Login method and device

文档序号：190854 发布日期：2021-11-02 浏览：24次中文

阅读说明：本技术 一种登录方法及装置 (Login method and device ) 是由黄文强徐晨敏訾志博于 2021-08-23 设计创作，主要内容包括：本发明提供了一种登录方法及装置,在用户连续两次在目标应用输入密码错误且两次输入密码相同的情况下,计算输入密码与正确密码之间的相似度,并计算输入密码与历史密码之间的相似度,从而根据输入密码与正确密码之间的相似度以及输入密码与历史密码之间的相似度,确定本次登录的密码风险等级,在本次登录的密码风险等级小于预设等级,即保证在安全范围内的前提下,基于与正确密码相似度较高和/或与历史密码相似度较高的错误密码登录目标应用的账号,为用户提供与本次登录的密码风险等级相对应的操作权限,解决用户由于忘记密码而无法登录账号获取操作权限的问题,有效提升了用户体验。(The invention provides a login method and a device, under the condition that a user inputs a password in a target application twice continuously and the passwords input twice are wrong and the passwords input twice are the same, the similarity between the input password and a correct password is calculated, the similarity between the input password and a historical password is calculated, so that the password risk level of the login is determined according to the similarity between the input password and the correct password and the similarity between the input password and the historical password, on the premise that the password risk level of the login is less than a preset level, namely, the security range is ensured, an account number of the target application is logged in based on a wrong password which has higher similarity with the correct password and/or higher similarity with the historical password, the operation permission corresponding to the password risk level of the login is provided for the user, and the problem that the user cannot log in the account number to obtain the operation permission because of forgetting the password is solved, user experience is effectively improved.)

1. A login method, comprising:

under the condition that the user inputs the password in the target application twice continuously and the password input twice is wrong and the password input twice is the same, calculating the similarity between the input password and the correct password and calculating the similarity between the input password and the historical password;

determining the password risk level of the login according to the similarity between the input password and the correct password and the similarity between the input password and the historical password;

logging in the account of the target application under the condition that the password risk level of the login is smaller than the preset level;

and under the condition that the user logs in the account of the target application, providing the user with an operation authority corresponding to the password risk level of the login in the target application.

2. The method of claim 1, wherein calculating the similarity between the input password and the historical password comprises:

calculating the similarity between the input password and the historical password;

acquiring the time length of the historical password which is not used any more;

and determining the reciprocal value of the time length of the historical password which is not used any more as a correction coefficient, and correcting the similarity between the input password and the historical password by using the correction coefficient to obtain the corrected similarity.

3. The method according to claim 1 or 2, wherein the determining the password risk level of the login according to the similarity between the input password and the correct password and the similarity between the input password and the historical password comprises:

according to the weight of the similarity between the input password and the correct password and the weight of the similarity between the input password and the historical password, carrying out weighted summation calculation on the similarity between the input password and the correct password and the similarity between the input password and the historical password to obtain the password similarity of the login;

and determining the password risk level corresponding to the password similarity of the login according to the preset corresponding relationship between the password similarity and the password risk level.

4. The method of claim 3, wherein setting a weight of similarity between the input password and the correct password and a weight of similarity between the input password and the historical password comprises:

acquiring login data of different users in a preset historical time period;

extracting preset login data from login data of different users in a preset historical time period, wherein the preset login data are login data which are obtained by inputting a password in a target application twice continuously, are wrong, are the same in the password input twice and are finally successfully logged in;

counting the probability that the similarity between the twice input passwords and the correct password in the preset login data is greater than a threshold value and the probability that the similarity between the twice input passwords and the historical password is greater than the threshold value;

and determining the probability that the similarity between the two input passwords and the correct password in the preset login data is greater than a threshold value as the weight of the similarity between the input passwords and the correct password, and determining the probability that the similarity between the two input passwords and the historical password is greater than the threshold value as the weight of the similarity between the input passwords and the historical password.

5. The method of claim 1, wherein in case that the user authorizes the target application to obtain login information of the reference application, the method further comprises:

prompting a user to log in the reference application, wherein the reference application and the target application are the same in application type and the same in password complexity level;

and under the condition that the user is determined to successfully log in the reference application, logging in an account of the target application by using a pre-stored account password of the user in the target application, and providing a preset operation permission in the target application for the user.

6. A login apparatus, comprising:

the similarity calculation unit is used for calculating the similarity between the input password and the correct password and calculating the similarity between the input password and the historical password under the condition that the user inputs the password in the target application twice continuously and the passwords input twice are the same;

the risk level determining unit is used for determining the risk level of the password logged in this time according to the similarity between the input password and the correct password and the similarity between the input password and the historical password;

the login judging unit is used for logging in the account of the target application under the condition that the password risk level of the login is smaller than a preset level;

and the operation authority providing unit is used for providing the operation authority corresponding to the password risk level of the login in the target application to the user under the condition that the user logs in the account of the target application.

7. The apparatus according to claim 6, wherein the similarity calculation unit is specifically configured to:

calculating the similarity between the input password and the historical password;

acquiring the time length of the historical password which is not used any more;

8. The apparatus according to claim 6 or 7, wherein the risk level determination unit is specifically configured to:

9. The apparatus according to claim 8, wherein the apparatus further comprises a weight setting unit, specifically configured to:

acquiring login data of different users in a preset historical time period;

10. The method of claim 6, wherein the apparatus further comprises an authorization log-in unit configured to:

prompting a user to log in a reference application under the condition that the target application is authorized by the user to obtain login information of the reference application, wherein the reference application and the target application are the same in application type and the reference application and the target application are the same in password complexity level;

Technical Field

The invention relates to the technical field of computers, in particular to a login method and a login device.

Background

With the development of internet technology, more and more websites and applications can be used by users. In order to protect the information security of the user, each website and each application require the user to register an account, and the user can complete login only by inputting a correct account and a correct password after registering the account, so that the corresponding account authority is obtained.

However, because a lot of account numbers are registered by the user, the user often enters wrong passwords because of forgetting the passwords, so that the user cannot acquire the corresponding account number authority, sometimes even the account number is frozen because of inputting the wrong passwords for many times, and inconvenience is brought to the user.

Disclosure of Invention

In view of this, the present invention provides a login method and device, which solve the problem that a user cannot log in an account to obtain an operation right because the user forgets a password.

In order to achieve the above purpose, the invention provides the following specific technical scheme:

a login method, comprising:

logging in the account of the target application under the condition that the password risk level of the login is smaller than the preset level;

Optionally, the calculating the similarity between the input password and the historical password includes:

calculating the similarity between the input password and the historical password;

acquiring the time length of the historical password which is not used any more;

Optionally, the determining the password risk level of the login according to the similarity between the input password and the correct password and the similarity between the input password and the historical password includes:

Optionally, setting a weight of a similarity between the input password and the correct password and a weight of a similarity between the input password and the historical password includes:

acquiring login data of different users in a preset historical time period;

Optionally, in a case that the user authorizes the target application to obtain login information of the reference application, the method further includes:

prompting a user to log in the reference application, wherein the reference application and the target application are the same in application type and the same in password complexity level;

A login apparatus, comprising:

the login judging unit is used for logging in the account of the target application under the condition that the password risk level of the login is smaller than a preset level;

Optionally, the similarity calculation unit is specifically configured to:

calculating the similarity between the input password and the historical password;

acquiring the time length of the historical password which is not used any more;

Optionally, the risk level determining unit is specifically configured to:

Optionally, the apparatus further includes a weight setting unit, specifically configured to:

acquiring login data of different users in a preset historical time period;

Optionally, the apparatus further includes an authorization login unit, configured to:

Compared with the prior art, the invention has the following beneficial effects:

the invention discloses a login method, which comprises the steps of calculating the similarity between an input password and a correct password under the condition that a user inputs the password in a target application twice continuously and the password input twice is the same, and calculating the similarity between the input password and a historical password, so as to determine the password risk level of the login according to the similarity between the input password and the correct password and the similarity between the input password and the historical password, and on the premise that the password risk level of the login is less than a preset level, namely in a safety range, on the basis of the account number of the target application which is logged in by an error password and has higher similarity with the correct password and/or higher similarity with the historical password, providing the operation permission corresponding to the password risk level of the login for the user, and solving the problem that the user cannot log in the account number to obtain the operation permission because the user forgets the password, user experience is effectively improved.

Drawings

In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.

Fig. 1 is a schematic flowchart of a login method according to an embodiment of the present invention;

fig. 2 is a schematic flow chart of a method for setting similarity weights according to an embodiment of the present invention;

FIG. 3 is a flowchart illustrating another exemplary login method according to an embodiment of the present invention;

fig. 4 is a schematic structural diagram of a login device according to an embodiment of the present invention.

Detailed Description

The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.

The inventor finds out through research that: if the user inputs the password twice continuously and the password input twice is the same, the user probably forgets the password, and if the user inputs the password twice continuously and the password input is the same and the similarity between the password input and the historical password is high, the user probably uses the historical password as the current password, under the condition, the problem that the login user is the user himself but cannot acquire the operation authority because the account cannot be logged in due to the wrong password occurs, and the user experience is influenced.

In order to solve the above technical problem, an embodiment of the present invention provides a login method, please refer to fig. 1, where the login method specifically includes the following steps:

s101: under the condition that the user inputs the password in the target application twice continuously and the password input twice is wrong and the password input twice is the same, calculating the similarity between the input password and the correct password and calculating the similarity between the input password and the historical password;

the method for calculating the similarity between the input password and the correct password may be various, for example, the similarity between the input password and the correct password is calculated according to the number of sequence dislocations of the characters of the input password and the correct password, the similarity between the input password and the correct password is calculated according to the number of different characters of the input password and the correct password, and the like, and is not limited herein.

Taking the mailbox password as an example, in order to ensure the mailbox security, the user is often required to modify the password periodically, so that the user may use the two passwords alternately, and in the process, the user may possibly forget which password is the current password. Therefore, it is necessary to calculate the similarity between the input password and the history password.

The historical password is a password used by the user before the user is applied to the target application, and when the user has a plurality of historical passwords, the historical password which is the latest time at present is used as the historical password for calculating the similarity.

The method for calculating the similarity between the input password and the historical password is similar to the method for calculating the similarity between the input password and the correct password, and is not described herein again.

Preferably, as the time of the historical password is shorter, that is, the time of the password which is not used any more is shorter, the user is easier to remember, and in order to more accurately measure the influence of the similarity between the input password and the historical password on the login, the embodiment corrects the similarity between the input password and the historical password by using the time of the historical password which is not used any more.

Specifically, after the similarity between the input password and the historical password is calculated, the time length of the historical password which is not used any more is obtained, the reciprocal value of the time length of the historical password which is not used any more is determined as a correction coefficient, and the correction coefficient is multiplied by the similarity between the input password and the historical password, that is, the similarity between the input password and the historical password is corrected by using the correction coefficient, so that the corrected similarity is obtained.

S102: determining the password risk level of the login according to the similarity between the input password and the correct password and the similarity between the input password and the historical password;

this embodiment provides two methods for determining the password risk level of the login:

method 1

Calculating the sum of the similarity between the input password and the correct password and the similarity between the input password and the historical password to obtain the password similarity of the login, and determining the password risk level corresponding to the password similarity of the login according to the preset corresponding relationship between the password similarity and the password risk level.

Method two

Firstly, setting the weight of the similarity between the input password and the correct password and the weight of the similarity between the input password and the historical password according to the login data of different users in a preset historical time period.

And then, according to the weight of the similarity between the input password and the correct password and the weight of the similarity between the input password and the historical password, carrying out weighted summation calculation on the similarity between the input password and the correct password and the similarity between the input password and the historical password to obtain the password similarity of the login.

And finally, determining the password risk level corresponding to the password similarity of the login according to the preset corresponding relationship between the password similarity and the password risk level.

Referring to fig. 2, the method for setting the similarity weight disclosed in this embodiment includes the following steps:

s201: acquiring login data of different users in a preset historical time period;

s202: extracting preset login data from login data of different users in a preset historical time period, wherein the preset login data are login data which are obtained by inputting a password in a target application twice continuously, are wrong, are the same in the password input twice and are finally successfully logged in;

s203: counting the probability that the similarity between the two input passwords and the correct password in the preset login data is greater than a threshold value and the probability that the similarity between the two input passwords and the historical password is greater than the threshold value;

s204: and determining the probability that the similarity between the two input passwords and the correct password in the preset login data is greater than a threshold value as the weight of the similarity between the input passwords and the correct password, and determining the probability that the similarity between the two input passwords and the historical password is greater than the threshold value as the weight of the similarity between the input passwords and the historical password.

It can be understood that the similarity weight represents the importance degree of the similarity in calculating the final password similarity, and the higher the probability that the similarity between the two input passwords and the correct password in the preset login data is greater than the threshold value, the higher the importance degree of the similarity between the two input passwords and the correct password in calculating the final password similarity is.

S103: logging in an account of the target application under the condition that the password risk level of the login is smaller than the preset level;

s104: and under the condition that the user logs in the account of the target application, providing the user with an operation authority corresponding to the password risk level of the login in the target application.

Taking a target application as a mobile phone bank behavior example, when the password risk level is lower, only providing information inquiry authority for a user, such as account balance inquiry, balance record and the like; when the password risk level is higher than a bit, providing a lower amount transfer authority for the user on the basis of providing the information inquiry authority for the user; and when the password risk level is higher, providing higher amount transfer authority for the user on the basis of providing the information inquiry authority for the user.

It should be noted that, because the input password is not the correct password, even if the similarity between the input password and the correct password is higher, all the permissions of the account cannot be provided for the security of the account of the user, and when the fund transaction is involved, the fund transaction amount of the account needs to be controlled according to the password risk level of the login.

Further, when a user urgently needs to log in an account and uses a higher authority of the account, the embodiment provides a login method, and when the user authorizes a target application to obtain login information of a reference application, the user logs in the reference application to verify the identity of the user, so that the account of the target application is quickly logged in to obtain the higher operation authority of the account of the target application, wherein the reference application and the target application are the same in application type and the same in password complexity level, the target application is taken as a mobile phone bank behavior example, the reference application can be a mobile phone bank application of a bank other than the target application, the target application is taken as a shopping application for example, and the reference application can be other shopping applications other than the target application.

Specifically, after the user authorizes the target application to obtain the login information of the reference application, it is necessary to determine whether the reference application meets the requirement, specifically, a list of applications of the same type as the target application in the existing application is preset, and if the reference application is in the list, it is determined that the reference application authorized by the user is of the same type as the target application. And then acquiring the password format of the reference application, including the password length and the character types forming the password, and if the reference application and the target application both require the password to be more than 8 bits and must include numbers, symbols and letters, determining that the password complexity level of the reference application and the target application authorized by the user is the same.

Referring to fig. 3, a login method disclosed in this embodiment includes the following steps:

s301: under the condition that the user inputs the password in the target application twice continuously and the password input twice is wrong and the password input twice is the same, calculating the similarity between the input password and the correct password and calculating the similarity between the input password and the historical password;

s302: determining the password risk level of the login according to the similarity between the input password and the correct password and the similarity between the input password and the historical password;

s303: judging whether the password grade of the login is smaller than a preset grade or not;

and under the condition that the password risk level of the login is smaller than the preset level, S304: logging in an account of the target application;

in the case where the user has logged in to the account of the target application, S305: providing an operation authority corresponding to the password risk level of the login in the target application for the user;

under the condition that the password risk level of the login is not less than the preset level, S306: prompting the user that the user cannot log in the account of the target application;

s307: prompting a user to log in the reference application under the condition that the user authorizes the target application to obtain the login information of the reference application;

s308: and under the condition that the user successfully logs in the reference application, logging in an account of the target application by using a pre-stored account password of the user in the target application, and providing a preset operation authority in the target application for the user.

It can be seen that, in the login method disclosed in this embodiment, when the user inputs the password in the target application twice in succession and the passwords input twice are the same, the similarity between the input password and the correct password is calculated, and the similarity between the input password and the historical password is calculated, so as to determine the password risk level of the login according to the similarity between the input password and the correct password and the similarity between the input password and the historical password, and on the premise that the password risk level of the login is smaller than the preset level, i.e. within the safety range, the account of the target application is logged in based on the wrong password with higher similarity to the correct password and/or higher similarity to the historical password, the operation permission corresponding to the password risk level of the login is provided for the user, and the problem that the user cannot log in the account to obtain the operation permission because the user forgets the password is solved, user experience is effectively improved.

Meanwhile, when the password risk level of the login is high and the user urgently needs to login the account and has a high account use right, the user login reference application is used for verifying the identity of the user under the condition that the user authorizes the target application to obtain login information of the reference application, so that the account of the target application is quickly logged in, the high operation right of the account of the target application is obtained, and the user experience is effectively improved.

Based on the login method disclosed in the above embodiments, this embodiment correspondingly discloses a login device, please refer to fig. 4, and the device includes:

a similarity calculation unit 401, configured to calculate a similarity between an input password and a correct password and calculate a similarity between the input password and a historical password when a user inputs an incorrect password and inputs the same password twice in a target application;

a risk level determining unit 402, configured to determine a risk level of the password logged in this time according to a similarity between the input password and the correct password and a similarity between the input password and the historical password;

a login judging unit 403, configured to log in an account of the target application when the password risk level of the current login is smaller than a preset level;

an operation authority providing unit 404, configured to provide, to a user, an operation authority corresponding to a password risk level of the login in the target application when the user has logged in the account of the target application.

Optionally, the similarity calculation unit 401 is specifically configured to:

calculating the similarity between the input password and the historical password;

acquiring the time length of the historical password which is not used any more;

Optionally, the risk level determining unit 402 is specifically configured to:

Optionally, the apparatus further includes a weight setting unit, specifically configured to:

acquiring login data of different users in a preset historical time period;

Optionally, the apparatus further includes an authorization login unit, configured to:

The login device disclosed in this embodiment calculates the similarity between the input password and the correct password and calculates the similarity between the input password and the historical password under the condition that the user inputs the password in the target application twice and twice in succession, so as to determine the password risk level of the login according to the similarity between the input password and the correct password and the similarity between the input password and the historical password, and provides the user with the operation permission corresponding to the password risk level of the login on the basis of the account number of the target application logged in the wrong password which has higher similarity with the correct password and/or higher similarity with the historical password on the premise that the password risk level of the login is less than the preset level, that is, the password is guaranteed to be within the safety range, thereby solving the problem that the user cannot log in the account number to obtain the operation permission because the user forgets the password, user experience is effectively improved.

The embodiments in the present description are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other. The device disclosed by the embodiment corresponds to the method disclosed by the embodiment, so that the description is simple, and the relevant points can be referred to the method part for description.

It is further noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.

The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. A software module may reside in Random Access Memory (RAM), memory, Read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.

The above embodiments can be combined arbitrarily, and the features described in the embodiments in the present specification can be replaced or combined with each other in the above description of the disclosed embodiments, so that those skilled in the art can implement or use the present application.

The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

13页详细技术资料下载

Login method and device

相关技术

网友询问留言