Title:
LOGIN AUTHENTICATION AND LOGIN PASSWORD MODIFICATION AUTHENTICATION METHODS, TERMINAL, AND SERVER
Document Type and Number:
WIPO Patent Application WO/2018/045802
Kind Code:
A1
Abstract:
Disclosed is a login authentication method, comprising: a terminal sends a login page request to a server; the terminal receives a login page, an authentication random number, and a punching random number returned by the server; the terminal uses, after receiving a login password inputted by a user, the received login password to decrypt the authentication random number and the punching random number, and generates authentication information; the terminal sends the authentication information to the server, so that the server authenticates the received the authentication information, and permits the terminal to log in when the authentication is successful. Also disclosed are a login password modification authentication method, a terminal, and a server. According to the present invention, by using an authentication random number and a punching random number to generate authentication information, and encrypting the authentication random number and the punching random number using a login password, an attacker cannot crack the login password by means of HASH dictionary attacking, so that reveal of Web UI login passwords is effectively avoided, and the security of Web UI login is improved.
Inventors:
WEN HAILONG (CN)
Application Number:
PCT/CN2017/091251
Publication Date:
March 15, 2018
Filing Date:
June 30, 2017
Export Citation:
Assignee:
ZTE CORP (CN)
International Classes:
H04L29/06; H04L9/32
Foreign References:
| CN102387161A | 2012-03-21 | |||
| CN103581121A | 2014-02-12 | |||
| CN102724215A | 2012-10-10 | |||
| CN103096165A | 2013-05-08 | |||
| US7836310B1 | 2010-11-16 |
Attorney, Agent or Firm:
LUNG TIN INTELLECTUAL PROPERTY AGENT LTD. (CN)
Download PDF: