[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CN109977640B - Method and device for recovering, keeping and using admin password - Google Patents

Method and device for recovering, keeping and using admin password Download PDF

Info

Publication number
CN109977640B
CN109977640B CN201910130687.3A CN201910130687A CN109977640B CN 109977640 B CN109977640 B CN 109977640B CN 201910130687 A CN201910130687 A CN 201910130687A CN 109977640 B CN109977640 B CN 109977640B
Authority
CN
China
Prior art keywords
password
compressed file
admin
file
role
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910130687.3A
Other languages
Chinese (zh)
Other versions
CN109977640A (en
Inventor
候大鹏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
CIB Fintech Services Shanghai Co Ltd
Original Assignee
CIB Fintech Services Shanghai Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by CIB Fintech Services Shanghai Co Ltd filed Critical CIB Fintech Services Shanghai Co Ltd
Priority to CN201910130687.3A priority Critical patent/CN109977640B/en
Publication of CN109977640A publication Critical patent/CN109977640A/en
Application granted granted Critical
Publication of CN109977640B publication Critical patent/CN109977640B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2131Lost password, e.g. recovery of lost or forgotten passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides a method and a device for recovering, keeping and using an admin password, which are used for separately reading the input and confirmation of an initial password, a first password and a second password and resetting the initial password; respectively and independently storing a first password and a second password to obtain a first password file and a second password file, respectively encrypting and compressing the first password file and the second password file through a third password to obtain a first compressed file and a second compressed file, and separately and independently storing the first compressed file and the second compressed file; when the password is used, the first half password and the second half password are read separately, the admin password is obtained after splicing, the admin password is checked and then logged in for use, the safety mode of recovering the admin password is realized, all the admin passwords are prevented from being known by multiple persons, and it is ensured that no independent individual can obtain the admin password.

Description

Method and device for recovering, keeping and using admin password
Technical Field
The invention relates to the field of information security, in particular to a method and a device for recovering, keeping and using an admin password.
Background
The financial industry is sensitive to data, and the encryption of the data is also very important correspondingly, and setting the password is a way of ensuring that the system is safely used for logging in, so that the data and the information are guaranteed, especially for the admin password in the financial field.
At present, the password is encrypted and stored generally by adopting a key component management mode of a financial encryption machine, but the method is relatively complex in management and is not suitable for storing the admin password.
Disclosure of Invention
Aiming at the defects in the prior art, the invention aims to provide a method and a device for recovering, keeping and using an admin password.
The invention provides a method for recovering and keeping an admin password, which comprises the following steps:
a password resetting step: respectively and independently reading the input and confirmation of an initial password, a first password and a second password, resetting the initial password, and splicing the first password and the second password in front and back to obtain an admin password after password resetting;
password storage step: the method comprises the steps of separately storing a first password and a second password to obtain a first password file and a second password file, respectively encrypting and compressing the first password file and the second password file through a third password to obtain a first compressed file and a second compressed file, and separately and independently storing the first compressed file and the second compressed file.
Preferably, the initial password is input through a first role, the second password is input through a second role, the third password is input through a third role, and the first role, the second role and the third role are independent of each other.
Preferably, the encryption compression by the third password is operated by the first role, the first compressed file is stored by the second role, and the second compressed file is stored by the third role.
According to the method for using the admin password, which is provided by the invention, the admin password, the first compressed file and the second compressed file are used, and the method comprises the following steps of:
applying for using steps: responding to the login application, and opening an admin login interface;
a password entering step: independently reading the first half section of password and the second half section of password;
a login step: and splicing the first half password and the second half password to obtain an admin password, verifying the admin password, discarding the first compressed file and the second compressed file if the verification is successful, reading the first compressed file and the second compressed file if the verification is unsuccessful, decrypting and decompressing the first compressed file and the second compressed file to obtain the first password and the second password, and discarding the first compressed file and the second compressed file.
Preferably, the first half password is input by the second role, the second half password is input by the third role, and the reading of the first compressed file and the reading of the second compressed file are performed by the first role.
The invention provides a device for recovering and keeping an admin password, which comprises the following units:
password resetting unit: respectively and independently reading the input and confirmation of an initial password, a first password and a second password, resetting the initial password, and splicing the first password and the second password in front and back to obtain an admin password after password resetting;
a password saving unit: the method comprises the steps of separately storing a first password and a second password to obtain a first password file and a second password file, respectively encrypting and compressing the first password file and the second password file through a third password to obtain a first compressed file and a second compressed file, and separately and independently storing the first compressed file and the second compressed file.
Preferably, the initial password is input through a first role, the second password is input through a second role, the third password is input through a third role, and the first role, the second role and the third role are independent of each other.
Preferably, the encryption compression by the third password is operated by the first role, the first compressed file is stored by the second role, and the second compressed file is stored by the third role.
According to the device for using the admin password, which is provided by the invention, the admin password, the first compressed file and the second compressed file are used, and the device comprises the following units:
applying for a use unit: responding to the login application, and opening an admin login interface;
a password entry unit: independently reading the first half section of password and the second half section of password;
a login step: and splicing the first half password and the second half password to obtain an admin password, verifying the admin password, discarding the first compressed file and the second compressed file if the verification is successful, reading the first compressed file and the second compressed file if the verification is unsuccessful, decrypting and decompressing the first compressed file and the second compressed file to obtain the first password and the second password, and discarding the first compressed file and the second compressed file.
Preferably, the first half password is input by the second role, the second half password is input by the third role, and the reading of the first compressed file and the reading of the second compressed file are performed by the first role.
Compared with the prior art, the invention has the following beneficial effects:
the invention realizes a safety mode of recovering the admin password, avoids all the admin passwords being known by multiple persons, and ensures that no independent individual can obtain the admin password.
Drawings
Other features, objects and advantages of the invention will become more apparent upon reading of the detailed description of non-limiting embodiments with reference to the following drawings:
FIG. 1 is a schematic diagram illustrating a recycling and keeping process of an admin password according to the present invention;
FIG. 2 is a schematic diagram illustrating a usage flow of the admin password of the present invention.
Detailed Description
The present invention will be described in detail with reference to specific examples. The following examples will assist those skilled in the art in further understanding the invention, but are not intended to limit the invention in any way. It should be noted that it would be obvious to those skilled in the art that various changes and modifications can be made without departing from the spirit of the invention. All falling within the scope of the present invention.
The invention provides a method for recovering and keeping an admin password, which comprises the following steps:
a password resetting step: respectively and independently reading the input and confirmation of an initial password, a first password and a second password, resetting the initial password, and splicing the first password and the second password in front and back to obtain an admin password after password resetting;
password storage step: the method comprises the steps of separately storing a first password and a second password to obtain a first password file and a second password file, respectively encrypting and compressing the first password file and the second password file through a third password to obtain a first compressed file and a second compressed file, and separately and independently storing the first compressed file and the second compressed file.
Specifically, the initial password is input through a first role, the second password is input through a second role, the third password is input through a third role, and the first role, the second role and the third role are independent of each other.
Specifically, the encryption compression by the third password is performed by the first role, the first compressed file is stored by the second role, and the second compressed file is stored by the third role.
According to the method for using the admin password, which is provided by the invention, the admin password, the first compressed file and the second compressed file are used, and the method comprises the following steps of:
applying for using steps: responding to the login application, and opening an admin login interface;
a password entering step: independently reading the first half section of password and the second half section of password;
a login step: and splicing the first half password and the second half password to obtain an admin password, verifying the admin password, discarding the first compressed file and the second compressed file if the verification is successful, reading the first compressed file and the second compressed file if the verification is unsuccessful, decrypting and decompressing the first compressed file and the second compressed file to obtain the first password and the second password, and discarding the first compressed file and the second compressed file.
Specifically, the first half password is input by a second role, the second half password is input by a third role, and the reading of the first compressed file and the reading of the second compressed file are performed by the first role.
The invention provides a device for recovering and keeping an admin password, which comprises the following units:
password resetting unit: respectively and independently reading the input and confirmation of an initial password, a first password and a second password, resetting the initial password, and splicing the first password and the second password in front and back to obtain an admin password after password resetting;
a password saving unit: the method comprises the steps of separately storing a first password and a second password to obtain a first password file and a second password file, respectively encrypting and compressing the first password file and the second password file through a third password to obtain a first compressed file and a second compressed file, and separately and independently storing the first compressed file and the second compressed file.
Specifically, the initial password is input through a first role, the second password is input through a second role, the third password is input through a third role, and the first role, the second role and the third role are independent of each other.
Specifically, the encryption compression by the third password is performed by the first role, the first compressed file is stored by the second role, and the second compressed file is stored by the third role.
According to the device for using the admin password, which is provided by the invention, the admin password, the first compressed file and the second compressed file are used, and the device comprises the following units:
applying for a use unit: responding to the login application, and opening an admin login interface;
a password entry unit: independently reading the first half section of password and the second half section of password;
a login step: and splicing the first half password and the second half password to obtain an admin password, verifying the admin password, discarding the first compressed file and the second compressed file if the verification is successful, reading the first compressed file and the second compressed file if the verification is unsuccessful, decrypting and decompressing the first compressed file and the second compressed file to obtain the first password and the second password, and discarding the first compressed file and the second compressed file.
Specifically, the first half password is input by a second role, the second half password is input by a third role, and the reading of the first compressed file and the reading of the second compressed file are performed by the first role.
The invention adopts three-right separation, separates the authority of password input and storage, avoids all passwords of admin being known by multiple persons, and ensures that no independent individual can obtain the admin password. In the process of keeping the password, the first role obtains the password of the password carrier, the second role obtains the password carrier and the first half password, and the third role obtains the password carrier and the second half password.
In specific implementation, 3 roles need to be allocated firstly, as shown in fig. 1, a role a applies for recording an original admin password and leaves the scene; the role B inputs the first half section of the password in the new password column and the new password confirmation column respectively and leaves the scene; the role C inputs the second half section of the password in the new password column and the new password confirmation column respectively and leaves the site; then three people arrive at the scene, press and confirm, if the password is wrong, return to the beginning, carry on the single input of the password again, if after the password is revised successfully, C inputs the password into TXT-B file, keep, leave the scene; b, inputting the password into a TXT-A file, and leaving the scene; a, packaging and compressing 2 TXT files, and adding a password; three people arrive at the scene, A copies the compressed packet, and 2 compressed packets (named compressed packets 1 and 2) are respectively given to B and C. Thus, A obtains a compressed packet cipher; b, obtaining a compressed packet 1 and a first half section password; c, obtaining a compressed packet 2 and a second half password; and the password recovery and the keeping are finished.
When the password needs to be used, as shown in fig. 2, a proposes an application, and opens an admin login interface; b, inputting the first half section of the password; c, inputting the second half section of the password, and pressing down to log in; if the login cannot be performed, A obtains a compressed packet from B and C, inputs a password to obtain an admin password, and discards the compressed packet; if the log-in is normal, abandoning the compressed packet; the password use is ended.
Those skilled in the art will appreciate that, in addition to implementing the systems, apparatus, and various modules thereof provided by the present invention in purely computer readable program code, the same procedures can be implemented entirely by logically programming method steps such that the systems, apparatus, and various modules thereof are provided in the form of logic gates, switches, application specific integrated circuits, programmable logic controllers, embedded microcontrollers and the like. Therefore, the system, the device and the modules thereof provided by the present invention can be considered as a hardware component, and the modules included in the system, the device and the modules thereof for implementing various programs can also be considered as structures in the hardware component; modules for performing various functions may also be considered to be both software programs for performing the methods and structures within hardware components.
The foregoing description of specific embodiments of the present invention has been presented. It is to be understood that the present invention is not limited to the specific embodiments described above, and that various changes or modifications may be made by one skilled in the art within the scope of the appended claims without departing from the spirit of the invention. The embodiments and features of the embodiments of the present application may be combined with each other arbitrarily without conflict.

