[go: up one dir, main page]

CN1389807A - System and method for managing website login information - Google Patents

System and method for managing website login information Download PDF

Info

Publication number
CN1389807A
CN1389807A CN 02141279 CN02141279A CN1389807A CN 1389807 A CN1389807 A CN 1389807A CN 02141279 CN02141279 CN 02141279 CN 02141279 A CN02141279 A CN 02141279A CN 1389807 A CN1389807 A CN 1389807A
Authority
CN
China
Prior art keywords
website
user
login information
login
website login
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN 02141279
Other languages
Chinese (zh)
Other versions
CN1301477C (en
Inventor
张益洲
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Via Technologies Inc
Original Assignee
Via Technologies Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Via Technologies Inc filed Critical Via Technologies Inc
Priority to CNB021412790A priority Critical patent/CN1301477C/en
Publication of CN1389807A publication Critical patent/CN1389807A/en
Application granted granted Critical
Publication of CN1301477C publication Critical patent/CN1301477C/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Images

Landscapes

  • Information Transfer Between Computers (AREA)

Abstract

The invention relates to a system and a method for logging in different websites by using a single account password, which comprises the steps of receiving an account and a password input by a user, firstly confirming the identity of the user, searching a website login record file corresponding to the identity of the user, wherein the website login record file at least comprises a group of user login information used for logging in the website by the user, encrypting and coding the user login information in advance for protection, decoding the user login information corresponding to the website to be logged in by the user, and then transmitting the decoded user login information to the website to be logged in by the user for logging in.

Description

管理网站登入信息的系统与方法System and method for managing website login information

技术领域technical field

本发明涉及一种网站帐号的管理系统与方法,特别是一种管理及保护网站登入帐号及密码,并使用单一帐号及密码即可通行多个网站于网际网络上的系统与方法。The present invention relates to a system and method for managing website accounts, in particular to a system and method for managing and protecting website login accounts and passwords, and using a single account and password to access multiple websites on the Internet.

背景技术Background technique

由于欧盟组织统一欧洲各个国家的边界,因此当你购买了一张车票,便可利用单一车票环游欧洲各地,而不需时常更换车票来配合要出入的国家。同理在网际网络(Internet)中,一般的网站(Web Site)都会要求使用者输入帐号及密码用以验证使用者身分,才能使用特定的服务或是信息,例如提供购物服务的网站或是提供客制化信息的网站,更是需要使用者输入帐号及密码用以辨别其身分。Since the European Union unifies the borders of various European countries, when you buy a ticket, you can use a single ticket to travel around Europe without changing the ticket frequently to match the countries you want to enter and exit. Similarly, in the Internet (Internet), general websites (Web Site) will require users to enter account numbers and passwords to verify user identity before they can use specific services or information, such as websites that provide shopping services or provide Websites with customized information require users to enter account numbers and passwords to identify them.

因此,当使用者申请成为一网站的会员或是申请其提供的服务时,通常会要求使用者填写基本的个人资料,并给予使用者帐号及密码,或是要求使用者自行设定帐号及密码,利用此帐号及密码来辨识使用者的网络身分,以提供客制化的服务。Therefore, when a user applies to become a member of a website or applies for a service provided by it, the user is usually required to fill in basic personal information and give the user account number and password, or the user is required to set the account number and password by himself. , use this account number and password to identify the user's network identity to provide customized services.

然而事实上,一般的使用者皆同时拥有多个网站的密码及帐号,使用者大多通过浏览器所提供的书签管理功能来管理这些网站位置,但是这些功能却无法管理密码及帐号,或是无法保护密码及帐号这样的私人信息,且这些密码及帐号往往亦不径相同,因此使用者通常需记住个别网站的帐号与密码,这对使用者于管理这些网站帐号及密码时造成极大的不便与负担。However, in fact, most users have passwords and accounts for multiple websites at the same time. Most users manage the location of these websites through the bookmark management function provided by the browser, but these functions cannot manage passwords and accounts, or cannot Protect private information such as passwords and account numbers, and these passwords and account numbers are often different, so users usually need to remember the account numbers and passwords of individual websites, which causes great harm to users when managing these website account numbers and passwords Inconvenience and burden.

再者,使用者如欲登入网站时,首先必须使用浏览器(webbrowser)先连结到该网站的使用者登入网页,接下来使用者才能输入其帐号密码进行登入,但是如果此用户登入网页过于庞大时,使用者就必须花费更长的时间等待此网页完全显示于浏览器上时才能进行登入动作,而这也意味着必须占据更多的网络频宽及使用者的等待时间,因此以上所述的各项缺点是需要改善的。Furthermore, when a user wants to log in to a website, he must first use a browser (webbrowser) to link to the user login page of the website, and then the user can enter his account password to log in, but if the user login page is too large , the user must spend a longer time waiting for the webpage to be completely displayed on the browser before performing the login action, which also means that more network bandwidth and user waiting time must be occupied, so the above Various shortcomings need to be improved.

发明内容Contents of the invention

鉴于上述的发明背景对于网际网络上管理网站帐号及密码所产生的诸多缺点,本发明提供一种管理及保护网站登入帐号及密码,并使用单一帐号及密码即可通行多个网站于网际网络上的系统与方法。In view of the many shortcomings of the above-mentioned background of the invention for managing website accounts and passwords on the Internet, the present invention provides a method for managing and protecting website login accounts and passwords, and using a single account and password to access multiple websites on the Internet systems and methods.

本发明的主要目的为管理使用者于登入网站时所使用的帐号及密码。本发明的另一目的为保护使用者于登入网站时所使用的帐号及密码。本发明的另一目的是节省使用者于登入网站时所占用的网络频宽。本发明的另一目的为让使用者快速登入网站。The main purpose of the present invention is to manage account numbers and passwords used by users when logging into websites. Another object of the present invention is to protect the account number and password used by the user when logging into the website. Another object of the present invention is to save the network bandwidth occupied by the user when logging into the website. Another object of the present invention is to allow users to quickly log in to the website.

根据以上所述的目的,本发明提供一种记录网站的用户登入信息的方法,包含:接收使用者所输入的网站登入信息,其中此登入信息至少包含一帐号、一密码、一此网站的用户登入网页的网址,并验证使用者所输入的登入信息。加密编码通过验证的登入信息,及储存经加密编码的登入信息。According to the above-mentioned purpose, the present invention provides a method for recording user login information of a website, including: receiving the website login information input by the user, wherein the login information at least includes an account number, a password, and a website user The URL of the login page and validates the login information entered by the user. Encryption encodes the authenticated login information, and stores the encrypted login information.

其中,上述验证使用者所输入的登入信息,其步骤至少包含:搜寻用户登入网页原始码中用以储存登入信息的变量名称,以及验证该登入信息的一验证地址;传送登入信息至验证地址;及取得由验证地址所传回的讯息以得知所传送的登入信息是否正确。Among them, the steps of verifying the login information input by the user at least include: searching for the variable name used to store the login information in the source code of the user login webpage, and a verification address for verifying the login information; sending the login information to the verification address; And obtain the message returned by the verification address to know whether the login information sent is correct.

另外,本发明亦提供一种使用单一帐号密码登入不同网站的方法,其包含接收一使用者所输入的一帐号及密码,首先确认使用者的身分。寻找对应使用者身分之一网站登入记录文件,其中此网站登入记录文件至少包含一组该使用者用以登入网站的用户登入信息,并且此用户登入信息事先经过加密编码保护。将使用者欲进行登入的网站所对应的用户登入信息进行译码,再传送已译码过的用户登入信息至使用者欲进行登入的网站以进行登入。因此,使用者只需输入一次用以确认使用者身分的帐号密码,之后只需选择欲联机登入的网站即可进行登入,而不需针对个别网站输入不同的用户登入帐号及密码。In addition, the present invention also provides a method for logging in different websites with a single account password, which includes receiving an account number and password input by a user, and first confirming the identity of the user. Find a website login record file corresponding to the user identity, wherein the website login record file contains at least one set of user login information used by the user to log in to the website, and the user login information is encrypted and protected in advance. Decoding the user login information corresponding to the website that the user wants to log in, and then sending the decoded user login information to the website that the user wants to log in for login. Therefore, the user only needs to enter the account password once to confirm the user identity, and then only needs to select the website to log in to log in, without entering different user login account numbers and passwords for individual websites.

由上述得知,本发明可以提供使用者快速登入不同的网站,而且使用者不需记住用以登入各别网站的帐号信息,并且将这些网站的帐号及密码储存后经加密编码储存于使用者端的计算机中,用以保护使用者的个人信息,再者,可节省使用者于登入网站时所占用的网络频宽并让使用者可快速登入网站。Known from the above, the present invention can provide users with fast login to different websites, and the user does not need to remember the account information used to log in to the respective websites, and the account numbers and passwords of these websites are stored and then encrypted and stored for use. It is used to protect the user's personal information in the computer at the end of the website. Furthermore, it can save the network bandwidth occupied by the user when logging in to the website and allow the user to quickly log in to the website.

附图说明Description of drawings

图1a至图1c显示具有本发明的较佳实施例的一浏览器画面;Figures 1a to 1c show a browser screen with a preferred embodiment of the present invention;

图2用以说明使用者于此较佳实施例的操作步骤流程图;Fig. 2 is used to illustrate the flow chart of the user's operation steps in this preferred embodiment;

图3a用以说明本发明的较佳实施例于验证一新增的网站登入信息的处理步骤流程图;FIG. 3a is a flow chart illustrating the processing steps of verifying a newly added website login information in a preferred embodiment of the present invention;

图3b用以说明如何从超文字标记语言程序代码中取得相关信息的步骤流程图;Fig. 3b is a flow chart illustrating how to obtain relevant information from HTML program code;

图4用以说明本发明的较佳实施例于处理登入网站时的步骤流程图;Fig. 4 is used to illustrate the flow chart of the steps of the preferred embodiment of the present invention when processing the login website;

图5用以说明本发明的网站登入的管理系统。FIG. 5 is used to illustrate the website login management system of the present invention.

图中主要符号说明Description of main symbols in the figure

100″护照开放″选项100 "Passport Open" option

102对话窗102 dialog window

104功能选单104 function menu

104a″护照验证″选项104a "Passport Verification" Option

106登入信息验证窗口106 Login Information Verification Window

200~204步骤方块200~204 step blocks

300~310步骤方块300~310 step blocks

400~406步骤方块400~406 step blocks

500输入部分500 input section

502验证部分502 verification part

502a搜寻部分502a search section

502b验证传送部分502b verification transmission part

502c判定部分502c determination part

504加密编码部分504 encryption part

506储存部分506 storage part

508解密部分508 decryption part

510传送部分510 transmission part

具体实施方式Detailed ways

本发明的一较佳实施例会详细描述如下。然而,除了详细描述外,本发明还可以广泛地施行在其它的实施例中,且本发明的范围不受限定,其以权利要求书为准。A preferred embodiment of the present invention will be described in detail as follows. However, the invention can be practiced broadly in other embodiments than those described in detail, and the scope of the invention should not be limited except by the claims.

本发明提供一种记录网站的用户登入信息的方法,包含:接收使用者所输入的网站登入信息,其中此登入信息至少包含一帐号、一密码、一此网站的用户登入网页的网址;验证使用者所输入的登入信息;加密编码通过验证的登入信息;及储存经加密编码的登入信息。The invention provides a method for recording user login information of a website, comprising: receiving website login information input by a user, wherein the login information at least includes an account number, a password, and a website address of a user login web page of the website; The login information entered by the user; the encrypted login information verified; and the stored encrypted login information.

其中,上述验证使用者所输入的登入信息,其步骤至少包含:搜寻用户登入网页原始码中用以储存登入信息的变量名称,以及验证该登入信息的一验证地址;传送登入信息至验证地址;及取得由验证地址所传回的讯息以得知所传送的登入信息是否正确。Among them, the steps of verifying the login information input by the user at least include: searching for the variable name used to store the login information in the source code of the user login webpage, and a verification address for verifying the login information; sending the login information to the verification address; And obtain the message returned by the verification address to know whether the login information sent is correct.

另外,本发明亦提供一种使用单一帐号密码登入不同网站的方法,其包含接收一使用者所输入的一帐号及密码,用以确认使用者身分;寻找对应使用者身分的一网站登入记录文件,其中此网站登入记录文件至少包含一组该使用者用以登入网站的用户登入信息,并且此用户登入信息事先经过加密编码保护;将使用者欲进行登入的网站所对应的用户登入信息进行译码;传送已译码过的用户登入信息至使用者欲进行登入的网站以进行登入,因此使用者只需输入一次用以确认使用者身分的帐号密码,之后只需选择欲联机登入的网站即可进行登入,而不需针对个别网站输入不同的用户登入帐号及密码。In addition, the present invention also provides a method for logging in to different websites using a single account password, which includes receiving an account number and password input by a user to confirm the user's identity; finding a website login record file corresponding to the user's identity , where the website login record file contains at least one set of user login information used by the user to log in to the website, and the user login information is encrypted and protected in advance; the user login information corresponding to the website that the user wants to log in is translated code; send the decoded user login information to the website that the user wants to log in to log in, so the user only needs to enter the account password once to confirm the user's identity, and then only need to select the website to log in It is possible to log in without inputting different user login IDs and passwords for individual websites.

图1a至图1c显示本发明的一较佳实施例的浏览器(browser)画面,本较佳实施例在此浏览器中嵌入一个管理程序用以管理及保护要连结登入网站相关的帐号密码,但是于其它实施例中本发明可以利用其它的方式实施,并不限制一定要与浏览器结合。如图1a所示,使用者点选″护照开放″100后,出现对话窗102要求使用者输入帐号密码,并且于使用者未输入正确的帐号密码的前,无法使用及进行其它动作,接下来,使用者输入正确的帐号密码后,如图1b中所示的其它功能选单104才得以使用,其中上述的要求使用者用以″护照开启″的帐号密码为用以激活此管理程序的一组帐号密码,使用者只需使用此单一帐号密码来管理其它的网站帐号密码,而不需记忆个别网站的用户登入帐号密码,用以方便使用者于网际网络上登入网站。Fig. 1a to Fig. 1c show the browser (browser) screen of a preferred embodiment of the present invention, and this preferred embodiment embeds a management program in this browser in order to manage and protect the relevant account password that will link and log in website, However, in other embodiments, the present invention can be implemented in other ways, and it is not limited to be combined with a browser. As shown in Figure 1a, after the user clicks "Open Passport" 100, a dialogue window 102 appears to require the user to enter the account password, and before the user has not entered the correct account password, it is impossible to use and perform other actions, and then After the user enters the correct account password, the other function menu 104 as shown in Figure 1b can be used, wherein the above-mentioned account password that requires the user to use "passport to open" is a group for activating the management program Account password, the user only needs to use this single account password to manage other website account passwords, and does not need to memorize the user login account passwords of individual websites, which is used to facilitate users to log in to websites on the Internet.

如图1b所示,当使用者点选″护照验证″选项104a,即出现一网站登入信息验证窗口106,要求使用者输入欲验证的网站帐号及密码,例如于此较佳实施例中,使用者欲新增管理一网站(http://www.pchome.com.tw),因此使用者于网站登入信息验证窗口106上输入此使用者于此网站(http://www.pchome.com.tw)的一组帐号密码,然后由管理程序进行验证工作,如果使用者所提供的这组帐号密码正确无误,则此组帐号密码会被保留并加以编码保护,因此使用者下次如欲再次登入网站(http://www.pchome.com.tw)便不需要再次输入帐号密码,只需要如图1c所示,直接选择此已经过验证的网站名称,便可直接完成原来该网站的登入程序。As shown in Figure 1b, when the user clicks the "passport verification" option 104a, a website login information verification window 106 will appear, requiring the user to input the website account number and password to be verified. For example, in this preferred embodiment, use The user wants to add and manage a website (http://www.pchome.com.tw), so the user enters this user on the website login information verification window 106 (http://www.pchome.com.tw. tw) a group of account passwords, and then the verification work is performed by the management program. If the group of account passwords provided by the user is correct, the group of account passwords will be reserved and protected by encoding. To log in to the website (http://www.pchome.com.tw), you don’t need to enter the account password again. You only need to directly select the verified website name as shown in Figure 1c, and you can directly complete the login of the original website program.

因此由上述得知,本发明可以提供使用者快速登入不同的网站,而且使用者不需记住用以登入各别网站的帐号信息,再者,本发明将这些网站的帐号及密码储存后经加密编码储存于使用者端的计算机中,用以保护使用者的个人信息。Therefore, it is known from the above that the present invention can provide users with fast login to different websites, and the user does not need to remember the account information used to log in to the respective websites. Furthermore, the present invention stores the account numbers and passwords of these websites through Encrypted codes are stored in the user's computer to protect the user's personal information.

图2用以说明使用者于此较佳实施例的操作步骤流程,当使用者激活此管理程序200后,接下来输入激活此管理程序所需的一帐号与密码202,用以开启功能选项204,于此较佳实施例中所具有的功能主要为提供网站登入信息验证204a、网站登入信息管理204b及登入网站204c。其中,网站登入信息验证204a功能用以验证使用者欲新增的一网站登入帐号密码,并将通过验证的帐号密码经加密编码储存;网站登入信息管理204功能则用以管理上述所储存的网站登入帐号信息,使用者可对其进行分类管理或加以注释;连结网站204c功能用以提供使用者直接登入所选择的网站,而不需输入各别网站的登入帐号信息。FIG. 2 is used to illustrate the user's operation steps in this preferred embodiment. After the user activates the management program 200, he then enters an account number and password 202 required to activate the management program to open the function option 204. , the functions in this preferred embodiment are mainly to provide website login information verification 204a, website login information management 204b and website login 204c. Among them, the website login information verification 204a function is used to verify a website login account password that the user wants to add, and the verified account password is encrypted and stored; the website login information management 204 function is used to manage the above-mentioned stored websites The login account information, the user can classify and manage or comment on it; the link website 204c function is used to provide the user to directly log in to the selected website without inputting the login account information of each website.

图3a用以说明本发明于验证一新增的网站帐号密码时的处理步骤流程图,首先接收由使用者所输入的网站网址、帐号及密码300,此帐号及密码是使用者用以登入此网站的身分辨识信息,接下来根据使用者所输入的网站网址取得用户登入网页,寻找此网页中有关帐号及密码的相关信息302,然后将使用者的帐号及密码传送至该网站304以进行用户登入,如果此组帐号密码不被接受则要求使用者再次输入帐号密码306,然后将正确可用以登入的帐号密码经加密编码保护308后储存310,于本发明的较佳实施例中,其加密编码的方式是采用RSA公开/私密金钥算法,但是本发明并不限制使用其它的加密编码方式于其它实施例中。其中上述的寻找网页中有关帐号及密码的相关信息的处理方法说明如下,例如于此较佳实施例中其网站的用户登入网页的地址为http://www.pchome.com.tw,其中此用户登入网页的部分html(Hypertext Markup Language,超文字标记语言)程序片段如下:Fig. 3 a is used to explain the flow chart of the processing steps of the present invention when verifying a newly added website account password. First, the website URL, account number and password 300 input by the user are received. This account number and password are used by the user to log in to this website. The identification information of the website, and then obtain the user login page according to the website URL entered by the user, find the relevant information 302 about the account number and password in this page, and then send the user account number and password to the website 304 for user Log in, if this group of account passwords is not accepted, the user is required to enter the account password 306 again, and then the correct account password that can be used to log in is encrypted and protected 308 and then stored 310. In a preferred embodiment of the present invention, it is encrypted The way of encoding is to use the RSA public/private key algorithm, but the present invention does not limit the use of other encryption and encoding methods in other embodiments. Wherein the processing method of the relevant information of above-mentioned looking for relevant account number and password in the webpage is described as follows, for example in this preferred embodiment the address of the user login webpage of its website is http://www.pchome.com.tw, wherein this Part of the html (Hypertext Markup Language, Hypertext Markup Language) program fragment for the user to log in to the webpage is as follows: 

           
    <form method=POST action=http://mail.pchome.com.tw/adm/
flogin.php3>

    <td bgcolor=″6FBA52″width=″124″class=″text″align=″center″><img
width=″1″height=″2″>

    <a href=″http://mail.pchome.com.tw/″style=″color:white″>电子邮件
</a>

    </td>

    <td  valign=″top″ width=″6″><img  src=″/img/a.gif″width=″6″
height=″6″border=″0″alt=″″></td></tr></table>

    <img width=″1″height=″3″><br>

    <table width=″130″  border=″0″ cellspacing=″0″cellpadding=″6″
bgcolor=″BBD976″><tr><td align=″center″>

    <table border=″0″cellspacing=″0″cellpadding=″0″width=″110″>

    <tr><td class=″text3″><span style=″color:white″>帐号
</span></td><td><img width=″2″height=″3″></td>

    <td><input type=″text″name=″fuid″size=″8″
maxlength=″20″></td></tr>

    <tr><td class=″text3″><span style=″color:white″>密码
</span></td><td><img width=″2″height=″3″></td>

    <td><input type=″password″name=″fpass″size=″8″
maxlength=″20″></td></tr>

    </table><img height=3 width=1><br>

    <table width=″115″border=″0″cellspacing=″0″
cellpadding=″0″><tr><td>&nbsp;

    <a href=″http://isp.pchome.com.tw/registe/″style=″color:white;font-
size:9pt;″>加入会员</a>

    </td><td align=″right″><input type=″submit″value=″登入
″></td></tr></table>

    </td></form>

    <form method=POST action=http://mail.pchome.com.tw/adm/
flogin.php3>

    <td bgcolor="6FBA52"width="124"class="text"align="center"><img
width="1" height="2">

    <a href="http://mail.pchome.com.tw/"style="color: white"> Email
</a>

    </td>

    <td valign="top" width="6"><img src="/img/a.gif"width="6"
height="6"border="0"alt=""></td></tr></table>

    <img width="1" height="3"><br>

    <table width="130" border="0" cellspacing="0" cellpadding="6"
bgcolor="BBD976"><tr><td align="center">

    <table border="0"cellspacing="0"cellpadding="0"width="110">

    <tr><td class="text3"><span style="color: white">account
</span></td><td><img width="2"height="3"></td>

    <td><input type="text" name="fuid" size="8"
maxlength="20"></td></tr>

    <tr><td class="text3"><span style="color: white">password
</span></td><td><img width="2"height="3"></td>

    <td><input type="password" name="fpass" size="8"
maxlength="20"></td></tr>

    </table><img height=3 width=1><br>

    <table width="115"border="0"cellspacing="0"
cellpadding="0"><tr><td>&nbsp;

    <a href="http://isp.pchome.com.tw/registe/"style="color: white; font-
size: 9pt;″>Join member</a>

    </td><td align="right"><input type="submit" value="login
″></td></tr></table>

    </td></form>

其中,可从<form action=″....″metho=″post″>中得知要网站用以验证使用者所输入的帐号与密码的验证程序位置,如本实施例中的:http://mail.pchome.com.tw/adm/flogin.php3Wherein, it can be known from <form action=″...″metho=″post”> that the website is used to verify the verification program location of the account number and password input by the user, as in this embodiment: http: //mail.pchome.com.tw/adm/flogin.php3

再取得所有以<input>卷标(tag)所标记的字符串,如本实施例中的:Obtain all the character strings marked with <input> tags again, as in this embodiment:

<input type=″text″name=″fuid″size=″8″maxlength=″20″><input type="text" name="fuid" size="8" maxlength="20">

<input type=″password″name=″fpass″size=″8″maxlength=″20″><input type="password" name="fpass" size="8" maxlength="20">

其中,如<input type=′text′...>则表示使用者帐号,<inputtype=password...>则为使用者密码,<input type=hidden...>则代表为隐藏资料,因此由上述的超文字标记语言)程序片段可得知,此网站于使用者输入登入用的帐号密码后,该网站会将使用者所输入的帐号储存于变量名称″fuid″中,而密码则储存于变量名称″fpass″中,然后将这些登入信息传送至″http://mail.pchome.com.tw/adm/flogin.php3″以验证使用者身分。Among them, if <input type='text'...> means user account, <input type=password...> means user password, <input type=hidden...> means hidden data, so It can be seen from the above hypertext markup language) program fragment that after the user enters the account password for login, the website will store the account number entered by the user in the variable name "fuid", and the password will be stored in In the variable name "fpass", then send these login information to "http://mail.pchome.com.tw/adm/flogin.php3" to verify user identity.

因此通过图3a中寻找网页中关于帐号及密码相关信息的步骤302更可分成如图3b所示的步骤方块,首先读取网页的超文字标记语言程序代码(HTML code)312,然后寻找并撷取于此超文字标记语言程序代码中由卷标<form>所包含的信息314,接下来从上述所撷取的资料中解析出使用于登入网站时所需的资料316,最后将解析取得的结果储存318,其中所解析取得的资料包含此网站用以储存帐号密码的变量名称及验证登入信息的位置,如此一来本发明可让使用者只需于输入一次网站的用户登入帐号密码,并通过此帐号密码的验证,则下次使用者如欲再次登入此网站时,本发明会自动将登入信息传送至该网站以进行使用者登入,使用者不需再次输入,于本较佳实施例中所使用的传送协议为超文件传输协议(Hypertext Transfer Protocol,HTTP),然而本发明并不局限于此传送协议。再者,由于使用者无须再联机至该网站的用户登入网页即可进行登入,因此也意味着可节省网络频宽。Therefore, the step 302 of finding relevant information about the account number and password in the webpage in FIG. Obtain the information 314 contained in the tag <form> in the hypertext markup language program code, and then analyze the data 316 needed for logging into the website from the above-mentioned extracted data, and finally analyze the obtained data Result storage 318, wherein the analyzed data includes the variable name of the website for storing the account password and the location of the verification login information, so that the present invention allows the user to only need to input the user login account password of the website once, and Through the verification of this account password, if the user wants to log in to the website again next time, the present invention will automatically send the login information to the website for user login, and the user does not need to input again. In this preferred embodiment The transfer protocol used in is Hypertext Transfer Protocol (Hypertext Transfer Protocol, HTTP), but the present invention is not limited to this transfer protocol. Furthermore, since the user does not need to connect to the user login page of the website to log in, it also means that the network bandwidth can be saved.

图4用以说明本发明的较佳实施例于登入网站时的处理流程步骤,如图1c所示,当使用者选择一已经过验证的网站名称时,首先读取使用者所选择欲联机网站的登入信息400,此登入信息至少包含用以登入此网站的使用者帐号密码、此网站验证登入信息的位置、及其它此网站所需的信息,接下来将先前经过加密的登入信息解密402,然后将使用者的登入信息传送至此网站用以验证登入信息的位置以进行验证登入404,最后使用者登入完成406。Fig. 4 is used to illustrate the processing flow steps of the preferred embodiment of the present invention when logging in to the website, as shown in Fig. 1c, when the user selects a verified website name, at first read the desired online website selected by the user The login information 400, the login information at least includes the user account password used to log into the website, the location of the website to verify the login information, and other information required by the website, and then decrypt the previously encrypted login information 402, Then send the user's login information to the site for verifying the login information to perform verification login 404 , and finally the user login is completed 406 .

图5为本发明的网站登入的管理系统之一较佳实施结构图,至少包含一输入部分500、一验证部分502、一加密编码部分504、一储存部分506、一解密部分508、一传送部分510及一中央处理单元。其中,输入部分500用以接收一使用者所输入的多数个网站登入信息,每一个网站登入信息包含一相对应网站的使用者登入帐号,并且用以确认使用者的身分,以让其登入此网站登入的管理系统,验证部分502又可分为三个部分:一搜寻部分502a,用以搜寻该使用者登入网页的原始码中用以储存该网站登入信息的一变量名称,以及该网站用以验证该网站登入信息的一验证用户身份地址;一验证传送部分502b,用以由该变量名称,传送该网站登入信息至该验证用户身份地址;及一判定部分502c,用以取得由该验证用户身份地址传回的一讯息,以验证判定所传送的该网站登入信息是否正确。Fig. 5 is a preferred implementation structure diagram of the management system for website login of the present invention, which at least includes an input part 500, a verification part 502, an encryption code part 504, a storage part 506, a decryption part 508, and a transmission part 510 and a central processing unit. Wherein, the input part 500 is used to receive a plurality of website login information input by a user, each website login information includes a user login account corresponding to the website, and is used to confirm the identity of the user, so that it can log in this website In the management system for website login, the verification part 502 can be divided into three parts: a search part 502a, which is used to search for a variable name used to store the website login information in the source code of the user's login webpage, and the website user A verification user identity address to verify the website login information; a verification transmission part 502b, used to transmit the website login information to the verification user identity address from the variable name; and a determination part 502c, used to obtain A message sent back from the user's identity address to verify whether the sent login information of the website is correct.

接下来,将经过验证部分502验证过的网站登入信息利用加密编码部分504进行加密保护后,再储存于储存部分506中,以维护该网站登入信息的保密性,其中上述的储存部分506为一资料储存媒介,例如是一磁盘储存装置,或是一闪存。Next, the website login information verified by the verification part 502 is encrypted and protected by the encryption code part 504, and then stored in the storage part 506 to maintain the confidentiality of the website login information, wherein the above-mentioned storage part 506 is a The data storage medium is, for example, a disk storage device or a flash memory.

然后当使用者欲登入一网站时,储存于储存部分506中对应于使用者欲登入的网站的用户登入信息则经由解密部分508进行解密后,再经由传送部分510传送此经过解密处理的网站登入信息至所对应的网站服务器。Then when the user wants to log in to a website, the user login information corresponding to the website that the user wants to log in stored in the storage part 506 is decrypted by the decryption part 508, and then the decrypted website login information is sent through the transmission part 510 information to the corresponding web server.

由上述得知,本发明可以提供使用者快速登入不同的网站,而且使用者不需记住用以登入各别网站的帐号信息,并且将这些网站的帐号及密码储存后经加密编码储存于使用者端的计算机中,用以保护使用者的个人信息,再者,可节省使用者于登入网站时所占用的网络频宽并让使用者可快速登入网站。Known from the above, the present invention can provide users with fast login to different websites, and the user does not need to remember the account information used to log in to the respective websites, and the account numbers and passwords of these websites are stored and then encrypted and stored for use. It is used to protect the user's personal information in the computer at the end of the website. Furthermore, it can save the network bandwidth occupied by the user when logging in to the website and allow the user to quickly log in to the website.

以上所述仅为本发明的较佳实施例,并非用以限定本发明的保护范围;凡其它未脱离本发明所揭示之精神下所完成之等效改变或修饰,均应包含在权利要求书的范围内。The above descriptions are only preferred embodiments of the present invention, and are not intended to limit the protection scope of the present invention; all other equivalent changes or modifications that do not deviate from the spirit disclosed in the present invention should be included in the claims In the range.

Claims (10)

1.一种网站登入的管理系统,其特征在于,包含:1. A management system for website login, characterized in that it comprises: 一输入部分,用以接收一使用者所输入的多个网站登入信息,其中每一该网站登入信息包含一相对应网站的使用者登入帐号;An input part for receiving a plurality of website login information input by a user, wherein each of the website login information includes a user login account of a corresponding website; 一储存部分,用以储存该多个网站登入信息;及a storage section for storing the login information of the plurality of websites; and 一传送部分,根据该使用者的选择,传送其中一个该储存的网站登入信息至所对应的网站。A sending part, according to the selection of the user, sends one of the stored website login information to the corresponding website. 2.如权利要求1所述的网站登入的管理系统,其特征在于,每一个上述的网站登入信息更包含一登入网页网址及一密码。2. The website login management system as claimed in claim 1, wherein each of the above-mentioned website login information further includes a login web address and a password. 3.如权利要求1所述的网站登入的管理系统,其特征在于,更包含一验证部分,用以传送出该网站登入信息,并验证该网站登入信息的正确性,且该验证部分包含:3. The management system for website login as claimed in claim 1, further comprising a verification part for sending out the website login information and verifying the correctness of the website login information, and the verification part includes: 一搜寻部分,用以搜寻该使用者登入网页的原始码中用以储存该网站登入信息的一变量名称,以及该网站用以验证该网站登入信息的一验证用户身份地址;a search part for searching a variable name used to store the login information of the website in the source code of the user's login webpage, and a verification user identity address used by the website to verify the login information of the website; 一验证传送部分,由该变量名称,传送该网站登入信息至该验证用户身份地址;及a verification transmission part, which transmits the login information of the website to the verification user identity address according to the variable name; and 一判定部分,取得由该验证用户身份地址传回的一讯息,以验证判定所传送的该网站登入信息是否正确。A judging part obtains a message sent back from the verified user's identity address to verify whether the sent login information of the website is correct or not. 4.如权利要求1所述的网站登入的管理系统,其特征在于,更包含一编码部分及一译码部分,其中,该编码部分将该网站登入信息加以编码后,再储存于该储存部分,以维护该网站登入信息的保密性,而该译码部分,用以在该经编码的网站登入信息被传送的前先将其译码。4. The management system for website login as claimed in claim 1, further comprising an encoding part and a decoding part, wherein the encoding part encodes the website login information and then stores it in the storage part , to maintain the confidentiality of the website login information, and the decoding part is used to decode the encoded website login information before it is transmitted. 5.如权利要求1所述的网站登入的管理系统,其特征在于,更包含一确认部分,接收该使用者输入的一用户登入讯息,用以确认该使用者的身分,以让其登入该网站登入的管理系统。5. The management system for website login as claimed in claim 1, further comprising a confirmation part for receiving a user login message input by the user to confirm the identity of the user so as to allow him to log in the A management system for website logins. 6.一种管理网站登入的方法,其特征在于,包含:6. A method for managing website login, characterized in that it comprises: 接收一使用者所输入的多个网站登入信息,其中每一该网站登入信息包含一相对应网站的使用者登入帐号;receiving a plurality of website login information input by a user, wherein each website login information includes a user login account of a corresponding website; 储存该多个网站登入信息;及store the login information for the plurality of websites; and 根据该使用者的选择,传送其中一个该储存的网站登入信息至所对应的网站。According to the user's selection, one of the stored website login information is sent to the corresponding website. 7.如权利要求6所述的管理网站登入的方法,其特征在于,每一个上述的网站登入信息更包含一登入网页网址及一密码。7. The method for managing website login as claimed in claim 6, wherein each of the above-mentioned website login information further includes a login web address and a password. 8.如权利要求6所述的管理网站登入的方法,其特征在于,更包含传送出该网站登入信息,并验证该网站登入信息的正确性,其中该验证步骤包含:8. The method for managing website login as claimed in claim 6, further comprising sending out the website login information and verifying the correctness of the website login information, wherein the verifying step comprises: 搜寻该使用者登入网页的原始码中用以储存该网站登入信息的一变量名称,以及该网站用以验证该网站登入信息的一验证用户身份地址;Search for a variable name used to store the website login information in the source code of the user's login webpage, and a verification user identity address used by the website to verify the website login information; 由该变量名称,传送该网站登入信息至该验证用户身份地址;及From the variable name, send the website login information to the verified user identity address; and 取得由该验证用户身份地址传回的一讯息,以验证判定所传送的该网站登入信息是否正确。Obtain a message sent back by the verified user identity address to verify whether the sent login information of the website is correct. 9.如权利要求6所述的管理网站登入的方法,其特征在于,更包含将该网站登入信息加以编码后,再进行该储存步骤,以维护该网站登入信息的保密性,并在该经编码的网站登入信息被传送以前先将其译码。9. The method for managing website login as claimed in claim 6, further comprising encoding the website login information, and then performing the storing step to maintain the confidentiality of the website login information, and Encoded website login information is decoded before being transmitted. 10.如权利要求6所述的管理网站登入的方法,其特征在于,更包含接收该使用者输入的一用户登入讯息,用以确认该使用者的身分,以让其登入该网站登入的管理系统。10. The method for managing website login as claimed in claim 6, further comprising receiving a user login message input by the user to confirm the identity of the user so as to allow him to log in to the management of the website login system.
CNB021412790A 2002-07-05 2002-07-05 System and method for managing website login information Expired - Lifetime CN1301477C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNB021412790A CN1301477C (en) 2002-07-05 2002-07-05 System and method for managing website login information

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNB021412790A CN1301477C (en) 2002-07-05 2002-07-05 System and method for managing website login information

Publications (2)

Publication Number Publication Date
CN1389807A true CN1389807A (en) 2003-01-08
CN1301477C CN1301477C (en) 2007-02-21

Family

ID=4750362

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB021412790A Expired - Lifetime CN1301477C (en) 2002-07-05 2002-07-05 System and method for managing website login information

Country Status (1)

Country Link
CN (1) CN1301477C (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100410922C (en) * 2005-01-28 2008-08-13 联想(北京)有限公司 User information management system and method
CN1835438B (en) * 2006-03-22 2011-07-27 阿里巴巴集团控股有限公司 Method of realizing single time accession between websites and website thereof
WO2014019129A1 (en) * 2012-07-31 2014-02-06 Google Inc. Automating password maintenance

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1151445C (en) * 2000-04-24 2004-05-26 青柠网科技有限公司 Website system that allows multiple entry

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100410922C (en) * 2005-01-28 2008-08-13 联想(北京)有限公司 User information management system and method
CN1835438B (en) * 2006-03-22 2011-07-27 阿里巴巴集团控股有限公司 Method of realizing single time accession between websites and website thereof
US8250095B2 (en) 2006-03-22 2012-08-21 Alibaba Group Holding Limited Intersystem single sign-on
US8589442B2 (en) 2006-03-22 2013-11-19 Alibaba Group Holding Limited Intersystem single sign-on
WO2014019129A1 (en) * 2012-07-31 2014-02-06 Google Inc. Automating password maintenance

Also Published As

Publication number Publication date
CN1301477C (en) 2007-02-21

Similar Documents

Publication Publication Date Title
TW567427B (en) System and method for managing the sign-in data of web site
CN1308870C (en) Method and system for visiting several servers in www network by a user for registration once only
US9026788B2 (en) Managing credentials
CN105610810B (en) A data processing method, client and server
KR100808434B1 (en) Method and system for monitoring user interaction with a computer
AU2010218308B2 (en) System and methods for automatically accessing a web site on behalf of client
EP2191610B1 (en) Software based multi-channel polymorphic data obfuscation
CN107302539B (en) Electronic identity registration and authentication login method and system
US5684951A (en) Method and system for user authorization over a multi-user computer system
JP4616352B2 (en) User confirmation apparatus, method and program
US20080168546A1 (en) Randomized images collection method enabling a user means for entering data from an insecure client-computing device to a server-computing device
CN1506873A (en) Method and system for identifying &amp; transmitting verifiable authorization among complete heteroyeneous network area
JP5735539B2 (en) System, apparatus and method for encrypting and decrypting data transmitted over a network
JP4964338B2 (en) User confirmation apparatus, method and program
CN1478348A (en) Security Session Management and Authentication of WEB Site
CN104852895A (en) Card authentication for OAuth supported cloud services on a multi-function device
CN101034981A (en) Network access control system and its control method
CN103763104A (en) Method and system for dynamic verification
CN1369783A (en) Reality output method, its application device and processing program
CN1366641A (en) Web page browsing limiting method and server system
US20060026692A1 (en) Network resource access authentication apparatus and method
CN107451459A (en) The method and apparatus verified using picture validation code
KR20200091138A (en) Authentication method and system using private domain name
US20030065789A1 (en) Seamless and authenticated transfer of a user from an e-business website to an affiliated e-business website
CN118094580A (en) Information security management system and method based on Internet of things

Legal Events

Date Code Title Description
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CX01 Expiry of patent term

Granted publication date: 20070221

CX01 Expiry of patent term