CN113191169A - Terminal code scanning login method, device and system - Google Patents
Terminal code scanning login method, device and system Download PDFInfo
- Publication number
- CN113191169A CN113191169A CN202110564936.7A CN202110564936A CN113191169A CN 113191169 A CN113191169 A CN 113191169A CN 202110564936 A CN202110564936 A CN 202110564936A CN 113191169 A CN113191169 A CN 113191169A
- Authority
- CN
- China
- Prior art keywords
- logged
- login
- equipment
- scanning
- request frequency
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 50
- 230000008014 freezing Effects 0.000 claims abstract description 13
- 238000007710 freezing Methods 0.000 claims abstract description 13
- 238000004891 communication Methods 0.000 claims description 23
- 238000004590 computer program Methods 0.000 claims description 16
- 238000012795 verification Methods 0.000 claims description 16
- 238000003860 storage Methods 0.000 claims description 12
- 238000010586 diagram Methods 0.000 description 13
- 230000006870 function Effects 0.000 description 13
- ZXQYGBMAQZUVMI-GCMPRSNUSA-N gamma-cyhalothrin Chemical compound CC1(C)[C@@H](\C=C(/Cl)C(F)(F)F)[C@H]1C(=O)O[C@H](C#N)C1=CC=CC(OC=2C=CC=CC=2)=C1 ZXQYGBMAQZUVMI-GCMPRSNUSA-N 0.000 description 11
- 230000006399 behavior Effects 0.000 description 7
- 238000006243 chemical reaction Methods 0.000 description 5
- 239000000872 buffer Substances 0.000 description 4
- 239000013589 supplement Substances 0.000 description 3
- 206010033799 Paralysis Diseases 0.000 description 2
- 238000009825 accumulation Methods 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 2
- 238000005336 cracking Methods 0.000 description 2
- 230000001186 cumulative effect Effects 0.000 description 2
- 230000007812 deficiency Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000002265 prevention Effects 0.000 description 2
- 230000001413 cellular effect Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 239000011521 glass Substances 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K7/00—Methods or arrangements for sensing record carriers, e.g. for reading patterns
- G06K7/10—Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation
- G06K7/14—Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation using light without selection of wavelength, e.g. sensing reflected white light
- G06K7/1404—Methods for optical code recognition
- G06K7/1408—Methods for optical code recognition the method being specifically adapted for the type of code
- G06K7/1417—2D bar codes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/36—User authentication by graphic or iconic representation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/02—Banking, e.g. interest calculation or account maintenance
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Accounting & Taxation (AREA)
- Finance (AREA)
- Computer Security & Cryptography (AREA)
- Marketing (AREA)
- Software Systems (AREA)
- General Business, Economics & Management (AREA)
- Strategic Management (AREA)
- Economics (AREA)
- Development Economics (AREA)
- Computer Hardware Design (AREA)
- Technology Law (AREA)
- General Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Electromagnetism (AREA)
- General Health & Medical Sciences (AREA)
- Toxicology (AREA)
- Artificial Intelligence (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The embodiment of the application provides a terminal code scanning login method, a device and a system, which can also be used in the financial field, wherein the method comprises the following steps: receiving a device identifier to be logged sent by a logged device, wherein the device identifier to be logged is obtained by the logged device scanning a logged two-dimensional code displayed on the device to be logged; determining the maximum login request frequency of the equipment to be logged in within a set time period according to the identification of the equipment to be logged in, if the maximum login request frequency exceeds a request frequency threshold value, freezing the network access permission of the logged-in equipment, otherwise opening a password-free login permission for the equipment to be logged in and sending logged-in information to the equipment to be logged in; the method and the device can effectively improve the safety and reliability of the code scanning login device.
Description
Technical Field
The application relates to the field of information security and can also be used in the field of finance, in particular to a terminal code scanning login method, device and system.
Background
Currently, a new mobile phone logs in an app of a certain bank for the first time, and the new mobile phone generally needs to perform means such as short message authentication, password authentication, face recognition authentication and the like to finally log in the app. However, many users only buy a new mobile phone and download the app for the first time, the login operation on the old device is simple and quick, and a complicated login process still needs to be operated on the premise of ensuring the safety of the operation of the users.
With the continuous emergence of various new technologies in the industry, code scanning login becomes a common choice for the first login of a certain app of new equipment, and currently, websites of various large PC terminals can select code scanning login during login, but the mobile terminals are rarely used.
The inventor finds that a code scanning login mode in the prior art brings some safety problems while being convenient for a client to use, and mainly a hacker steals and repeatedly tries to scan a login two-dimensional code of the client by utilizing the characteristics of simplicity and convenience of the two-dimensional code, so that the client account is stolen remotely for login. Therefore, it is very urgent to improve the security of two-dimensional code scan entry.
Disclosure of Invention
Aiming at the problems in the prior art, the application provides a terminal code scanning login method, device and system, which can effectively improve the safety and reliability of code scanning login equipment.
In order to solve at least one of the above problems, the present application provides the following technical solutions:
in a first aspect, the present application provides a terminal code scanning login method, including:
receiving a device identifier to be logged sent by a logged device, wherein the device identifier to be logged is obtained by the logged device scanning a logged two-dimensional code displayed on the device to be logged;
determining the maximum login requesting frequency of the equipment to be logged in within a set time period according to the identification of the equipment to be logged in, if the maximum login requesting frequency exceeds a request frequency threshold value, freezing the network access permission of the logged-in equipment, otherwise opening a password-free login permission for the equipment to be logged in and sending logged-in information to the equipment to be logged in.
Further, the determining, according to the identifier of the device to be logged in, the maximum login request frequency of the device to be logged in within a set time period includes:
determining the total login request times of the equipment to be logged in within a set time period according to the identification of the equipment to be logged in;
and determining the maximum login request frequency of the equipment to be logged in within a set time period according to the total login request times.
Further, before opening a password-free login right for the device to be logged in and sending logged-in information to the device to be logged in, the method includes:
and judging whether the equipment to be logged in is remotely operated or not according to the near-field communication distance or the GPS geographical position information between the equipment to be logged in and the logged-in equipment, and if so, stopping the network access authority of the logged-in equipment.
Further, after determining the total number of times of requesting login of the device to be logged in within a set time period according to the identifier of the device to be logged in, the method includes:
and judging whether the total login request times exceed a request time threshold, and if so, freezing the network access permission of the logged-in equipment.
In a second aspect, the present application provides a terminal code scanning login device, including:
the device to be logged in requests the login module, which is used for receiving a device to be logged in identifier sent by a logged-in device, wherein the device to be logged in identifier is obtained by the logged-in device scanning a login two-dimensional code displayed on the device to be logged in;
and the device to be logged in security verification module is used for determining the maximum login request frequency of the device to be logged in a set time period according to the identifier of the device to be logged in, freezing the network access authority of the logged-in device if the maximum login request frequency exceeds a request frequency threshold, and otherwise opening a password-free login authority for the device to be logged in and sending logged-in information to the device to be logged in.
Further, the security verification module of the device to be logged in comprises:
a total login request frequency determining unit, configured to determine the total login request frequency of the device to be logged in within a set time period according to the device to be logged in identifier;
and the maximum login request frequency determining unit is used for determining the maximum login request frequency of the equipment to be logged in a set time period according to the total login request frequency.
Further, the security verification module of the device to be logged in comprises:
and the terminal position judging unit is used for judging whether the equipment to be logged is remotely operated or not according to the near field communication distance between the equipment to be logged and the logged equipment or the GPS geographical position information, and if so, stopping the network access authority of the logged equipment.
In a third aspect, the present application provides a terminal code scanning login system, including: the device to be logged in, the security verification server and the logged device;
the security authentication server includes:
the device to be logged in requests the login module, which is used for receiving a device to be logged in identifier sent by the logged-in device, wherein the device to be logged in identifier is obtained by the logged-in device scanning a login two-dimensional code displayed on the device to be logged in;
and the device to be logged in security verification module is used for determining the maximum login request frequency of the device to be logged in a set time period according to the identifier of the device to be logged in, freezing the network access authority of the logged-in device if the maximum login request frequency exceeds a request frequency threshold, and otherwise opening a password-free login authority for the device to be logged in and sending logged-in information to the device to be logged in.
In a fourth aspect, the present application provides an electronic device, including a memory, a processor, and a computer program stored in the memory and executable on the processor, where the processor implements the steps of the terminal code scanning login method when executing the program.
In a fifth aspect, the present application provides a computer-readable storage medium, on which a computer program is stored, which, when executed by a processor, implements the steps of the terminal code scanning login method.
According to the technical scheme, the terminal code scanning login method, the device and the system prevent the attack of brute force cracking of hackers or Trojan horse programs by setting the numerical comparison relationship between the maximum request login frequency and the preset request frequency threshold value in a time period, ensure personal operation and effectively improve the safety and reliability of new code scanning login equipment.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a schematic flow chart of a terminal code scanning login method in an embodiment of the present application;
fig. 2 is a second flowchart illustrating a terminal code scanning login method according to an embodiment of the present application;
FIG. 3 is a diagram illustrating one of the structures of a terminal code scanning and registering device in an embodiment of the present application;
FIG. 4 is a second block diagram of the terminal code scanning and registering device in the embodiment of the present application;
FIG. 5 is a third block diagram of the terminal code scanning login device in the embodiment of the present application;
FIG. 6 is a flowchart of a terminal code scanning login system in an embodiment of the present application;
fig. 7 is a schematic structural diagram of an electronic device in an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The method, the device and the system for logging in the code scanning terminal provided by the application prevent brute force cracking attack of hackers or Trojan horse programs by setting a numerical comparison relation between a maximum request logging frequency and a preset request frequency threshold value in a time period, ensure personal operation and effectively improve the safety and reliability of new equipment for logging in the code scanning terminal.
