Password setting method, password setting device, electronic device, and storage medium
By using encryption algorithms to generate password identifier values in smart devices with dual-core systems and storing them on a low-power processor, the problem of cumbersome setup caused by password incompatibility is solved. This simplifies management by allowing users to set passwords only once, thus improving the user experience.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- GUANGDONG OPPO MOBILE TELECOMMUNICATIONS CORP LTD
- Filing Date
- 2021-03-26
- Publication Date
- 2026-06-05
AI Technical Summary
In smart devices with dual-core systems, the incompatibility of passwords leads to cumbersome setup and time-consuming system switching, affecting the user experience.
The first processor obtains the plaintext password entered by the user, generates a password identifier value using a preset encryption algorithm, and sends it to the low-power second processor for storage, thereby enabling password sharing between the two systems.
While ensuring information security, users only need to set a password once, simplifying password management between the two systems and improving user experience.
Smart Images

Figure CN122153868A_ABST
Abstract
Description
[0001] This invention patent application is a divisional application of Chinese invention patent application filed on March 26, 2021, with application number 2021103276259 and titled "Password Setting Method, Password Setting Device, Electronic Device and Storage Medium". Technical Field
[0002] This application relates to the field of electronic technology, and in particular to a password setting method, password setting device, electronic device, and storage medium. Background Technology
[0003] With the development of technology, smart devices such as smartwatches are widely used in daily life. To improve the battery life of these devices, they often employ dual-core systems. At the same time, smart devices collect sensitive health-related information from users, often requiring screen lock passwords or other security measures to protect this information. However, in dual-core systems, the passwords are not interchangeable, making setting passwords for dual-system smart devices cumbersome and switching between systems also tedious. Summary of the Invention
[0004] This application provides a password setting method for an electronic device, the password setting method comprising:
[0005] Retrieve the plaintext password;
[0006] Based on the plaintext password, a password identifier value is obtained using a preset encryption algorithm;
[0007] The password identifier value is sent to the second processor, and the second processor saves the password identifier value.
[0008] This application provides a password setting device, the password setting device comprising:
[0009] The module retrieves the plaintext password.
[0010] An encryption module is used to obtain a password identifier value based on the password plaintext using a preset encryption algorithm;
[0011] The sending module is used to send the password identifier value to the second processor and to enable the second processor to save the password identifier value.
[0012] This application provides an electronic device, which includes a first processor and a second processor. The power consumption of the first processor is greater than that of the second processor. The first processor is used to acquire plaintext password, obtain a password identifier value based on the plaintext password using a preset encryption algorithm, and send the password identifier value to the second processor, and enable the second processor to store the password identifier value.
[0013] In the password setting method, password setting device, and electronic device of this application, the first processor of the electronic device can obtain the plaintext password input by the user, then process the plaintext password using a preset encryption algorithm to obtain a password identifier value, and send the password identifier value to the second processor so that the second processor can save the password identifier value. In this way, since the first processor sends the encrypted password identifier value to the second processor instead of the plaintext password, the sharing of the user-set password between the two systems is achieved while ensuring information security; furthermore, it allows the user to set the password only once when using the electronic device of the two systems, thereby improving the user experience.
[0014] In some embodiments, this application provides a non-volatile computer-readable storage medium storing a computer program that, when executed by one or more processors, implements the password setting method of any of the above embodiments.
[0015] Additional aspects and advantages of this application will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of this application. Attached Figure Description
[0016] The above and / or additional aspects and advantages of this application will become apparent and readily understood from the description of the embodiments taken in conjunction with the following drawings, wherein:
[0017] Figure 1 This is a flowchart illustrating the password setting method according to an embodiment of this application;
[0018] Figure 2 This is a schematic diagram of the password setting device according to an embodiment of this application;
[0019] Figure 3 This is a perspective view of an electronic device according to an embodiment of this application;
[0020] Figure 4 This is a flowchart illustrating the password setting method according to an embodiment of this application.
[0021] Figure 5 This is a flowchart illustrating the password setting method according to an embodiment of this application;
[0022] Figure 6 This is a flowchart illustrating the password setting method according to an embodiment of this application;
[0023] Figure 7 This is a flowchart illustrating the password setting method according to an embodiment of this application.
[0024] Explanation of main components and symbols:
[0025] Electronic device 100, first processor 10, second processor 11, memory 12, password setting device 200, acquisition module 21, encryption module 22, and sending module 23. Detailed Implementation
[0026] The embodiments of this application are described in detail below. Examples of the embodiments are shown in the accompanying drawings, wherein the same or similar reference numerals denote the same or similar elements or elements having the same or similar functions throughout. The embodiments described below with reference to the accompanying drawings are exemplary and are only used to explain this application, and should not be construed as limiting this application.
[0027] The following disclosure provides many different embodiments or examples for implementing different structures of this application. To simplify the disclosure, specific examples of components and arrangements are described below. Of course, these are merely examples and are not intended to limit the scope of this application. Furthermore, reference numerals and / or letters may be repeated in different examples; such repetition is for simplification and clarity and does not in itself indicate a relationship between the various embodiments and / or arrangements discussed. In addition, various specific examples of processes and materials are provided in this application, but those skilled in the art will recognize the application of other processes and / or the use of other materials.
[0028] Please see Figure 1 This application provides an embodiment for an electronic device 100 (such as...) Figure 3 The password setting method (shown) includes:
[0029] Step S10: Obtain the plaintext password;
[0030] Step S20: Based on the plaintext password, obtain the password identifier value using a preset encryption algorithm;
[0031] Step S30: Send the password identifier value to the second processor 11 and have the second processor 11 save the password identifier value.
[0032] Please see Figure 2 This application provides a password setting device 200, which includes an acquisition module 21, an encryption module 22, and a sending module 23. The password setting method of this application can be implemented by the password setting device 200. For example, step S10 can be implemented by the acquisition module 21 of the password setting device 200, step S20 can be implemented by the encryption module 22 of the password setting device 200, and step S30 can be implemented by the sending module 23 of the password setting device 200.
[0033] Alternatively, the acquisition module 21 is used to acquire the plaintext password, the encryption module 22 is used to obtain the password identifier value based on the plaintext password using a preset encryption algorithm, and the sending module 23 is used to send the password identifier value to the second processor 11 and make the second processor 11 save the password identifier value.
[0034] Please see Figure 3 This application also provides an electronic device 100, which includes a first processor 10 and a second processor 11, wherein the power consumption of the first processor 10 is greater than that of the second processor 11. The first processor 10 can be used to acquire plaintext password, obtain a password identifier value based on the plaintext password using a preset encryption algorithm, and send the password identifier value to the second processor 11, and have the second processor 11 store the password identifier value. The electronic device 100 may also include a memory 12, which can be used to store computer programs.
[0035] Specifically, the electronic device 100 in this application embodiment can be a small mobile terminal such as a smartwatch, smart glasses, or smart bracelet. The aforementioned electronic device 100 differs from the leisure and entertainment functions provided by smartphones. In addition to functions such as timing and notifications, it also provides a wealth of health measurement functions, such as sleep monitoring, heart rate measurement, and blood oxygen measurement. Furthermore, the aforementioned electronic device 100 can be worn by the user as a wearable device.
[0036] In addition, unlike mobile terminals such as smartphones or tablets, electronic devices such as smartwatches are often worn on the user's body, and for the sake of user-friendliness, they are often taken off to charge less often. Therefore, when considering these wearable devices, battery life becomes an important indicator.
[0037] To address the battery life issue, the electronic device 100 in this embodiment of the application includes a first processor 10 and a second processor 11 to support the functionality of the electronic device 100 while also ensuring battery life. In other words, the electronic device 100 has a hardware architecture based on two processor chips, meaning each processor can run an independent operating system, and the two operating systems can interact with each other.
[0038] The first processor 10 has high processing power requirements; for example, a Snapdragon processor could be used to run the Android system and execute applications on the electronic device 100 to achieve corresponding functions. It's easy to understand that the first processor 10 itself consumes a relatively high amount of power. The second processor 11 runs an operating system with lower processing power requirements; for example, a microcontroller unit (MCU) can be used to run a real-time operating system. When the second processor 11 is running, the electronic device 100 is in power-saving mode. The electronic device 100 can switch between a low-power, low-performance system and a high-power, high-performance system depending on the scenario.
[0039] It is also important to note that since the electronic device 100 stores a lot of users' private information, such as user identity, contact information, and user health information, the electronic device 100 needs to consider information security factors to protect this information. For example, a password needs to be set to view the relevant information, and a corresponding password also needs to be entered to unlock the electronic device 100.
[0040] If the password is stored in both systems, the operating system running on the low-performance second processor 11 lacks a trusted execution environment, posing a risk of password leakage. If the password is stored only on the operating system running on the high-performance core of the first processor 10, meaning the unlocking function is entirely handled by the operating system running on the first processor 10, the user will need to input information at the unlocking interface, which will take a long time and result in high power consumption.
[0041] Based on the above discussion, the embodiments of this application provide a password setting method that, while taking into account system information security, enables the sharing of user-set passwords between dual systems; and also allows users to set a password only once when using the dual-system electronic device 100, thereby improving the user experience.
[0042] In step S10, when a user sets or modifies a password, the first processor 10 can obtain the plaintext password entered by the user. The plaintext password refers to the plaintext characters that the user enters without hiding or directly displaying when setting or modifying the password, such as the password being "123" or "abc".
[0043] The plaintext password obtained here can be a lock screen password set by the user, or a password set by the user to lock a specific application. In other words, the first processor 10 can obtain the plaintext password set by the user for any application or function on the electronic device 100.
[0044] It is easy to understand that when using electronic device 100, it is essential to protect the password set by the user in order to ensure user privacy and security. If electronic device 100 directly saves the password set by the user in plain text, the password can be easily cracked when electronic device 100 is lost, making it difficult to guarantee the user's information security.
[0045] In step S20, after obtaining the plaintext password set by the user, the first processor 10 can process the plaintext password using a preset encryption algorithm to obtain the password identifier value. The preset encryption algorithm can be the MD5 (Message-Digest Algorithm) algorithm in hash algorithms. This is a widely used cryptographic hash function that can perform lossy compression calculations on the original message, i.e., the plaintext password obtained in step S10. Regardless of the length of the plaintext password in bytes, after processing by the MD5 algorithm, a fixed-length (128 bits / 16 bytes) hash value will be generated, which is the password identifier value in this method.
[0046] Of course, the default encryption algorithm can also be SHA-2 (Secure Hash Algorithm), a hash algorithm that, compared to MD5, can prevent collisions and is more secure. This application does not limit the encryption algorithm used, as long as it can encrypt the plaintext password to obtain the password identifier value.
[0047] In step S30, based on step S20, the first processor 10 can obtain the encrypted plaintext password, i.e., the password identifier value. Then, the first processor 10 can send the password identifier value to the second processor 11 based on the inter-core communication mechanism, and the second processor 11 can save the password identifier value. The second processor 11 can save the password identifier value in the memory 12, for example, in Flash memory. When it is necessary to verify the user password, the second processor 11 reads the password identifier value from the memory 12.
[0048] In this way, the first processor 10 can send password identifier values of various passwords set by the user to the second processor 11, and the second processor 11 can store the password identifier values in the memory 12. This allows the electronic device 100 to verify the password entered by the user when the second processor 11 is running, thus completing the user-initiated unlocking task. Furthermore, since the second processor 11 obtains password identifier values rather than plaintext passwords, the risk of password leakage can be avoided even if the low-power second processor 11 operates in an environment without trusted execution.
[0049] In the password setting method, password setting device 200, and electronic device 100 of this application, the first processor 10 of the electronic device 100 can obtain the plaintext password input by the user, then process the plaintext password using a preset encryption algorithm to obtain a password identifier value, and send the password identifier value to the second processor 11 so that the second processor 11 can save the password identifier value.
[0050] In this way, since the first processor 10 sends the password identifier value after encrypting the password plaintext to the second processor 11 instead of the password plaintext, the user-set password can be shared between the two systems while ensuring information security; and it also allows the user to set the password only once when using the electronic device 100 of the two systems, thereby improving the user experience.
[0051] Please see Figure 4 In some implementations, the password identifier value is obtained based on the plaintext password using a preset encryption algorithm (step S20), including:
[0052] Step S21: Generate salt using a random algorithm;
[0053] Step S22: Salt the plaintext password and then use a preset encryption algorithm to obtain the password identifier value.
[0054] In some implementations, the encryption module 22 is used to generate a salt using a random algorithm, and to obtain a password identifier value by salting the plaintext password and then using a preset encryption algorithm.
[0055] In some implementations, the first processor 10 is used to generate a salt using a random algorithm, and to obtain a password identifier value by salting the plaintext password and then using a preset encryption algorithm.
[0056] Specifically, simply applying a pre-defined encryption algorithm like MD5 to the plaintext password will result in low password security. For instance, in existing password attack methods, rainbow tables are specifically designed to crack password identifiers encrypted with MD5.
[0057] Furthermore, when a user sets the same plaintext password for different applications, simply applying a preset encryption algorithm such as MD5 to the plaintext password will result in identical password identifier values after encryption. Therefore, if one password identifier value is cracked, the plaintext password for the other password identifier value can also be determined.
[0058] In step S21, the first processor 10 can generate a salt using a random algorithm, where "salt" refers to a random long string generated by the algorithm. In step S22, the first processor 10 can add salt to the plaintext password obtained in step S10. "Adding salt" means adding a generated random long string to the obtained plaintext password, recombining it into a new string, which is then used as the input parameter for a preset encryption algorithm. The preset encryption algorithm is then used to obtain a unique password identifier value.
[0059] Thus, salting the plaintext password and then using a preset encryption algorithm results in a more complex password identifier value, significantly increasing the difficulty of decryption and thus ensuring user information security to a certain extent. Furthermore, because the salt is randomly generated, this means that even if a user enters the same plaintext password when setting passwords for different applications, the password identifier value obtained after applying the preset encryption algorithm will be different due to the different salts used.
[0060] Please see Figure 5 In some implementations, the password setting method may further include:
[0061] Step S40: Send the salt to the second processor 11 and have the second processor 11 store the salt.
[0062] In some implementations, the sending module 23 is used to send the salt to the second processor 11 and to have the second processor 11 store the salt.
[0063] In some implementations, the first processor 10 is used to send salt to the second processor 11 and to have the second processor 11 store the salt.
[0064] Specifically, in order for the electronic device 100 to verify the correctness of the password entered by the user when unlocking, even when the second processor 11 is running, in step S40, the first processor 10 can send the salt to the second processor 11 through the inter-core communication mechanism, and the second processor 11 can store the salt in the memory 12 to prevent loss in case of power failure.
[0065] Please see Figure 6 When a user initiates an unlock request, the second processor 11 can obtain the unlock password entered by the user, and read the salt and password identifier value sent by the first processor 10 and stored by the second processor 11 from the memory 12. Then, the second processor 11 can add salt to the obtained unlock password and calculate the current password identifier value using a preset encryption algorithm.
[0066] Since the password identifier value corresponds to a unique password plaintext, the user's input unlock password can be determined by comparing the current password identifier value with the password identifier value stored in memory 12.
[0067] Thus, by having the first processor 10 salt the plaintext password and then send the password identifier value obtained by the preset encryption algorithm to the second processor 11, and having the second processor 11 store both the salt and the password identifier value in the memory 12, the verification task can be completed by the second processor 11 alone when the user initiates an unlock request. This achieves password sharing between the two systems while ensuring information security, and the user only needs to set the password once.
[0068] Please see Figure 7 In some implementations, the password setting method includes:
[0069] Step S50: Obtain the password deletion input operation;
[0070] Step S60: Send an instruction to the second processor 11 according to the password deletion input operation, so that the second processor 11 deletes the saved password identifier value and salt according to the instruction.
[0071] In some implementations, the acquisition module 21 is used to acquire the password deletion input operation, and the sending module 23 is used to send an instruction to the second processor 11 according to the password deletion input operation, so that the second processor 11 deletes the saved password identifier value and salt according to the instruction.
[0072] In some implementations, the first processor 10 is used to acquire a password deletion input operation and to send an instruction to the second processor 11 according to the password deletion input operation, so that the second processor 11 deletes the saved password identifier value and salt according to the instruction.
[0073] Specifically, in step S50, the first processor 10 can obtain the password deletion input operation initiated by the user; in step S60, when the user confirms the deletion of a previously set password, the first processor 10 sends an instruction to the second processor 11 according to the password deletion input operation initiated by the user, so that the second processor 11, after receiving the instruction, executes the deletion of the corresponding salt and password identifier value stored in the memory 12.
[0074] In this way, when a user needs to delete a password, the first processor 10 sends an instruction to the second processor 11 to delete the password identifier value and salt stored in the memory 12 after confirming the user's requested password deletion input operation, thereby releasing the corresponding memory in the memory 12, avoiding the collection of relevant password information set by the user, and achieving the effect of protecting user privacy.
[0075] In some implementations, the total length of the password plaintext and salt is greater than a predetermined number of bytes.
[0076] Specifically, although the preset encryption algorithm, such as a hash algorithm, applied to the plaintext password is irreversible, the plaintext passwords set by users are often short, generally only 4 bytes in length. After being directly processed by the preset encryption algorithm, the resulting password identifier value is easily cracked by string lookup table.
[0077] To ensure secure transmission, this method salts the plaintext and then uses a preset encryption algorithm to obtain a more secure password identifier value. Furthermore, to guarantee even higher security, this method specifies that the total length of the plaintext and salt must be greater than a predetermined number of bytes. This predetermined number of bytes can be determined based on the block size of the preset encryption algorithm used. For example, in MD5, SHA-1, and SHA-2, input information is processed in 64-byte blocks, so the predetermined number of bytes can be set to 64 bytes.
[0078] In this way, by ensuring that the total length of the plaintext and salt is greater than a predetermined number of bytes, it is possible to facilitate the processing of the salted plaintext using a preset encryption algorithm, while also ensuring that the resulting password identifier value has higher security.
[0079] This application provides a non-volatile computer-readable storage medium storing a computer program, which, when executed by one or more processors, causes the processors to perform the password setting method of any of the above embodiments.
[0080] For example, when a computer program is executed by a processor, the processor may perform the following steps:
[0081] Step S10: Obtain the plaintext password;
[0082] Step S20: Based on the plaintext password, obtain the password identifier value using a preset encryption algorithm;
[0083] Step S30: Send the password identifier value to the second processor 11 and have the second processor 11 save the password identifier value.
[0084] Specifically, in the password setting method provided in this application, via step S, the first processor 10 can obtain the plaintext password set by the user on the electronic device 100; via step S20, a password identifier value can be obtained using a preset encryption algorithm. In step S20, steps S21 and S22 can be used to make the password identifier value obtained by the first processor 10 be obtained by adding salt to the plaintext password and then using the preset encryption algorithm; then via step S30, the first processor 10 sends the password identifier value to the second processor 11, and the second processor 11 saves the password identifier value in the memory 12.
[0085] In addition, in this password setting method, the salt added to the plaintext password can also be sent to the second processor 11 in step S40, and the second processor 11 can save the salt to the memory 12; and the user-initiated password deletion input request can be executed in steps S50 and S60.
[0086] This allows the second processor 11 to verify the user's input password when the user initiates an unlock request. Furthermore, since the second processor 11 receives the password identifier and salt, rather than the plaintext password, password sharing between the two systems is achieved while ensuring information security. This allows users to set their password only once, improving the user experience.
[0087] Those skilled in the art will understand that all or part of the processes in the methods of the above embodiments can be implemented by a computer program instructing related hardware. The computer program can be stored in a non-volatile computer-readable storage medium, and when executed, it can include the processes of the embodiments of the methods described above. The storage medium can be a magnetic disk, optical disk, read-only memory (ROM), etc.
[0088] In the description of this specification, the references to terms such as "one embodiment," "some embodiments," "illustrative embodiment," "example," "specific example," or "some examples," etc., indicate that a specific feature, structure, material, or characteristic described in connection with an embodiment or example is included in at least one embodiment or example of this application. In this specification, the illustrative expressions of the above terms do not necessarily refer to the same embodiment or example. Furthermore, the specific features, structures, materials, or characteristics described may be combined in any suitable manner in one or more embodiments or examples.
[0089] Although embodiments of this application have been shown and described, those skilled in the art will understand that various changes, modifications, substitutions and variations can be made to these embodiments without departing from the principles and spirit of this application, the scope of which is defined by the claims and their equivalents.
Claims
1. A password setting method for an electronic device, the electronic device comprising a first processor and a second processor, characterized in that, The password setting method includes: Retrieve the plaintext password; Based on the plaintext password, a password identifier value is obtained using a preset encryption algorithm; The password identifier value is sent to the second processor, and the second processor saves the password identifier value.
2. The password setting method according to claim 1, characterized in that, The process of obtaining the password identifier value based on the plaintext password using a preset encryption algorithm includes: Salts are generated using a random algorithm; After adding the salt to the plaintext password, the password identifier value is obtained using a preset encryption algorithm.
3. The password setting method according to claim 2, characterized in that, The password setting method includes: The salt is sent to the second processor, and the second processor stores the salt.
4. The password setting method according to claim 3, characterized in that, The password setting method includes: Retrieve password and delete input operation; The system sends an instruction to the second processor based on the password deletion input operation, so that the second processor deletes the stored password identifier value and the salt according to the instruction.
5. The password setting method according to claim 2, characterized in that, The total length of the plaintext password and the salt is greater than a predetermined number of bytes.
6. The password setting method according to claim 1, characterized in that, The operating system running on the second processor does not have a trusted execution environment.
7. The password setting method according to claim 1, characterized in that, When a user initiates an unlock request, the electronic device can verify the unlock password entered by the user using only the second processor.
8. The password setting method according to claim 1, characterized in that, The step of obtaining the plaintext password includes: the first processor obtaining the plaintext password input by the user.
9. A password setting method for an electronic device, the electronic device comprising a first processor and a second processor, characterized in that, When a user sets or changes their password, the first processor obtains the plaintext password entered by the user. When a user initiates an unlock request, the electronic device can complete the task of verifying the unlock password entered by the user solely through the second processor.
10. The password setting method according to claim 9, characterized in that, The password set by the user is shared between the operating systems of the first processor and the second processor.
11. A password setting device, characterized in that, The password setting device includes: The acquisition module is used to retrieve the plaintext password. An encryption module is used to obtain a password identifier value based on the password plaintext using a preset encryption algorithm; The sending module is used to send the password identifier value to the second processor and to enable the second processor to save the password identifier value.
12. An electronic device, characterized in that, The electronic device includes a first processor and a second processor. The first processor is used to acquire plaintext password, obtain a password identifier value based on the plaintext password using a preset encryption algorithm, and send the password identifier value to the second processor, and have the second processor save the password identifier value.
13. An electronic device, characterized in that, The electronic device includes a first processor and a second processor, wherein the first processor is configured to obtain the plaintext of the password entered by the user when the user sets and modifies the password; The second processor is configured to perform the task of verifying the unlock password entered by the user when the user initiates an unlock request.
14. A non-volatile computer-readable storage medium storing a computer program, characterized in that, When the computer program is executed by the first processor, it implements the password setting method according to any one of claims 1-10.