing device is denied access to the first storage device. And / or, after the second processing device establishes a connection with the second storage device, if it is detected that the identification information of the current second processing device does not match the identification information of the processing device bound to the second storage device, the current second processing device is denied access to the second storage device.

3. The password retrieval method as described in claim 2, characterized in that, The method further includes: If the first storage device does not store the identification information of the processing device bound to it, then after the first processing device establishes a connection with the first storage device, the identification information of the current first processing device is used as the identification information of the processing device bound to the first storage device, and the identification information of the current first processing device is stored in the first storage device. And / or, if the second storage device does not store the identification information of the processing device bound to it, then after the current second processing device establishes a connection with the second storage device, the identification information of the current second processing device is used as the identification information of the processing device bound to the second storage device, and the identification information of the current second processing device is stored in the second storage device; and after receiving the binding relationship adjustment instruction issued by the password recovery software in the first storage device, the identification information of the processing device bound to the second storage device is adjusted.

4. The password retrieval method as described in claim 1, characterized in that, The method further includes: The password recovery software in the first storage device configures the access condition information of the second storage device. After the second processing device establishes a connection with the second storage device, if the access condition information is not met, the second processing device is denied access to the second storage device. The access condition information includes the allowed usage time of the second storage device.

5. The password retrieval method as described in claim 1, characterized in that, The verification of the password recovery information by the device to be recovered includes: The system determines whether the password recovery file generation time has expired and / or whether the received random number is the same as the random number generated when the password recovery file was generated and / or whether the device ID matches its own device identification information. If so, the verification is considered successful; otherwise, the verification fails.

6. The password retrieval method as described in claim 1 or 5, characterized in that, The method further includes: The password recovery software in the second storage device uses a second encryption key to encrypt the parsed password recovery information, obtains the first password recovery information, and sends the first password recovery information to the corresponding device to be recovered; After receiving the first password recovery information, the device to be recovered uses the second decryption key corresponding to the second encryption key to decrypt the first password recovery information to obtain the password recovery information.

7. A password retrieval device, characterized in that, The device includes a first processing device, a second processing device, a first storage device, and a second storage device; the first storage device stores password recovery software and a first identification information list of all devices to be recovered; The first processing device is configured to receive a password recovery generation instruction after establishing a connection with both the first storage device and the second storage device. The password recovery generation instruction includes a second identification information list, retrieves the password recovery software from the first storage device, extracts the second identification information list from the first identification information list, and imports the password recovery software and the second identification information list into the second storage device. The second identification information list includes the identification information of the devices to be restored in this process; After the second processing device establishes a connection with the second storage device, the second processing device obtains the corresponding password recovery file according to the operation instructions received from the operator. The operation instructions received from the operator include the identification information in the second identification information list, and imports the password recovery file into the password recovery software in the second storage device. The device to be recovered encrypts the password recovery information using a first encryption key and stores the encrypted password recovery information in a preset storage device. The information is then retrieved via webpage download. The password recovery information includes the password recovery file generation time, a random number, and the device ID. After the password recovery file is imported into the password recovery software in the second storage device, the password recovery software in the second storage device obtains the first decryption key corresponding to the first encryption key, decrypts the password recovery file obtained from the webpage to parse out the password recovery information, and sends the password recovery information to the corresponding device to be recovered, so that the device to be recovered can restore the default password after receiving and verifying the password recovery information.

8. A computer-readable storage medium storing computer program instructions thereon, characterized in that, The computer program instructions, when executed by a processor, implement the method as described in any one of claims 1-6.

9. An electronic device comprising a memory and a processor, characterized in that, The memory is used to store one or more computer program instructions, wherein the one or more computer program instructions are executed by the processor to implement the method as described in any one of claims 1-6.