In order to effectively improve the security and reliability of code scanning login equipment, the application provides an embodiment of a terminal code scanning login method, and referring to fig. 1, the terminal code scanning login method specifically includes the following contents:
step S101: receiving a device identifier to be logged sent by a logged device, wherein the device identifier to be logged is obtained by the logged device scanning a logged two-dimensional code displayed on the device to be logged.
Step S102: determining the maximum login requesting frequency of the equipment to be logged in within a set time period according to the identification of the equipment to be logged in, if the maximum login requesting frequency exceeds a request frequency threshold value, freezing the network access permission of the logged-in equipment, otherwise opening a password-free login permission for the equipment to be logged in and sending logged-in information to the equipment to be logged in.
Optionally, the operation trajectory of scanning the two-dimensional code in a set time period (for example, in a single day) of the logged-in device may be counted into a curve model, where the horizontal axis is code scanning time and the vertical axis is cumulative total times. After the model is drawn, the highest frequency of code scanning of the computing equipment in unit time of the day is calculated and expressed by the following notations:
wherein, t2-t1Represents the unit time (generally 1 minute), y2-y1Representing the accumulated number of times that the device scans codes in unit time, wherein Freq is the code scanning frequency, and if the device scans the maximum code scanning frequency (Freq) of the daymax) When the two-dimensional code of the client is cracked by using Trojan horse software, the behavior track is very likely that a hacker tries to steal the client information when the hacker violently cracks the two-dimensional code of the client.
It can be understood that large-scale high-frequency code scanning has a certain effect on the performance of the current system, which may cause large-scale accumulation of logs and even system paralysis. Therefore, the method and the device can directly freeze the equipment with the risk by utilizing the threshold value judgment of the maximum code scanning frequency, prevent the network access of the current equipment and prevent the behavior of hackers using the current equipment to continue attack from the source.
As can be seen from the above description, the terminal code scanning login method provided in the embodiment of the present application can prevent a hacker or a trojan horse program from brute force attack by setting a numerical comparison relationship between the maximum request login frequency and the preset request frequency threshold within a time period, ensure the operation of the user, and effectively improve the security and reliability of new code scanning login equipment.
In order to accurately determine whether there is a two-dimensional code that a hacker cracks a client violently by using trojan horse software, in an embodiment of the terminal code scanning login method of the present application, referring to fig. 2, the step S102 may further specifically include the following:
step S201: and determining the total login request times of the equipment to be logged in within a set time period according to the identification of the equipment to be logged in.
Step S202: and determining the maximum login request frequency of the equipment to be logged in within a set time period according to the total login request times.
Optionally, the operation trajectory of scanning the two-dimensional code in a set time period (for example, in a single day) of the logged-in device may be counted into a curve model, where the horizontal axis is code scanning time and the vertical axis is cumulative total times. After the model is drawn, the highest frequency of code scanning of the computing equipment in unit time of the day is calculated and expressed by the following notations:
wherein, t2-t1Represents the unit time (generally 1 minute), y2-y1Representing the accumulated number of times that the device scans codes in unit time, wherein Freq is the code scanning frequency, and if the device scans the maximum code scanning frequency (Freq) of the daymax) When the two-dimensional code of the client is cracked by using Trojan horse software, the behavior track is very likely that a hacker tries to steal the client information when the hacker violently cracks the two-dimensional code of the client.
In order to determine whether the device is secure by using a hardware-assisted means, in an embodiment of the terminal code-scanning entry method of the present application, the step S102 may further include the following steps:
and judging whether the equipment to be logged in is remotely operated or not according to the near-field communication distance or the GPS geographical position information between the equipment to be logged in and the logged-in equipment, and if so, stopping the network access authority of the logged-in equipment.
It can be understood that most hacker attacks can be shielded after the security prevention and control, but some attacks just at the edge of the threshold value can not be prevented, and the situation that the threshold value is close to the threshold value is possibly lost no matter how to evaluate and analyze the threshold value parameter, so that after the old device triggers the login page and successfully authorizes the old device, the new device performs the step before the password-free login, and a hardware auxiliary means is used for making up the deficiency of software implementation.
Specifically, if the new device is authorized, i.e., if the device is to be securely logged into the app, it is necessary to further ensure that the device is operating by itself. Because the code scanning conversion device is used for scanning between two mobile phones, the short-distance action is certain if the code scanning conversion device is operated by the user. Therefore, whether the user operates the mobile phone can be judged by utilizing hardware facilities of the mobile phone, and the behavior that a hacker remotely controls a client to steal a number is avoided. The distance of two current cell-phones is judged to short distance communication facilities such as bluetooth, wifi specifically can be used, whether in safe distance's threshold value. If not, the password-free login operation is immediately terminated. In addition, if the customer does not want to actively turn on the Bluetooth or the wifi, the longitude and latitude of the two mobile phones can be judged by utilizing a GPS positioning facility built in the mobile phones, and if the longitude and latitude are consistent, the representative is close-range personal operation. If the longitude and latitude are far away, the remote operation is possible, and the login is also terminated immediately.
It can be understood that because the longitude and latitude judgment error is large, the method is only used as a backup method for unavailable bluetooth and wifi energy facilities, and is a supplement of safety verification.
In order to accurately determine whether there is a two-dimensional code that a hacker uses trojan horse software to brute force a client, in an embodiment of the terminal code scanning login method of the present application, after the step S201, the following may be further included:
and judging whether the total login request times exceed a request time threshold, and if so, freezing the network access permission of the logged-in equipment.
Optionally, before determining the maximum request frequency, a basic check may be performed, that is, a threshold (for example, 100 times) is set for the maximum number of times that the same device can scan the code conversion device on the same day, and whether the accumulated number of times of scanning the code on the current device on the current day meets the threshold requirement is checked, and if not, the network access right of the logged-in device is frozen.
In order to effectively improve the security and reliability of code scanning login equipment, the present application provides an embodiment of a terminal code scanning login apparatus for implementing all or part of the contents of the terminal code scanning login method, and referring to fig. 3, the terminal code scanning login apparatus specifically includes the following contents:
the device to be logged in requests the login module 10 to receive a device identifier to be logged in sent by a logged-in device, where the device identifier to be logged in is obtained by the logged-in device scanning a login two-dimensional code displayed on the device to be logged in.
And the device to be logged in security verification module 20 is configured to determine a maximum login request frequency of the device to be logged in within a set time period according to the device to be logged in identifier, freeze a network access right of the logged-in device if the maximum login request frequency exceeds a request frequency threshold, and otherwise open a password-free login right for the device to be logged in and send logged-in information to the device to be logged in.
As can be seen from the above description, the terminal code scanning login device provided in the embodiment of the present application can prevent a hacker or a trojan horse program from brute force attack by comparing the maximum request login frequency with the preset request frequency threshold value within a set time period, thereby ensuring the operation of the user and effectively improving the security and reliability of new code scanning login equipment.
In order to accurately determine whether there is a two-dimensional code of a hacker who uses trojan horse software to brute force a client, in an embodiment of the terminal code scanning login apparatus of the present application, referring to fig. 4, the to-be-logged-in device security verification module 20 includes:
and a total login request frequency determining unit 21, configured to determine the total login request frequency of the device to be logged in within a set time period according to the identifier of the device to be logged in.
And a maximum login request frequency determining unit 22, configured to determine a maximum login request frequency of the device to be logged in within a set time period according to the total login request times.
In order to determine whether a device is secure by using hardware assistance, in an embodiment of the terminal code scanning login apparatus of the present application, referring to fig. 5, the device to be logged in security verification module 20 includes:
and the terminal position judging unit 23 is configured to judge whether the device to be logged in is remotely operated according to the near field communication distance between the device to be logged in and the logged-in device or the GPS geographic position information, and if so, suspend the network access right of the logged-in device.
In order to effectively improve the security and reliability of code scanning login equipment, the application provides an embodiment of a terminal code scanning login system, which specifically comprises: the device to be logged in, the security authentication server and the logged-in device.
The security authentication server includes:
the device to be logged in requests to log in module 10, configured to receive a device identifier to be logged in sent by the logged-in device, where the device identifier to be logged in is obtained by the logged-in device scanning a login two-dimensional code displayed on the device to be logged in.
And the device to be logged in security verification module 20 is configured to determine a maximum login request frequency of the device to be logged in within a set time period according to the device to be logged in identifier, freeze a network access right of the logged-in device if the maximum login request frequency exceeds a request frequency threshold, and otherwise open a password-free login right for the device to be logged in and send logged-in information to the device to be logged in.
To further illustrate the present solution, the present application further provides a specific application example of a terminal code-scanning login system for implementing the terminal code-scanning login method by using the terminal code-scanning login apparatus, which is shown in fig. 6 and specifically includes the following contents:
firstly, a basic check is carried out, the same equipment sets a threshold (for example, 100 times) at most for the number of times of scanning the code-changing equipment on the same day, and whether the accumulated code-scanning number of the current equipment on the same day meets the threshold requirement is checked.
Then, the operation track of the equipment scanning the service two-dimensional code on a single day is counted into a curve model, the horizontal axis is code scanning time, and the vertical axis is accumulated total times. After the model is drawn, the highest frequency of code scanning of the computing equipment in unit time of the day is calculated and expressed by the following notations:
wherein, t2-t1Represents the unit time (generally 1 minute), y2-y1Representing the accumulated number of times that the device scans codes in unit time, wherein Freq is the code scanning frequency, and if the device scans the maximum code scanning frequency (Freq) of the daymax) When the two-dimensional code of the client is cracked by using Trojan horse software, the behavior track is very likely that a hacker tries to steal the client information when the hacker violently cracks the two-dimensional code of the client. In addition, large-scale high-frequency code scanning also has certain influence on the performance of the current system, which may cause large-scale accumulation of logs and even system paralysis. Therefore, the present embodiment utilizes the threshold value of the maximum code scanning frequency to judge, and can directly freeze the equipment with risk, prevent the network access of the current equipment, and prevent the behavior of hackers using the current equipment to continue attack from the source.
Then, after the security prevention and control, most hacker attacks can be shielded. But for some attacks that are just at the edge of the threshold, it may not be possible to guard against. No matter how to evaluate and analyze the threshold parameter, the situation that the threshold is close to the threshold may be left, so in this embodiment, after the old device triggers the login page and successfully authorizes, before the new device performs the password-free login, a hardware auxiliary means is used to make up for the deficiency of software implementation.
Specifically, if the new device is authorized, i.e., if the device is to be securely logged into the app, it is necessary to further ensure that the device is operating by itself. Because the code scanning conversion device is used for scanning between two mobile phones, the short-distance action is certain if the code scanning conversion device is operated by the user. Therefore, whether the user operates the mobile phone can be judged by utilizing hardware facilities of the mobile phone, and the behavior that a hacker remotely controls a client to steal a number is avoided. The distance of two current cell-phones is judged to short distance communication facilities such as bluetooth, wifi specifically can be used, whether in safe distance's threshold value. If not, the password-free login operation is immediately terminated. In addition, if the customer does not want to actively turn on the Bluetooth or the wifi, the longitude and latitude of the two mobile phones can be judged by utilizing a GPS positioning facility built in the mobile phones, and if the longitude and latitude are consistent, the representative is close-range personal operation. If the longitude and latitude are far away, the remote operation is possible, and the login is also terminated immediately. Because the longitude and latitude judgment error is large, the method is only used as a backup method for the unavailable Bluetooth and wifi energy facilities, and is a supplement for safety verification.
According to the method, the hacker or Trojan horse program brute force attack is prevented by calculating the maximum code scanning frequency in unit time, and the distance between the two terminals is judged by using a short-distance communication facility as a supplement for software implementation, so that the operation of the user is further ensured, and the safety and reliability of new code scanning and logging equipment are effectively improved.
In terms of hardware, in order to effectively improve the security and reliability of the code scanning login device, the application provides an embodiment of an electronic device for implementing all or part of the contents in the terminal code scanning login method, where the electronic device specifically includes the following contents:
a processor (processor), a memory (memory), a communication Interface (Communications Interface), and a bus; the processor, the memory and the communication interface complete mutual communication through the bus; the communication interface is used for realizing information transmission between the terminal code scanning login device and relevant equipment such as a core service system, a user terminal, a relevant database and the like; the logic controller may be a desktop computer, a tablet computer, a mobile terminal, and the like, but the embodiment is not limited thereto. In this embodiment, the logic controller may be implemented with reference to the embodiment of the terminal code scanning registration method and the embodiment of the terminal code scanning registration apparatus in the embodiment, and the contents thereof are incorporated herein, and repeated descriptions are omitted.
It is understood that the user terminal may include a smart phone, a tablet electronic device, a network set-top box, a portable computer, a desktop computer, a Personal Digital Assistant (PDA), an in-vehicle device, a smart wearable device, and the like. Wherein, intelligence wearing equipment can include intelligent glasses, intelligent wrist-watch, intelligent bracelet etc..
In practical applications, part of the code scanning and logging method of the terminal may be performed on the electronic device side as described above, or all operations may be performed in the client device. The selection may be specifically performed according to the processing capability of the client device, the limitation of the user usage scenario, and the like. This is not a limitation of the present application. The client device may further include a processor if all operations are performed in the client device.
The client device may have a communication module (i.e., a communication unit), and may be communicatively connected to a remote server to implement data transmission with the server. The server may include a server on the task scheduling center side, and in other implementation scenarios, the server may also include a server on an intermediate platform, for example, a server on a third-party server platform that is communicatively linked to the task scheduling center server. The server may include a single computer device, or may include a server cluster formed by a plurality of servers, or a server structure of a distributed apparatus.
Fig. 7 is a schematic block diagram of a system configuration of an electronic device 9600 according to an embodiment of the present application. As shown in fig. 7, the electronic device 9600 can include a central processor 9100 and a memory 9140; the memory 9140 is coupled to the central processor 9100. Notably, this fig. 7 is exemplary; other types of structures may also be used in addition to or in place of the structure to implement telecommunications or other functions.
In one embodiment, the terminal code scanning login method function may be integrated into the central processor 9100. The central processor 9100 may be configured to control as follows:
step S101: receiving a device identifier to be logged sent by a logged device, wherein the device identifier to be logged is obtained by the logged device scanning a logged two-dimensional code displayed on the device to be logged.
Step S102: determining the maximum login requesting frequency of the equipment to be logged in within a set time period according to the identification of the equipment to be logged in, if the maximum login requesting frequency exceeds a request frequency threshold value, freezing the network access permission of the logged-in equipment, otherwise opening a password-free login permission for the equipment to be logged in and sending logged-in information to the equipment to be logged in.
As can be seen from the above description, the electronic device provided in the embodiment of the present application prevents a hacker or a brute force attack of a trojan program by setting a numerical comparison relationship between the maximum request login frequency and the preset request frequency threshold within a time period, thereby ensuring the operation of the user and effectively improving the security and reliability of the new device for code scanning login.
In another embodiment, the terminal code-scanning registration apparatus may be configured separately from the central processor 9100, for example, the terminal code-scanning registration apparatus may be configured as a chip connected to the central processor 9100, and the function of the terminal code-scanning registration method is realized by the control of the central processor.
As shown in fig. 7, the electronic device 9600 may further include: a communication module 9110, an input unit 9120, an audio processor 9130, a display 9160, and a power supply 9170. It is noted that the electronic device 9600 also does not necessarily include all of the components shown in fig. 7; further, the electronic device 9600 may further include components not shown in fig. 7, which may be referred to in the art.
As shown in fig. 7, a central processor 9100, sometimes referred to as a controller or operational control, can include a microprocessor or other processor device and/or logic device, which central processor 9100 receives input and controls the operation of the various components of the electronic device 9600.
The memory 9140 can be, for example, one or more of a buffer, a flash memory, a hard drive, a removable media, a volatile memory, a non-volatile memory, or other suitable device. The information relating to the failure may be stored, and a program for executing the information may be stored. And the central processing unit 9100 can execute the program stored in the memory 9140 to realize information storage or processing, or the like.
The input unit 9120 provides input to the central processor 9100. The input unit 9120 is, for example, a key or a touch input device. Power supply 9170 is used to provide power to electronic device 9600. The display 9160 is used for displaying display objects such as images and characters. The display may be, for example, an LCD display, but is not limited thereto.
The memory 9140 can be a solid state memory, e.g., Read Only Memory (ROM), Random Access Memory (RAM), a SIM card, or the like. There may also be a memory that holds information even when power is off, can be selectively erased, and is provided with more data, an example of which is sometimes called an EPROM or the like. The memory 9140 could also be some other type of device. Memory 9140 includes a buffer memory 9141 (sometimes referred to as a buffer). The memory 9140 may include an application/function storage portion 9142, the application/function storage portion 9142 being used for storing application programs and function programs or for executing a flow of operations of the electronic device 9600 by the central processor 9100.
The memory 9140 can also include a data store 9143, the data store 9143 being used to store data, such as contacts, digital data, pictures, sounds, and/or any other data used by an electronic device. The driver storage portion 9144 of the memory 9140 may include various drivers for the electronic device for communication functions and/or for performing other functions of the electronic device (e.g., messaging applications, contact book applications, etc.).
The communication module 9110 is a transmitter/receiver 9110 that transmits and receives signals via an antenna 9111. The communication module (transmitter/receiver) 9110 is coupled to the central processor 9100 to provide input signals and receive output signals, which may be the same as in the case of a conventional mobile communication terminal.
Based on different communication technologies, a plurality of communication modules 9110, such as a cellular network module, a bluetooth module, and/or a wireless local area network module, may be provided in the same electronic device. The communication module (transmitter/receiver) 9110 is also coupled to a speaker 9131 and a microphone 9132 via an audio processor 9130 to provide audio output via the speaker 9131 and receive audio input from the microphone 9132, thereby implementing ordinary telecommunications functions. The audio processor 9130 may include any suitable buffers, decoders, amplifiers and so forth. In addition, the audio processor 9130 is also coupled to the central processor 9100, thereby enabling recording locally through the microphone 9132 and enabling locally stored sounds to be played through the speaker 9131.
An embodiment of the present application further provides a computer-readable storage medium capable of implementing all steps in the terminal code scanning login method in which an execution subject is a server or a client in the foregoing embodiments, where the computer-readable storage medium stores a computer program, and when the computer program is executed by a processor, the computer program implements all steps in the terminal code scanning login method in which the execution subject is the server or the client, for example, when the processor executes the computer program, the processor implements the following steps:
step S101: receiving a device identifier to be logged sent by a logged device, wherein the device identifier to be logged is obtained by the logged device scanning a logged two-dimensional code displayed on the device to be logged.
Step S102: determining the maximum login requesting frequency of the equipment to be logged in within a set time period according to the identification of the equipment to be logged in, if the maximum login requesting frequency exceeds a request frequency threshold value, freezing the network access permission of the logged-in equipment, otherwise opening a password-free login permission for the equipment to be logged in and sending logged-in information to the equipment to be logged in.
As can be seen from the above description, the computer-readable storage medium provided in the embodiment of the present application prevents a hacker or a trojan program from brute force attack by setting a numerical comparison relationship between the maximum request login frequency and the preset request frequency threshold within a time period, thereby ensuring the operation of the user and effectively improving the security and reliability of the new code scanning login device.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, apparatus, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (devices), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The principle and the implementation mode of the invention are explained by applying specific embodiments in the invention, and the description of the embodiments is only used for helping to understand the method and the core idea of the invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present invention.
Claims (10)
1. A terminal code scanning login method is characterized by comprising the following steps:
receiving a device identifier to be logged sent by a logged device, wherein the device identifier to be logged is obtained by the logged device scanning a logged two-dimensional code displayed on the device to be logged;
determining the maximum login requesting frequency of the equipment to be logged in within a set time period according to the identification of the equipment to be logged in, if the maximum login requesting frequency exceeds a request frequency threshold value, freezing the network access permission of the logged-in equipment, otherwise opening a password-free login permission for the equipment to be logged in and sending logged-in information to the equipment to be logged in.
2. The terminal code-scanning login method of claim 1, wherein the determining the maximum login request frequency of the device to be logged in within a set time period according to the identifier of the device to be logged in comprises:
determining the total login request times of the equipment to be logged in within a set time period according to the identification of the equipment to be logged in;
and determining the maximum login request frequency of the equipment to be logged in within a set time period according to the total login request times.
3. The terminal code-scanning login method of claim 1, wherein before opening a password-free login right for the device to be logged in and sending logged-in information to the device to be logged in, the method comprises:
and judging whether the equipment to be logged in is remotely operated or not according to the near-field communication distance or the GPS geographical position information between the equipment to be logged in and the logged-in equipment, and if so, stopping the network access authority of the logged-in equipment.
4. The terminal code-scanning login method of claim 2, wherein after determining the total login request times of the device to be logged in within a set time period according to the identifier of the device to be logged in, the method comprises:
and judging whether the total login request times exceed a request time threshold, and if so, freezing the network access permission of the logged-in equipment.
5. A terminal code scanning login device is characterized by comprising:
the device to be logged in requests the login module, which is used for receiving a device to be logged in identifier sent by a logged-in device, wherein the device to be logged in identifier is obtained by the logged-in device scanning a login two-dimensional code displayed on the device to be logged in;
and the device to be logged in security verification module is used for determining the maximum login request frequency of the device to be logged in a set time period according to the identifier of the device to be logged in, freezing the network access authority of the logged-in device if the maximum login request frequency exceeds a request frequency threshold, and otherwise opening a password-free login authority for the device to be logged in and sending logged-in information to the device to be logged in.
6. The terminal code-scanning login device of claim 5, wherein the device to be logged in security verification module comprises:
a total login request frequency determining unit, configured to determine the total login request frequency of the device to be logged in within a set time period according to the device to be logged in identifier;
and the maximum login request frequency determining unit is used for determining the maximum login request frequency of the equipment to be logged in a set time period according to the total login request frequency.
7. The terminal code-scanning login device of claim 5, wherein the device to be logged in security verification module comprises:
and the terminal position judging unit is used for judging whether the equipment to be logged is remotely operated or not according to the near field communication distance between the equipment to be logged and the logged equipment or the GPS geographical position information, and if so, stopping the network access authority of the logged equipment.
8. A terminal code scanning login system is characterized by comprising equipment to be logged in, a security verification server and logged-in equipment;
the security authentication server includes:
the device to be logged in requests the login module, which is used for receiving a device to be logged in identifier sent by the logged-in device, wherein the device to be logged in identifier is obtained by the logged-in device scanning a login two-dimensional code displayed on the device to be logged in;
and the device to be logged in security verification module is used for determining the maximum login request frequency of the device to be logged in a set time period according to the identifier of the device to be logged in, freezing the network access authority of the logged-in device if the maximum login request frequency exceeds a request frequency threshold, and otherwise opening a password-free login authority for the device to be logged in and sending logged-in information to the device to be logged in.
9. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the steps of the terminal scan code entry method according to any one of claims 1 to 4 when executing the program.
10. A computer-readable storage medium, on which a computer program is stored, wherein the computer program, when executed by a processor, implements the steps of the terminal code-scanning entry method of any one of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110564936.7A CN113191169A (en) | 2021-05-24 | 2021-05-24 | Terminal code scanning login method, device and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110564936.7A CN113191169A (en) | 2021-05-24 | 2021-05-24 | Terminal code scanning login method, device and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113191169A true CN113191169A (en) | 2021-07-30 |
Family
ID=76985135
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110564936.7A Pending CN113191169A (en) | 2021-05-24 | 2021-05-24 | Terminal code scanning login method, device and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113191169A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113627208A (en) * | 2021-08-17 | 2021-11-09 | 上海源慧信息科技股份有限公司 | Code scanning login early warning method and device, computer equipment and storage medium |
| CN114297107A (en) * | 2021-12-29 | 2022-04-08 | 成都智明达电子股份有限公司 | Management method, equipment and medium for label Tag |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104144419A (en) * | 2014-01-24 | 2014-11-12 | 腾讯科技(深圳)有限公司 | Identity authentication method, device and system |
| CN109413096A (en) * | 2018-11-30 | 2019-03-01 | 北京海泰方圆科技股份有限公司 | A kind of login method and device more applied |
| CN111224920A (en) * | 2018-11-23 | 2020-06-02 | 珠海格力电器股份有限公司 | Method, device, equipment and computer storage medium for preventing illegal login |
| CN111726331A (en) * | 2019-06-28 | 2020-09-29 | 上海妃鱼网络科技有限公司 | Code scanning login information processing method |
-
2021
- 2021-05-24 CN CN202110564936.7A patent/CN113191169A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104144419A (en) * | 2014-01-24 | 2014-11-12 | 腾讯科技(深圳)有限公司 | Identity authentication method, device and system |
| CN111224920A (en) * | 2018-11-23 | 2020-06-02 | 珠海格力电器股份有限公司 | Method, device, equipment and computer storage medium for preventing illegal login |
| CN109413096A (en) * | 2018-11-30 | 2019-03-01 | 北京海泰方圆科技股份有限公司 | A kind of login method and device more applied |
| CN111726331A (en) * | 2019-06-28 | 2020-09-29 | 上海妃鱼网络科技有限公司 | Code scanning login information processing method |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113627208A (en) * | 2021-08-17 | 2021-11-09 | 上海源慧信息科技股份有限公司 | Code scanning login early warning method and device, computer equipment and storage medium |
| CN113627208B (en) * | 2021-08-17 | 2024-04-05 | 上海源慧信息科技股份有限公司 | Code scanning login early warning method and device, computer equipment and storage medium |
| CN114297107A (en) * | 2021-12-29 | 2022-04-08 | 成都智明达电子股份有限公司 | Management method, equipment and medium for label Tag |
| CN114297107B (en) * | 2021-12-29 | 2024-05-24 | 成都智明达电子股份有限公司 | Label Tag management method, device and medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8959608B2 (en) | Single sign-on for a native application and a web application on a mobile device | |
| CN105323219B (en) | Method and device for verifying user account identity information | |
| US20190260777A1 (en) | Systems and methods for detecting and thwarting attacks on an it environment | |
| CN109784031B (en) | Account identity verification processing method and device | |
| CN111066284A (en) | Service certificate management method, terminal and server | |
| CN104954383A (en) | Application program login method and system | |
| EP3641261A1 (en) | Entrusted login method, related device and computer readable storage medium | |
| CN103095457A (en) | Login and verification method for application program | |
| CN111953668B (en) | Network security information processing method and device | |
| CN103581441A (en) | Mobile terminal tracking anti-theft system and method | |
| CN113191169A (en) | Terminal code scanning login method, device and system | |
| CN104363589A (en) | Identity authentication method, device and terminal | |
| US10581836B2 (en) | Method for accessing a service and a corresponding server | |
| CN104811304B (en) | Identity verification method and device | |
| CN105577621B (en) | Business operation verification method, device and system | |
| CN114285657B (en) | Firewall security policy change verification method and device | |
| CN111063061A (en) | Method, equipment and storage medium for using temporary password for intelligent door lock | |
| CN115099930A (en) | Financial business data processing method and device | |
| CN107347055B (en) | User information processing method and device, storage medium and server | |
| CN111178893B (en) | Anti-theft safety authentication method and device | |
| WO2011091538A1 (en) | Method, device and system for remote access of a mobile device | |
| CN113099453A (en) | Authentication method, device and equipment for access server and readable storage medium | |
| CN115422584A (en) | Data deformation method and device | |
| CN114697117A (en) | Verification method, device, scrambler and system based on positioning information | |
| CN102026197A (en) | Method and device for acquiring WAPI (wireless LAN authentication and privacy infrastructure) digital certificate |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |