Movatterモバイル変換

[0]ホーム
URL:

TWI883420B - Terminal device and password verification method - Google Patents

Terminal device and password verification methodDownload PDF

Info

Publication number
TWI883420B
TWI883420BTW112113183ATW112113183ATWI883420BTW I883420 BTWI883420 BTW I883420BTW 112113183 ATW112113183 ATW 112113183ATW 112113183 ATW112113183 ATW 112113183ATW I883420 BTWI883420 BTW I883420B
Authority
TW
Taiwan
Prior art keywords
password
fabricated
processor
characters
string
Prior art date
Application number
TW112113183A
Other languages
Chinese (zh)
Other versions
TW202441920A (en
Inventor
王鼎元
莊子宜
梁景皓
Original Assignee
宏正自動科技股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 宏正自動科技股份有限公司filedCritical宏正自動科技股份有限公司
Priority to TW112113183ApriorityCriticalpatent/TWI883420B/en
Priority to CN202310818729.9Aprioritypatent/CN118785146A/en
Publication of TW202441920ApublicationCriticalpatent/TW202441920A/en
Application grantedgrantedCritical
Publication of TWI883420BpublicationCriticalpatent/TWI883420B/en

Links

Images

Classifications

Landscapes

Abstract

A terminal device includes an input circuit, a memory and a processor. The input circuit is configured to receive a correct registration passwordinput by an user. The memory is configured to store a client program and an encrypted module. The processor is coupled to the input device and the memory, and is communicatively connected to a server. When the processor executes the client program to generate a login page, the processor is configured to identify a password input event, in response to the password input event, the processor is configured to convert the correct registration passwordinto a modified registration password according to the encrypted module. The processor is configured to store the modified registration password in the memory, and send the modified registration password to the server for verification.

Description

Translated fromChinese
終端裝置與密碼驗證方法Terminal device and password verification method

本揭示內容關於一種驗證密碼的技術,特別是關於一種終端裝置及其驗證方式。The present disclosure relates to a technology for verifying passwords, and more particularly to a terminal device and a verification method thereof.

近年來,隨著網路技術的發展,越來越多的網路服務與人們生活相結合,成為日常生活中不可或缺的一部分。為確認使用者身分以保護使用者使用網路服務的資料,每個網路服務皆會要求使用者設定登入帳號及密碼,而每個網路服務的密碼設定規則不盡相同。大部分使用者會將密碼儲存於終端設備或雲端,以避免忘記密碼而無法登入網路服務。然而,此一儲存密碼之舉動,也造成密碼遭人竊取之風險,現行避免方式只能由使用者自行記憶密碼,對使用者而言實為一大負擔。因此,如何有效保護使用者的網路身份,以確保數位資料的安全及隱私,但又不產生使用者「必須自行記憶密碼」的負擔,成為了當前一個重要課題。In recent years, with the development of Internet technology, more and more Internet services have been integrated into people's lives and become an indispensable part of daily life. In order to confirm the identity of users and protect the data of users using Internet services, each Internet service requires users to set up a login account and password, and the password setting rules of each Internet service are different. Most users will store their passwords on terminal devices or in the cloud to avoid forgetting passwords and being unable to log in to Internet services. However, this act of storing passwords also creates the risk of passwords being stolen. The current way to avoid this is for users to memorize their passwords themselves, which is a huge burden for users. Therefore, how to effectively protect users' online identities to ensure the security and privacy of digital data without forcing users to remember their passwords has become an important issue.

本揭示內容係關於一種終端裝置,包含輸入電路、記憶體及處理器。輸入電路用以接收使用者輸入之正確註冊密碼。記憶體用以儲存客戶端程式及加密模組。處理器耦接於輸入電路及記憶體,且通訊連接於伺服器。當處理器運行客戶端程式以產生登入頁面時,處理器用以辨識密碼輸入事件,且用以響應於該密碼輸入事件,依據加密模組將正確註冊密碼轉換為編造字元串,且將編造字元串儲存於記憶體中。在正確註冊密碼被轉換為編造字元串後,處理器將編造字元串發送給伺服器進行驗證。The disclosure is about a terminal device, including an input circuit, a memory and a processor. The input circuit is used to receive a correct registration password input by a user. The memory is used to store a client program and an encryption module. The processor is coupled to the input circuit and the memory, and is communicatively connected to a server. When the processor runs the client program to generate a login page, the processor is used to identify a password input event, and is used to respond to the password input event, convert the correct registration password into a fabricated string according to the encryption module, and store the fabricated string in the memory. After the correct registration password is converted into the fabricated string, the processor sends the fabricated string to the server for verification.

本揭示內容還關於一種密碼驗證方法,包含:透過處理器所運行之客戶端程式,產生登入頁面,其中登入頁面包含密碼欄位;透過輸入電路,於密碼欄位輸入正確註冊密碼;辨識出密碼輸入事件,依據加密模組將正確註冊密碼轉換為編造字元串;將編造字元串儲存於客戶端程式或記憶體中;以及透過客戶端程式將編造字元串傳送給一伺服器進行驗證。The disclosure also relates to a password verification method, including: generating a login page through a client program run by a processor, wherein the login page includes a password field; inputting a correct registered password into the password field through an input circuit; identifying a password input event, converting the correct registered password into a fabricated character string according to an encryption module; storing the fabricated character string in a client program or memory; and transmitting the fabricated character string to a server for verification through the client program.

據此,由於終端裝置可在客戶端程式發送正確註冊密碼前,將正確註冊密碼轉換為編造字元串並儲存編造字元串,因此,可避免正確註冊密碼被客戶端程式或終端裝置內之其他程式所紀錄,以提昇使用網路服務的安全性。Accordingly, since the terminal device can convert the correct registration password into a fabricated string and store the fabricated string before the client program sends the correct registration password, it is possible to prevent the correct registration password from being recorded by the client program or other programs in the terminal device, thereby improving the security of using network services.

以下將以圖式揭露本發明之複數個實施方式,為明確說明起見,許多實務上的細節將在以下敘述中一併說明。然而,應瞭解到,這些實務上的細節不應用以限制本發明。也就是說,在本發明部分實施方式中,這些實務上的細節是非必要的。此外,為簡化圖式起見,一些習知慣用的結構與元件在圖式中將以簡單示意的方式繪示之。The following will disclose multiple embodiments of the present invention with drawings. For the purpose of clarity, many practical details will be described together in the following description. However, it should be understood that these practical details should not be used to limit the present invention. In other words, in some embodiments of the present invention, these practical details are not necessary. In addition, in order to simplify the drawings, some commonly used structures and components will be shown in the drawings in a simple schematic manner.

於本文中,當一元件被稱為「連接」或「耦接」時,可指「電性連接」或「電性耦接」。「連接」或「耦接」亦可用以表示二或多個元件間相互搭配操作或互動。此外,雖然本文中使用「第一」、「第二」、…等用語描述不同元件,該用語僅是用以區別以相同技術用語描述的元件或操作。除非上下文清楚指明,否則該用語並非特別指稱或暗示次序或順位,亦非用以限定本發明。In this document, when an element is referred to as "connected" or "coupled", it may refer to "electrically connected" or "electrically coupled". "Connected" or "coupled" may also be used to indicate that two or more elements cooperate with each other or interact with each other. In addition, although the terms "first", "second", etc. are used in this document to describe different elements, the terms are only used to distinguish between elements or operations described with the same technical terms. Unless the context clearly indicates otherwise, the terms do not specifically refer to or imply an order or sequence, nor are they used to limit the present invention.

第1圖為根據本揭示內容之部份實施例之密碼驗證系統S的示意圖。密碼驗證系統S包含伺服器100及至少一個終端裝置200(如:電腦、智慧型手機)。終端裝置200可透過網際網路N通訊連接至伺服器100。FIG. 1 is a schematic diagram of a password verification system S according to some embodiments of the present disclosure. The password verification system S includes a server 100 and at least one terminal device 200 (such as a computer or a smart phone). Theterminal device 200 can be connected to the server 100 via the Internet N.

伺服器100具有用戶資料庫DB,用戶資料庫DB內儲存有複數筆用戶資料(如:每筆用戶資料可包含帳號、密碼、個人資訊等)。當終端裝置200連線至伺服器100,且伺服器100判斷終端裝置200上傳的驗證資料與其中一筆用戶資料相符時,伺服器100用以提供網路服務至終端裝置200,例如:電子郵件、網路地圖、網路銀行、網路遊戲等。The server 100 has a user database DB, and the user database DB stores a plurality of user data (e.g., each user data may include an account number, a password, personal information, etc.). When theterminal device 200 is connected to the server 100, and the server 100 determines that the verification data uploaded by theterminal device 200 matches one of the user data, the server 100 is used to provide network services to theterminal device 200, such as e-mail, online maps, online banking, online games, etc.

終端裝置200上傳驗證資料以供伺服器100確認身份的過程稱為「驗證程序」。在驗證程序中,驗證資料包含帳號及密碼,驗證資料的帳號及密碼必須與用戶資料庫DB中某筆用戶資料的帳號及密碼完全對應,才通過驗證。然而,在使用者透過終端裝置200上傳驗證資料的過程中,終端裝置200會紀錄使用者輸入的資訊(如:使用者輸入帳號和密碼的過程中,帳號和密碼會暫時被儲存於快取記憶體中,或客戶端程式的「密碼記憶」功能會記錄帳號和密碼),而這些被紀錄的帳號和密碼將有可能遭人窺視、或因為病毒或駭客攻擊而洩漏。因此,本揭示內容的其中一個目的即為提昇驗證資料的安全性。The process of theterminal device 200 uploading the verification data for the server 100 to confirm the identity is called "verification procedure". In the verification procedure, the verification data includes an account number and a password. The account number and password of the verification data must completely correspond to the account number and password of a certain user data in the user database DB to pass the verification. However, when the user uploads the verification data through theterminal device 200, theterminal device 200 will record the information entered by the user (e.g., when the user enters the account number and password, the account number and password will be temporarily stored in the cache memory, or the "password memory" function of the client program will record the account number and password), and these recorded accounts and passwords may be viewed by others or leaked due to viruses or hacker attacks. Therefore, one of the purposes of the present disclosure is to improve the security of the verification data.

第2圖所示為根據本揭示內容之部份實施例的終端裝置200示意圖。終端裝置200包含輸入電路210、記憶體220、通訊電路230及處理器240。輸入電路210用以根據使用者的操作產生字元資料。在一實施例中,輸入電路可為一種輸入裝置(如:鍵盤),包含複數個按鍵,且用以將使用者對於按鍵的操作轉換為字元資料。在另一實施例中,輸入電路可為一種觸控式螢幕,用於將使用者的觸碰動作(如:點擊對應於虛擬鍵盤的位置)轉換為字元資料。由於本領域人士能理解利用鍵盤或觸控螢幕等輸入裝置輸入密碼的方式,故在此即不贅述。FIG. 2 is a schematic diagram of aterminal device 200 according to some embodiments of the present disclosure. Theterminal device 200 includes aninput circuit 210, amemory 220, acommunication circuit 230, and aprocessor 240. Theinput circuit 210 is used to generate character data according to the user's operation. In one embodiment, the input circuit can be an input device (such as a keyboard) including a plurality of keys, and is used to convert the user's operation on the keys into character data. In another embodiment, the input circuit can be a touch screen, which is used to convert the user's touch action (such as clicking on the position corresponding to the virtual keyboard) into character data. Since those skilled in the art can understand the method of inputting a password using an input device such as a keyboard or a touch screen, it will not be elaborated here.

記憶體220用以儲存客戶端程式220A(如:瀏覽器程式或網路遊戲客戶端程式)及加密模組220B,客戶端程式220A用以在連線至伺服器100上運行的伺服器端程式(如:網站、網路遊戲伺服器端程式)時,接收伺服器100提供的頁面資料,以產生對應的網頁。加密模組220B可為一種加密演算法或一種加解密用之金鑰,用以對輸入電路210輸入的正確註冊密碼進行轉換,具體方式將於後續段落中詳述。Thememory 220 is used to store theclient program 220A (such as a browser program or an online game client program) and theencryption module 220B. Theclient program 220A is used to receive the page data provided by the server 100 when connected to the server program (such as a website, an online game server program) running on the server 100 to generate a corresponding web page. Theencryption module 220B can be an encryption algorithm or a key for encryption and decryption, which is used to convert the correct registration password input by theinput circuit 210, and the specific method will be described in detail in the following paragraphs.

記憶體220可包含但不限於快閃(flash)記憶體、硬碟(HDD)、固態硬碟(SSD)、動態隨機存取記憶體(DRAM)或靜態隨機存取記憶體(SRAM)。記憶體220可為多個不同記憶裝置的組合,而不僅限於單一個記憶裝置,例如客戶端程式220A儲存於固態硬碟、加密模組220B則儲存於快閃記憶體或暫存器中。Thememory 220 may include, but is not limited to, a flash memory, a hard disk (HDD), a solid state drive (SSD), a dynamic random access memory (DRAM), or a static random access memory (SRAM). Thememory 220 may be a combination of multiple different memory devices, not limited to a single memory device, for example, theclient program 220A is stored in a solid state drive, and theencryption module 220B is stored in a flash memory or a register.

通訊電路230用以連線至網際網路N,以使終端裝置200可連線至伺服器100。在一實施例中,通訊電路230可透過實體線路(如:網路線)或無線通訊(如:Wi-Fi)連接至網路設備(如:路由器),以連線至網際網路N。Thecommunication circuit 230 is used to connect to the Internet N so that theterminal device 200 can be connected to the server 100. In one embodiment, thecommunication circuit 230 can be connected to a network device (such as a router) through a physical line (such as a network cable) or wireless communication (such as Wi-Fi) to connect to the Internet N.

處理器240耦接於輸入電路210、記憶體220及通訊電路230,且透過通訊電路230通訊連接於伺服器100。在處理器240運行客戶端程式220A時,終端裝置200可與伺服器100進行資料傳輸,以將伺服器100提供的網路功能呈現於顯示器(如:與處理器240相耦接的顯示螢幕)上。Theprocessor 240 is coupled to theinput circuit 210, thememory 220 and thecommunication circuit 230, and is communicatively connected to the server 100 via thecommunication circuit 230. When theprocessor 240 runs theclient program 220A, theterminal device 200 can transmit data with the server 100 to present the network function provided by the server 100 on a display (e.g., a display screen coupled to the processor 240).

具體而言,當處理器240連線到伺服器100且運行客戶端程式220A時,處理器240會傳送登入請求資料至伺服器100。此時,伺服器100將根據處理器240的請求,回傳頁面資料及加密模組220B至終端裝置200。處理器240會將加密模組220B儲存至記憶體220,且根據頁面資料,透過客戶端程式220A產生並顯示出登入頁面(如:電子郵件服務的登入頁面)。在一些實施例中,處理器240僅需請求伺服器100傳送加密模組220B,換言之,處理器240可透過執行客戶端程式220A直接顯示出登入頁面(如:網路遊戲的登入頁面)。Specifically, when theprocessor 240 is connected to the server 100 and runs theclient program 220A, theprocessor 240 sends a login request data to the server 100. At this time, the server 100 returns the page data and theencryption module 220B to theterminal device 200 according to the request of theprocessor 240. Theprocessor 240 stores theencryption module 220B in thememory 220, and generates and displays a login page (such as a login page of an email service) through theclient program 220A according to the page data. In some embodiments, theprocessor 240 only needs to request the server 100 to transmit theencryption module 220B. In other words, theprocessor 240 can directly display the login page (such as the login page of an online game) by executing theclient program 220A.

第3圖所示為根據本揭示內容之部份實施例之登入頁面300的示意圖。登入頁面300包含多個欄位,例如帳號欄位310、密碼欄位320及驗證鈕330。處理器240可依據自輸入電路210接收到的指令,在帳號欄位310中填入帳號,且在密碼欄位320中填入一個「正確註冊密碼」(即,與用戶資料庫DB中其中一筆用戶資料的密碼相對應的字元組合),例如第3圖所示之「password」。在輸入帳號與正確註冊密碼的過程中,處理器240辨識出發生密碼輸入事件,此時,處理器240將響應於密碼輸入事件,利用加密模組220B將正確註冊密碼轉換為另一個「編造字元串」。編造字元串與正確註冊密碼不會完全相同。在正確註冊密碼被轉換為編造字元串後,處理器240會將帳號與編造字元串作為驗證資料發送給伺服器100進行驗證。FIG. 3 is a schematic diagram of alogin page 300 according to some embodiments of the present disclosure. Thelogin page 300 includes a plurality of fields, such as anaccount field 310, apassword field 320, and a verification button 330. Theprocessor 240 may fill in an account in theaccount field 310 and a "correct registration password" (i.e., a character combination corresponding to a password of one of the user data in the user database DB) in thepassword field 320 according to the instruction received from theinput circuit 210, such as "password" shown in FIG. 3. During the process of inputting the account number and the correct registration password, theprocessor 240 recognizes that a password input event has occurred. At this time, theprocessor 240 will respond to the password input event and use theencryption module 220B to convert the correct registration password into another "fabricated string". The fabricated string is not exactly the same as the correct registration password. After the correct registration password is converted into the fabricated string, theprocessor 240 will send the account number and the fabricated string as verification data to the server 100 for verification.

在一些實施例中,處理器240可在將正確註冊密碼轉換為編造字元串後,主動將儲存於記憶體220(如:暫存器或快取記憶體內的暫存資料)中的正確註冊密碼刪除。此外,處理器240還可將編造字元串儲存於記憶體220中,或者由客戶端程式220A擷取/儲存編造字元串,以確保正確註冊密碼不會被紀錄/保留於終端裝置200內。In some embodiments, theprocessor 240 may actively delete the correct registration password stored in the memory 220 (e.g., temporary data in a register or cache) after converting the correct registration password into the fabricated string. In addition, theprocessor 240 may also store the fabricated string in thememory 220, or theclient program 220A may capture/store the fabricated string to ensure that the correct registration password is not recorded/retained in theterminal device 200.

本揭示內容係在處理器240透過客戶端程式220A傳送驗證資料至伺服器100之前,將正確註冊密碼轉換為編造字元串,因此,客戶端程式220A或者終端裝置200內的其他電路或暫存器只會擷取、紀錄或儲存編造字元串,而不會紀錄正確註冊密碼。據此,不僅可避免正確註冊密碼外洩的風險,且即便有駭客竊取記憶體220中儲存的資料,亦僅能取得編造字元串。The present disclosure converts the correct registration password into a fabricated string before theprocessor 240 transmits the verification data to the server 100 via theclient program 220A. Therefore, theclient program 220A or other circuits or registers in theterminal device 200 will only capture, record or store the fabricated string, but will not record the correct registration password. In this way, not only can the risk of leakage of the correct registration password be avoided, but even if a hacker steals the data stored in thememory 220, only the fabricated string can be obtained.

在前述實施例中,終端裝置200係從伺服器100接收並儲存加密模組220B,但在其他實施例中,加密模組220B亦可直接設定於終端裝置200的韌體中、或者從其他裝置接收。In the aforementioned embodiment, theterminal device 200 receives and stores theencryption module 220B from the server 100, but in other embodiments, theencryption module 220B may also be directly set in the firmware of theterminal device 200 or received from other devices.

第4圖所示為根據本揭示內容之部份實施例之密碼驗證方法的步驟流程圖。在此根據第1~3圖所示之密碼驗證系統S,說明密碼驗證方法如後。在步驟401中,終端裝置200之處理器240運行客戶端程式220A,且透過通訊電路230連線至伺服器100,以傳送登入請求資料至伺服器100。在一些實施例中,終端裝置200傳送的登入請求資料中包含了終端裝置200的媒體存取控制位址(Media Access Control Address,以下簡稱MAC位址)或硬體機碼。MAC位址或硬體機碼為用以代表/辨識終端裝置200的唯一碼。FIG. 4 is a flowchart of the steps of a password verification method according to some embodiments of the present disclosure. The password verification method is described below based on the password verification system S shown in FIGS. 1 to 3. Instep 401, theprocessor 240 of theterminal device 200 runs theclient program 220A and is connected to the server 100 through thecommunication circuit 230 to transmit the login request data to the server 100. In some embodiments, the login request data transmitted by theterminal device 200 includes the Media Access Control Address (hereinafter referred to as MAC address) or hardware code of theterminal device 200. The MAC address or hardware code is a unique code used to represent/identify theterminal device 200.

在步驟402中,處理器240透過通訊電路230,接收伺服器100回傳的頁面資料,以根據頁面資料,透過客戶端程式220A產生登入頁面300。如前所述,登入頁面300包含帳號欄位310、密碼欄位320及驗證鈕330。在一些實施例中,處理器240會同時接收伺服器100提供的加密模組220B,且將加密模組220B儲存於記憶體220中。Instep 402, theprocessor 240 receives the page data returned by the server 100 through thecommunication circuit 230, and generates thelogin page 300 through theclient program 220A according to the page data. As mentioned above, thelogin page 300 includes anaccount field 310, apassword field 320, and a verification button 330. In some embodiments, theprocessor 240 simultaneously receives theencryption module 220B provided by the server 100 and stores theencryption module 220B in thememory 220.

在步驟403中,輸入電路210針對登入頁面300的多個欄位輸入帳號及密碼。具體而言,透過使用者的操作,輸入電路210於帳號欄位310輸入帳號,以及於密碼欄位320輸入正確註冊密碼。Instep 403 , theinput circuit 210 inputs the account number and password for multiple fields of thelogin page 300 . Specifically, through the user's operation, theinput circuit 210 inputs the account number in theaccount field 310 and inputs the correct registration password in thepassword field 320 .

在步驟404中,在帳號與正確註冊密碼被輸入至登入頁面300的過程中,或者在驗證資料準備被發送至伺服器100之前,處理器240會響應於「正確註冊密碼的輸入或即將輸出」辨識出密碼輸入事件。密碼輸入事件的產生時機可為正在輸入正確註冊密碼、或者即將發送正確註冊密碼。響應於密碼輸入事件,處理器240將使用加密模組220B,將正確註冊密碼轉換為編造字元串。Instep 404, when the account and the correct registration password are input into thelogin page 300, or before the verification data is ready to be sent to the server 100, theprocessor 240 will identify the password input event in response to "the correct registration password is input or is about to be input". The password input event may be generated when the correct registration password is being input or is about to be sent. In response to the password input event, theprocessor 240 will use theencryption module 220B to convert the correct registration password into a fabricated string.

「密碼輸入事件」的產生及辨識方式將於後續段落中詳述,在此先說明轉換正確註冊密碼的方式。正確註冊密碼可包含多個第一字元,在此舉例正確註冊密碼為「1234」,即包含四個第一字元。在一實施例中,加密模組220B可為一種加密演算法(如:雜湊演算法),以將正確註冊密碼「1234」轉換為更複雜的字元組合。在另一實施例中,加密模組220B可為一種轉換算式,例如「X+1=Y」的算式,或者「將數字轉換為對應順序的英文字」的轉換邏輯式。處理器240將正確註冊密碼中的多個第一字元依序代入前述算式後,即可產生/取得編造字元串的複數個第二字元,例如:「abcd」。The generation and identification method of "password input event" will be described in detail in the following paragraphs. Here, the method of converting the correct registration password is described. The correct registration password may include multiple first characters. In this example, the correct registration password is "1234", which includes four first characters. In one embodiment, theencryption module 220B can be an encryption algorithm (such as a hash algorithm) to convert the correct registration password "1234" into a more complex character combination. In another embodiment, theencryption module 220B can be a conversion formula, such as the formula "X+1=Y", or the conversion logic of "converting numbers into English letters in corresponding order". After theprocessor 240 sequentially substitutes the first characters in the correct registration password into the aforementioned formula, it can generate/obtain the second characters of the fabricated string, for example: "abcd".

在另一實施例中,伺服器100及終端裝置200皆事先儲存有相對應的加密演算法或轉換算式,因此伺服器100提供給終端裝置200的加密模組220B可僅為加解密用之金鑰(如:前述算式「X+1=Y」中的「1」)。In another embodiment, the server 100 and theterminal device 200 both store corresponding encryption algorithms or conversion formulas in advance, so theencryption module 220B provided by the server 100 to theterminal device 200 can only be a key for encryption and decryption (such as the "1" in the aforementioned formula "X+1=Y").

此外,在一實施例中,處理器240會在正確註冊密碼被轉換為編造字元串後,將正確註冊密碼刪除,同時將編造字元串儲存於記憶體220或客戶端程式220A中,以確保終端裝置200內不會保留正確註冊密碼。In addition, in one embodiment, theprocessor 240 deletes the correct registration password after the correct registration password is converted into the fabricated string, and stores the fabricated string in thememory 220 or theclient program 220A to ensure that the correct registration password is not retained in theterminal device 200.

在步驟405中,在正確註冊密碼被轉換為編造字元串後,處理器240會透過客戶端程式220A,將帳號與編造字元串作為驗證資料傳送給伺服器100進行驗證。伺服器100利用解密模組將編造字元串轉換回正確註冊密碼後後,若判斷驗證資料與用戶資料庫DB中的資料相符,則會通知終端裝置200通過驗證程序,且會提供相應的網路服務。Instep 405, after the correct registration password is converted into a fabricated string, theprocessor 240 transmits the account and the fabricated string as verification data to the server 100 for verification through theclient program 220A. After the server 100 converts the fabricated string back into the correct registration password using a decryption module, if it is determined that the verification data matches the data in the user database DB, it will notify theterminal device 200 that the verification process has passed and provide corresponding network services.

在此說明「密碼輸入事件」的產生及辨識方式,在一實施例中,當輸入電路210針對密碼欄位320輸入任何觸擊訊號,準備將正確註冊密碼輸入至密碼欄位320時,處理器240會辨識發生了密碼輸入事件。Here, the generation and identification method of the "password input event" is described. In one embodiment, when theinput circuit 210 inputs any touch signal to thepassword field 320 and is ready to input the correct registration password into thepassword field 320, theprocessor 240 will recognize that a password input event has occurred.

承上,如第3圖所示,密碼輸入事件可以是使用者以滑鼠或以手指觸控點擊密碼欄位320。在一實施例中,當處理器240辨識出密碼輸入事件時,處理器240會將正確註冊密碼的多個第一字元逐一地轉換為編造字元串的第二字元,且處理器240會在刪除第一個第一字元後,才繼續處理第二個第二字元的轉換。As shown in FIG. 3 , the password input event may be a user clicking thepassword field 320 with a mouse or a finger. In one embodiment, when theprocessor 240 recognizes the password input event, theprocessor 240 converts the first characters of the correct registration password into the second characters of the fabricated string one by one, and theprocessor 240 deletes the first first character before continuing to process the conversion of the second second character.

換言之,處理器240將正確註冊密碼中的第一個第一字元(如:「1」)轉換為編造字元串中的第一個第二字元(如:「a」),並將編造字元串中的第一個第二字元輸入至密碼欄位320。接著,在編造字元串中的第一個第二字元被輸入至密碼欄位320後,處理器240才接收並轉換正確註冊密碼的第二個第一字元(如:「2」)為編造字元串中的第二個字元(如:「b」),且將編造字元串中的第二個第二字元輸入至密碼欄位320。In other words, theprocessor 240 converts the first first character (e.g., "1") in the correct registration password into the first second character (e.g., "a") in the fabricated string, and inputs the first second character in the fabricated string into thepassword field 320. Then, after the first second character in the fabricated string is input into thepassword field 320, theprocessor 240 receives and converts the second first character (e.g., "2") in the correct registration password into the second character (e.g., "b") in the fabricated string, and inputs the second second character in the fabricated string into thepassword field 320.

舉例而言,若加密方式為前述「將數字轉換為對應順序的英文字」的轉換邏輯式,且正確註冊密碼為「1234」,當使用者輸入「1」時,處理器240會即時將「1」轉換為「a」,而密碼欄位320中只會被填入「a」(「1」會被刪除)。接著,當使用者輸入「2」時,處理器240會以相同方式轉換第二個的第一字元「2」,將其轉換為「b」,以此類推,直到轉換完正確註冊密碼中的所有第一字元。For example, if the encryption method is the aforementioned conversion logic of "converting numbers into English letters in corresponding order", and the correct registration password is "1234", when the user enters "1", theprocessor 240 will immediately convert "1" into "a", and only "a" will be filled in the password field 320 ("1" will be deleted). Then, when the user enters "2", theprocessor 240 will convert the second first character "2" in the same way and convert it into "b", and so on, until all the first characters in the correct registration password are converted.

請參閱第3圖所示,在「逐一轉換正確註冊密碼」的實施例中,登入頁面300還包含檢查鈕340。響應於檢查鈕340的觸發(如:使用者以滑鼠或以手指觸控點擊檢查鈕340),處理器240將改變密碼欄位320的字元顯示方式(即,隱藏密碼或顯示密碼),將密碼欄位320中的編造字元串還原並顯示為正確註冊密碼,或者將密碼欄位320中的編造字元串遮蔽(如:以黑色圓點表示)。Please refer to FIG. 3 , in the embodiment of “converting correct registered passwords one by one”, thelogin page 300 further includes acheck button 340. In response to the triggering of the check button 340 (e.g., the user clicks thecheck button 340 with a mouse or a finger), theprocessor 240 changes the character display mode of the password field 320 (i.e., hides the password or displays the password), restores the fabricated character string in thepassword field 320 and displays it as the correct registered password, or masks the fabricated character string in the password field 320 (e.g., represented by a black dot).

舉例而言,當使用者依序輸入正確註冊密碼時,處理器240將即時地轉換正確註冊密碼為編造字元串,並將編造字元串輸入至密碼欄位320,客戶端程式220A會預設為遮蔽住編造字元串(如:以黑色圓點來顯示)。此時,若使用者點擊檢查鈕340,則處理器240會將密碼欄位320中編造字元串還原為正確註冊密碼並顯示,讓使用者得以檢查輸入的字元是否正確。當使用者再次點擊檢查鈕340時,處理器240將會重新遮蔽住正確註冊密碼,同時將正確註冊密碼轉換為編造字元串。For example, when the user enters the correct registration password in sequence, theprocessor 240 will immediately convert the correct registration password into a fabricated string and enter the fabricated string into thepassword field 320. Theclient program 220A will be set to mask the fabricated string by default (e.g., display it as a black dot). At this time, if the user clicks thecheck button 340, theprocessor 240 will restore the fabricated string in thepassword field 320 to the correct registration password and display it, so that the user can check whether the input characters are correct. When the user clicks thecheck button 340 again, theprocessor 240 will mask the correct registration password again and convert the correct registration password into a fabricated string.

在另一實施例中,當處理器240透過輸入電路210接收正確註冊密碼,並已經將正確註冊密碼完全地輸入至密碼欄位320後,處理器240才辨識出密碼欄位320的事件標籤,並將事件標籤作為密碼輸入事件。如第3圖所示,在該實施例中,在正確註冊密碼已經被完全填入至密碼欄位320後,當使用者以滑鼠或以手指觸控點擊驗證鈕330時,客戶端程式220A會運作對應於「發送驗證資料」的事件標籤,根據「發送驗證資料」之事件標籤,處理器240將會觸發加密功能,對即將送出的正確註冊密碼進行加密。In another embodiment, when theprocessor 240 receives the correct registration password through theinput circuit 210 and has completely input the correct registration password into thepassword field 320, theprocessor 240 recognizes the event tag of thepassword field 320 and uses the event tag as a password input event. As shown in FIG. 3 , in this embodiment, after the correct registration password has been completely filled into thepassword field 320, when the user clicks the verification button 330 with a mouse or a finger touch, theclient program 220A will operate the event tag corresponding to "send verification data". According to the event tag of "send verification data", theprocessor 240 will trigger the encryption function to encrypt the correct registration password to be sent.

承上,具體而言,「發送驗證資料」之事件標籤會使處理器240透過客戶端程式220A,將登入頁面300中各欄位的驗證資料上傳至伺服器。處理器240會在驗證鈕330被點擊後,但在驗證資料被發送之前啟動加密功能。處理器240將會辨識出驗證資料中對應於密碼欄位320的正確註冊密碼,並將密碼欄位320中正確註冊密碼的所有第一字元(如:「1234」)同時轉換為編造字元串的第二字元(如:「abcd」)。如前所述,處理器240會在轉換完成後刪除正確註冊密碼並儲存編造字元串。As mentioned above, specifically, the event tag of "send verification data" causes theprocessor 240 to upload the verification data of each field in thelogin page 300 to the server through theclient program 220A. Theprocessor 240 will activate the encryption function after the verification button 330 is clicked but before the verification data is sent. Theprocessor 240 will identify the correct registered password corresponding to thepassword field 320 in the verification data, and convert all the first characters of the correct registered password in the password field 320 (such as: "1234") into the second characters of the fabricated string (such as: "abcd"). As mentioned above, theprocessor 240 will delete the correct registered password and store the fabricated string after the conversion is completed.

第5圖所示為根據本揭示內容之其他實施例的密碼驗證系統S的運作示意圖。於第5圖中,與第1及2圖之實施例有關的相似元件係以相同的參考標號表示以便於理解,且相似元件之具體原理已於先前段落中詳細說明,若非與第5圖之元件間具有協同運作關係而必要介紹者,於此不再贅述。FIG. 5 is a schematic diagram of the operation of a password verification system S according to another embodiment of the present disclosure. In FIG. 5, similar components related to the embodiments of FIG. 1 and FIG. 2 are represented by the same reference numerals for ease of understanding, and the specific principles of the similar components have been described in detail in the previous paragraphs. Unless they have a cooperative operation relationship with the components of FIG. 5 and are necessary to be introduced, they will not be repeated here.

在一實施例中,伺服器100的處理器包含選擇單元510、解密單元520及驗證單元530,且儲存有多個加密模組510A及解密模組510B。前述該些單元510~530可為伺服器100的處理器中的電路,或者為伺服器100的處理器的功能模組。終端裝置200的處理器中則包含加密單元540。In one embodiment, the processor of the server 100 includes a selection unit 510, adecryption unit 520, and averification unit 530, and stores a plurality ofencryption modules 510A anddecryption modules 510B. The aforementioned units 510-530 may be circuits in the processor of the server 100, or may be functional modules of the processor of the server 100. The processor of theterminal device 200 includes anencryption unit 540.

第5圖所示,在終端裝置200傳送登入請求資料Sr,以請求伺服器100提供加密模組時,登入請求資料Sr中可包含終端裝置200的MAC位址或硬體機碼等唯一碼。根據登入請求資料Sr的唯一碼,選擇單元510將分配其中一個加密模組510A及/或解密模組510B給終端裝置200。舉例而言,加密模組510A可為多個不同的轉換算式(如:「X+1=Y」、「X-5=Y」…等),解密模組510B可為用以加密解密的金鑰(如:前述算式中的「+1」、「-5」等參數)。如前所述,若終端裝置200內已事先儲存有加密用的算式,則伺服器100只須傳送作為金鑰的解密模組510B至終端裝置200。As shown in FIG. 5 , when theterminal device 200 transmits the login request data Sr to request the server 100 to provide the encryption module, the login request data Sr may include a unique code such as the MAC address or hardware code of theterminal device 200. According to the unique code of the login request data Sr, the selection unit 510 will allocate one of theencryption modules 510A and/or thedecryption module 510B to theterminal device 200. For example, theencryption module 510A may be a plurality of different conversion formulas (such as: "X+1=Y", "X-5=Y" ... etc.), and thedecryption module 510B may be a key for encryption and decryption (such as: the parameters such as "+1", "-5" in the aforementioned formula). As mentioned above, if the encryption formula has been stored in theterminal device 200 in advance, the server 100 only needs to transmit thedecryption module 510B serving as the key to theterminal device 200.

承上,選擇單元510分配其中一個加密模組510A/解密模組510B給終端裝置200後,會將所選擇的加密模組510A/解密模組510B傳送給終端裝置200(如:作為第2圖所示之加密模組220B)。同時,伺服器100將終端裝置200的唯一碼(如:MAC位址)紀錄以對應於所分配的加密模組510A/解密模組510B。換言之,使用者以不同的終端裝置200要登入伺服器100時,所分配的加密方式也會不同,據此,將能進一步提昇驗證程序的安全性以及密碼的保護性。As mentioned above, after the selection unit 510 assigns one of theencryption modules 510A/decryption modules 510B to theterminal device 200, the selectedencryption module 510A/decryption module 510B is transmitted to the terminal device 200 (e.g., as theencryption module 220B shown in FIG. 2). At the same time, the server 100 records the unique code (e.g., MAC address) of theterminal device 200 to correspond to the assignedencryption module 510A/decryption module 510B. In other words, when the user logs into the server 100 with differentterminal devices 200, the assigned encryption method will also be different, thereby further improving the security of the authentication process and the protection of the password.

如前述實施例所述,在進行驗證程序時,終端裝置200的加密單元540響應於密碼輸入事件,將輸入的正確註冊密碼P1轉換為編造字元串P2,再透過客戶端程式220A,將驗證資料Sv(如:驗證帳號及轉換後的編造字元串P2)上傳至伺服器100進行驗證。解密單元520在接收到驗證資料Sv後,會根據終端裝置200的唯一碼找到對應的加密模組510A/解密模組510B,以將驗證資料Sv中的編造字元串P2還原為正確註冊密碼P1。驗證單元530則會根據驗證資料中的驗證帳號及還原後的正確註冊密碼P1,判斷用戶資料庫DB中是否有對應的用戶資料,以進行驗證。As described in the above embodiment, when performing the verification process, theencryption unit 540 of theterminal device 200 responds to the password input event, converts the input correct registration password P1 into a fabricated string P2, and then uploads the verification data Sv (such as the verification account and the converted fabricated string P2) to the server 100 for verification through theclient program 220A. After receiving the verification data Sv, thedecryption unit 520 will find thecorresponding encryption module 510A/decryption module 510B according to the unique code of theterminal device 200 to restore the fabricated string P2 in the verification data Sv to the correct registration password P1. Theverification unit 530 will determine whether there is corresponding user data in the user database DB based on the verification account number in the verification data and the restored correct registration password P1 for verification.

本揭示內容的密碼驗證方法能夠以加密後的編造字元串進行傳輸,且終端裝置200內不會留存任何正確註冊密碼,因此可避免正確註冊密碼外洩的問題。此外,由於應用本揭示內容之技術後,終端裝置200內僅會儲存加密後的編造字元串,且伺服器100係根據終端裝置200的唯一碼來分配加密模組510A/解密模組510B,因此,即便有不肖人士、病毒或駭客擷取了終端裝置200中儲存的編造字元串,亦無法利用此一編造字元串來登入伺服器100。具體而言,若他人以不正當方式取得終端裝置200中的編造字元串,並將編造字元串被輸入至登入頁面300的密碼欄位320時,由於編造字元串會在驗證程序中再被進行一次轉換,因此轉換後的密碼將無法通過伺服器100的驗證。The password verification method of the disclosed content can transmit the encrypted fabricated character string, and no correct registration password will be retained in theterminal device 200, thereby avoiding the problem of leakage of the correct registration password. In addition, after applying the technology of the disclosed content, only the encrypted fabricated character string will be stored in theterminal device 200, and the server 100 will allocate theencryption module 510A/decryption module 510B according to the unique code of theterminal device 200. Therefore, even if an unscrupulous person, virus or hacker captures the fabricated character string stored in theterminal device 200, it cannot use this fabricated character string to log in to the server 100. Specifically, if someone obtains the fabricated string in theterminal device 200 in an improper manner and inputs the fabricated string into thepassword field 320 of thelogin page 300, the fabricated string will be converted again during the verification process, so the converted password will not be able to pass the verification of the server 100.

本揭示內容的密碼驗證系統係針對軟體程式進行改良,無須使用額外的加解密硬體,在實施上不會增加額外成本,且亦無裝置或軟體相容性的問題,因此可輕易實施,有效提昇資訊安全。The password verification system disclosed herein is an improvement on the software program. It does not require the use of additional encryption and decryption hardware, does not increase additional costs in implementation, and does not have any device or software compatibility issues. Therefore, it can be easily implemented and effectively improves information security.

前述各實施例中的各項元件、方法步驟或技術特徵,係可相互結合,而不以本揭示內容中的文字描述順序或圖式呈現順序為限。The various elements, method steps or technical features in the aforementioned embodiments may be combined with each other and are not limited to the order of textual description or the order of diagram presentation in the present disclosure.

雖然本揭示內容已以實施方式揭露如上,然其並非用以限定本揭示內容,任何熟習此技藝者,在不脫離本揭示內容之精神和範圍內,當可作各種更動與潤飾,因此本揭示內容之保護範圍當視後附之申請專利範圍所界定者為準。Although the contents of this disclosure have been disclosed in the form of implementation as above, it is not intended to limit the contents of this disclosure. Anyone skilled in the art can make various changes and modifications without departing from the spirit and scope of the contents of this disclosure. Therefore, the protection scope of the contents of this disclosure shall be subject to the scope defined by the attached patent application.

100:伺服器 200:終端裝置 210:輸入電路 220:記憶體 220A:客戶端程式 220B:加密模組 230:通訊電路 240:處理器 300:登入頁面 310:帳號欄位 320:密碼欄位 330:驗證鈕 401-405:步驟 510:選擇單元 510A:加密模組 510B:解密模組 520:解密單元 530:驗證單元 540:加密單元 DB:用戶資料庫 S:密碼驗證系統 Sr:登入請求資料 Sv:驗證資料 N:網際網路 P1:正確註冊密碼 P2:編造字元串100: Server200: Terminal device210: Input circuit220:Memory220A:Client program220B: Encryption module230: Communication circuit240: Processor300: Login page310: Account field320: Password field330: Verification button401-405: Steps510:Selection unit510A:Encryption module510B: Decryption module520: Decryption unit530: Verification unit540: Encryption unitDB: User databaseS: Password verification systemSr: Login request dataSv: Verification dataN: InternetP1: Register the password correctlyP2: Make up a string

第1圖為根據本揭示內容之部份實施例之密碼驗證系統的示意圖。 第2圖為根據本揭示內容之部份實施例之終端裝置的示意圖。 第3圖為根據本揭示內容之部份實施例之登入頁面的示意圖。 第4圖為根據本揭示內容之部份實施例之密碼驗證方法的步驟流程圖。 第5圖為根據本揭示內容之部份實施例之密碼驗證系統的運作方式示意圖。FIG. 1 is a schematic diagram of a password verification system according to some embodiments of the present disclosure.FIG. 2 is a schematic diagram of a terminal device according to some embodiments of the present disclosure.FIG. 3 is a schematic diagram of a login page according to some embodiments of the present disclosure.FIG. 4 is a flow chart of steps of a password verification method according to some embodiments of the present disclosure.FIG. 5 is a schematic diagram of the operation of a password verification system according to some embodiments of the present disclosure.

國內寄存資訊(請依寄存機構、日期、號碼順序註記) 無 國外寄存資訊(請依寄存國家、機構、日期、號碼順序註記) 無Domestic storage information (please note in the order of storage institution, date, and number)NoneOverseas storage information (please note in the order of storage country, institution, date, and number)None

401-405:步驟401-405: Steps

Claims (7)

Translated fromChinese
一種終端裝置,包含: 一輸入電路,用以接收使用者輸入之一正確註冊密碼; 一記憶體,用以儲存一客戶端程式;以及 一處理器,耦接於該輸入電路及該記憶體,且通訊連接於一伺服器,以自該伺服器同時接收一加密模組及一頁面資料,其中當該處理器運行該客戶端程式以根據該頁面資料產生一登入頁面時,該處理器用以辨識一密碼輸入事件,且用以響應於該密碼輸入事件,依據該加密模組將該正確註冊密碼轉換為一編造字元串,且將該編造字元串儲存於該記憶體中; 其中在該正確註冊密碼被轉換為該編造字元串後,該處理器將該編造字元串發送給該伺服器進行驗證; 其中該正確註冊密碼包含複數個第一字元,且該編造字元串包含複數個第二字元; 其中該處理器用以將該些第一字元中的第一個轉換為該些第二字元的第一個,並將該些第二字元的第一個輸入至該登入頁面的一密碼欄位; 其中在該些第二字元的第一個被輸入至該密碼欄位後,該處理器用以將該些第一字元中的第二個轉換為該些第二字元的第二個,並將該些第二字元的第二個輸入至該密碼欄位;以及 其中在依據該加密模組將該正確註冊密碼轉換為該編造字元串後,該處理器用以刪除儲存於該記憶體內的該正確註冊密碼。A terminal device comprises: an input circuit for receiving a correct registration password input by a user;a memory for storing a client program; anda processor coupled to the input circuit and the memory, and communicatively connected to a server to simultaneously receive an encryption module and a page data from the server, wherein when the processor runs the client program to generate a login page according to the page data, the processor is used to identify a password input event, and is used to respond to the password input event, convert the correct registration password into a fabricated character string according to the encryption module, and store the fabricated character string in the memory;wherein after the correct registration password is converted into the fabricated string, the processor sends the fabricated string to the server for verification; wherein the correct registration password includes a plurality of first characters, and the fabricated string includes a plurality of second characters; wherein the processor is used to convert the first of the first characters into the first of the second characters, and input the first of the second characters into a password field on the login page; wherein after the first of the second characters is input into the password field, the processor is used to convert the second of the first characters into the second of the second characters, and input the second of the second characters into the password field; and After the correct registration password is converted into the fabricated string according to the encryption module, the processor is used to delete the correct registration password stored in the memory.如請求項1所述之終端裝置,其中該處理器還用以響應於該登入頁面中一檢查鈕,將輸入至該登入頁面中該密碼欄位的該編造字元串轉換回該正確註冊密碼。The terminal device as described in claim 1, wherein the processor is further used to respond to a check button in the login page to convert the fabricated string entered into the password field in the login page back into the correct registered password.如請求項1所述之終端裝置,其中該處理器用以傳送一登入請求資料至該伺服器,以請求該伺服器傳送該加密模組,且該登入請求資料中包含該終端裝置的一媒體存取控制位址或一硬體機碼。A terminal device as described in claim 1, wherein the processor is used to send a login request data to the server to request the server to send the encryption module, and the login request data includes a media access control address or a hardware code of the terminal device.一種密碼驗證方法,包含: 傳送一登入請求資料至一伺服器,其中該登入請求資料中包含一媒體存取控制位址或一硬體機碼; 根據該媒體存取控制位址或該硬體機碼,分配複數個加密模組的其中一者; 自該伺服器接收該些加密模組的其中一者; 透過一處理器所運行之一客戶端程式,產生一登入頁面,其中該登入頁面包含一密碼欄位; 透過一輸入電路,於該密碼欄位輸入一正確註冊密碼; 辨識出一密碼輸入事件,依據該些加密模組的該其中一者將該正確註冊密碼轉換為一編造字元串; 將該編造字元串儲存於該客戶端程式或一記憶體中;以及 透過該客戶端程式,將該編造字元串傳送給該伺服器進行驗證。A password verification method includes: sending a login request data to a server, wherein the login request data includes a media access control address or a hardware machine code;assigning one of a plurality of encryption modules according to the media access control address or the hardware machine code;receiving one of the encryption modules from the server;generating a login page through a client program run by a processor, wherein the login page includes a password field;inputting a correct registration password into the password field through an input circuit;identifying a password input event, and converting the correct registration password into a fabricated string according to the one of the encryption modules;Storing the fabricated string in the client program or a memory; andSending the fabricated string to the server for verification through the client program.如請求項4所述之密碼驗證方法,其中該正確註冊密碼包含複數個第一字元,且該編造字元串包含複數個第二字元,且依據該些加密模組的該其中一者將該正確註冊密碼轉換為該編造字元的方法包含: 將該些第一字元中的第一個轉換為該些第二字元的第一個,並將該些第二字元的第一個輸入至該登入頁面的該密碼欄位;以及 在該些第二字元的第一個被輸入至該密碼欄位後,將該些第一字元中的第二個轉換為該些第二字元的第二個,並將該些第二字元的第二個輸入至該密碼欄位。A password verification method as described in claim 4, wherein the correct registered password includes a plurality of first characters, and the fabricated character string includes a plurality of second characters, and the method of converting the correct registered password into the fabricated character string according to one of the encryption modules includes: Converting the first of the first characters into the first of the second characters, and inputting the first of the second characters into the password field of the login page; and After the first of the second characters is input into the password field, converting the second of the first characters into the second of the second characters, and inputting the second of the second characters into the password field.如請求項4所述之密碼驗證方法,其中依據該些加密模組的該其中一者將該正確註冊密碼轉換為該編造字元串的方法包含: 在該正確註冊密碼被輸入至該密碼欄位後,透過該處理器,辨識出該密碼輸入事件;以及 將該正確註冊密碼的複數個第一字元同時轉換為該編造字元串的複數個第二字元。The password verification method as described in claim 4, wherein the method of converting the correct registration password into the fabricated string according to one of the encryption modules comprises: After the correct registration password is input into the password field, the password input event is recognized by the processor; and The plurality of first characters of the correct registration password are simultaneously converted into the plurality of second characters of the fabricated string.如請求項4所述之密碼驗證方法,還包含: 在依據該些加密模組的該其中一者將該正確註冊密碼轉換為該編造字元串後,刪除儲存於該記憶體內的該正確註冊密碼,其中該處理器耦接於該記憶體及該輸入電路。The password verification method as described in claim 4 further comprises: After converting the correct registration password into the fabricated string according to one of the encryption modules, deleting the correct registration password stored in the memory, wherein the processor is coupled to the memory and the input circuit.
TW112113183A2023-04-072023-04-07Terminal device and password verification methodTWI883420B (en)

Priority Applications (2)

Application NumberPriority DateFiling DateTitle
TW112113183ATWI883420B (en)2023-04-072023-04-07Terminal device and password verification method
CN202310818729.9ACN118785146A (en)2023-04-072023-07-05 Terminal device and password verification method

Applications Claiming Priority (1)

Application NumberPriority DateFiling DateTitle
TW112113183ATWI883420B (en)2023-04-072023-04-07Terminal device and password verification method

Publications (2)

Publication NumberPublication Date
TW202441920A TW202441920A (en)2024-10-16
TWI883420Btrue TWI883420B (en)2025-05-11

Family

ID=92993579

Family Applications (1)

Application NumberTitlePriority DateFiling Date
TW112113183ATWI883420B (en)2023-04-072023-04-07Terminal device and password verification method

Country Status (2)

CountryLink
CN (1)CN118785146A (en)
TW (1)TWI883420B (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
US20100011419A1 (en)*2008-01-142010-01-14Rsupport Co., Ltd.Authentication method using icon password
TW201011586A (en)*2008-09-032010-03-16Wayi Internat Digital Entertainment Co LtdSecurity-protecting method of password input
CN101800982A (en)*2010-01-152010-08-11西安电子科技大学Method for enhancing fast handover authentication security of wireless local land area
US10153897B1 (en)*2018-02-142018-12-11Capital One Services, LlcCustom encryption function for communications between a client device and a server device
TW201909029A (en)*2013-09-092019-03-01美商蘋果公司 Device, method, and graphical user interface for manipulating a user interface based on unlocking input

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
US20100011419A1 (en)*2008-01-142010-01-14Rsupport Co., Ltd.Authentication method using icon password
TW201011586A (en)*2008-09-032010-03-16Wayi Internat Digital Entertainment Co LtdSecurity-protecting method of password input
CN101800982A (en)*2010-01-152010-08-11西安电子科技大学Method for enhancing fast handover authentication security of wireless local land area
TW201909029A (en)*2013-09-092019-03-01美商蘋果公司 Device, method, and graphical user interface for manipulating a user interface based on unlocking input
US10153897B1 (en)*2018-02-142018-12-11Capital One Services, LlcCustom encryption function for communications between a client device and a server device

Also Published As

Publication numberPublication date
CN118785146A (en)2024-10-15
TW202441920A (en)2024-10-16

Similar Documents

PublicationPublication DateTitle
KR102493744B1 (en) Security Verification Method Based on Biometric Characteristics, Client Terminal, and Server
CN107302539B (en)Electronic identity registration and authentication login method and system
US9235732B2 (en)Secure communication methods
CN108833114A (en) A blockchain-based decentralized identity authentication system and method
US11824850B2 (en)Systems and methods for securing login access
CN109325342A (en)Identity information management method, apparatus, computer equipment and storage medium
JP2014529837A (en) ID authentication management apparatus and method
WO2015188424A1 (en)Key storage device and method for using same
KR102329221B1 (en)Blockchain-based user authentication model
US9356787B2 (en)Secure communication architecture including sniffer
WO2021143457A1 (en)Identity authentication method and apparatus based on sm9 algorithm, and computer device
WO2019140790A1 (en)Service tracking method and apparatus, terminal device, and storage medium
US12204618B1 (en)Authentication using third-party data
US12107956B2 (en)Information processing device, information processing method, and non-transitory computer readable storage medium
CN101808077A (en)Information security input processing system and method and smart card
CN104901951B (en)Code data processing based on mobile terminal and exchange method in a kind of Web applications
CN111901304A (en)Registration method and device of mobile security equipment, storage medium and electronic device
CN109190358B (en)Site password generation method and system and password manager
CN104102872A (en)Password protection method and system
CN113918932A (en) A security authentication method and related components
KR101221728B1 (en)The certification process server and the method for graphic OTP certification
TWI883420B (en)Terminal device and password verification method
CN102314566A (en)Computer-to-computer authentication and man-to-machine authentication method applied to cloud computing
CN111970126A (en) Key management method and device
CN111355710A (en)Data request method and device of network service
[8]ページ先頭
©2009-2025 Movatter.jp