Claims (10)

1. A method for recovering and keeping an admin password is characterized by comprising the following steps:
a password resetting step: respectively and independently reading the input and confirmation of an initial password, a first password and a second password, resetting the initial password, and splicing the first password and the second password in front and back to obtain an admin password after password resetting;
password storage step: the method comprises the steps of separately storing a first password and a second password to obtain a first password file and a second password file, respectively encrypting and compressing the first password file and the second password file through a third password to obtain a first compressed file and a second compressed file, and separately and independently storing the first compressed file and the second compressed file.
2. The method for recovering and keeping an admin password as recited in claim 1, wherein the initial password is entered by a first role, the first password is entered by a second role, the second password is entered by a third role, and the first role, the second role, and the third role are independent of each other.
3. The method for recovering and keeping an admin password as claimed in claim 2, wherein the encrypted compression by the third password is performed by a first role, the first compressed file is stored by a second role, and the second compressed file is stored by a third role.
4. A method for using the admin password, the first compressed file, and the second compressed file of claim 1, comprising the steps of:
applying for using steps: responding to the login application, and opening an admin login interface;
a password entering step: independently reading the first half section of password and the second half section of password;
a login step: and splicing the first half password and the second half password to obtain an admin password, verifying the admin password, discarding the first compressed file and the second compressed file if the verification is successful, reading the first compressed file and the second compressed file if the verification is unsuccessful, decrypting and decompressing the first compressed file and the second compressed file to obtain the first password and the second password, and discarding the first compressed file and the second compressed file.
5. The method for using admin password of claim 4, wherein the first half password is entered by the second persona, the second half password is entered by the third persona, and the reading of the first compressed file and the reading of the second compressed file are performed by the first persona.
6. A device for recovering and keeping admin passwords is characterized by comprising the following units:
password resetting unit: respectively and independently reading the input and confirmation of an initial password, a first password and a second password, resetting the initial password, and splicing the first password and the second password in front and back to obtain an admin password after password resetting;
a password saving unit: the method comprises the steps of separately storing a first password and a second password to obtain a first password file and a second password file, respectively encrypting and compressing the first password file and the second password file through a third password to obtain a first compressed file and a second compressed file, and separately and independently storing the first compressed file and the second compressed file.
7. The apparatus for recovering and keeping the admin password as defined in claim 6, wherein the initial password is inputted by a first character, the first password is inputted by a second character, the second password is inputted by a third character, and the first character, the second character and the third character are independent of each other.
8. The apparatus for recycling and keeping an admin password as recited in claim 7, wherein said encrypted compression by the third password is performed by a first role, the first compressed file is stored by a second role, and the second compressed file is stored by a third role.
9. An apparatus for using the admin password of claim 6, wherein the admin password, the first compressed file, and the second compressed file comprise the following units:
applying for a use unit: responding to the login application, and opening an admin login interface;
a password entry unit: independently reading the first half section of password and the second half section of password;
a login step: and splicing the first half password and the second half password to obtain an admin password, verifying the admin password, discarding the first compressed file and the second compressed file if the verification is successful, reading the first compressed file and the second compressed file if the verification is unsuccessful, decrypting and decompressing the first compressed file and the second compressed file to obtain the first password and the second password, and discarding the first compressed file and the second compressed file.
10. The apparatus for using admin password of claim 9, wherein the first half password is entered by the second persona, the second half password is entered by the third persona, and the reading of the first compressed file and the reading of the second compressed file are performed by the first persona.
CN201910130687.3A 2019-02-21 2019-02-21 Method and device for recovering, keeping and using admin password Active CN109977640B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910130687.3A CN109977640B (en) 2019-02-21 2019-02-21 Method and device for recovering, keeping and using admin password

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910130687.3A CN109977640B (en) 2019-02-21 2019-02-21 Method and device for recovering, keeping and using admin password

Publications (2)

Publication Number Publication Date
CN109977640A CN109977640A (en) 2019-07-05
CN109977640B true CN109977640B (en) 2020-12-25

Family

ID=67077197

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910130687.3A Active CN109977640B (en) 2019-02-21 2019-02-21 Method and device for recovering, keeping and using admin password

Country Status (1)

Country Link
CN (1) CN109977640B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101840478A (en) * 2010-03-24 2010-09-22 深圳市德卡科技有限公司 Password management method
CN107291525A (en) * 2016-04-01 2017-10-24 华为技术有限公司 A kind of method, host and system for disposing virtual machine

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8880895B2 (en) * 2009-10-29 2014-11-04 At&T Intellectual Property I, L.P. Methods, systems, and computer program products for recovering a password using user-selected third party authorization
CN103368928B (en) * 2012-04-11 2018-04-27 富泰华工业(深圳)有限公司 Account number cipher reset system and method
CN104167030A (en) * 2013-12-19 2014-11-26 陈桂强 Electronic cipher shared lock based on (t,n) threshold
CN103763369B (en) * 2014-01-20 2017-12-19 浪潮电子信息产业股份有限公司 A kind of multiple authority distributing method based on SAN storage system
CN105656621A (en) * 2014-11-12 2016-06-08 江苏威盾网络科技有限公司 Safety management method for cryptographic device
CN106874743B (en) * 2016-12-29 2020-07-10 上海雷塔智能科技有限公司 Method and system for storing and extracting smart card password
CN109252789B (en) * 2018-09-20 2020-07-24 佘丽娟 Intelligent safety control system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101840478A (en) * 2010-03-24 2010-09-22 深圳市德卡科技有限公司 Password management method
CN107291525A (en) * 2016-04-01 2017-10-24 华为技术有限公司 A kind of method, host and system for disposing virtual machine

Also Published As

Publication number Publication date
CN109977640A (en) 2019-07-05

Similar Documents

Publication Publication Date Title
US11108546B2 (en) Biometric verification of a blockchain database transaction contributor
TWI267280B (en) Method for encryption backup and method for decryption restoration
EP3373510A1 (en) Method and device for realizing session identifier synchronization
US20170063827A1 (en) Data obfuscation method and service using unique seeds
CN112528257B (en) Secure debugging method and device, electronic equipment and storage medium
US10361867B2 (en) Verification of authenticity of a maintenance means connected to a controller of a passenger transportation/access device of a building and provision and obtainment of a license key for use therein
US10069820B2 (en) Linked registration
CN108540457B (en) Safety equipment and biological authentication control method and device thereof
CN111859415A (en) Neural network model encryption system and method
US20150012968A1 (en) Information processing system
CN109462572B (en) Multi-factor authentication method, system, storage medium and security gateway based on encryption card and UsbKey
CN109407663B (en) Unmanned information safety guarantee method and system based on block chain
CN105247833A (en) Self-authentication device and method
US20060143477A1 (en) User identification and data fingerprinting/authentication
CN113704718A (en) Computer data protection system based on identity authentication
CN103119559B (en) Information generating system and its method
CN104239762A (en) Method for realizing secure login in Windows system
CN109977640B (en) Method and device for recovering, keeping and using admin password
CN113055157A (en) Biological characteristic verification method and device, storage medium and electronic equipment
CN114036003A (en) Large file backup and recovery safety method based on hardware password equipment
CN109684802A (en) A kind of method and system providing a user artificial intelligence platform
CN111211906B (en) Method, system, device, equipment and medium for realizing one-machine one-secret of terminal equipment
CN111179522A (en) Self-service equipment program installation method, device and system
CN116260652A (en) Authorization method, system, computing device and readable storage medium
EP1722336A2 (en) Data generating device and method for initialising security data carriers

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant