[go: up one dir, main page]

WO2019165976A1 - Procédé et appareil d'entrée de mot de passe - Google Patents

Procédé et appareil d'entrée de mot de passe Download PDF

Info

Publication number
WO2019165976A1
WO2019165976A1 PCT/CN2019/076336 CN2019076336W WO2019165976A1 WO 2019165976 A1 WO2019165976 A1 WO 2019165976A1 CN 2019076336 W CN2019076336 W CN 2019076336W WO 2019165976 A1 WO2019165976 A1 WO 2019165976A1
Authority
WO
WIPO (PCT)
Prior art keywords
icon
password
input
character segment
icons
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2019/076336
Other languages
English (en)
Chinese (zh)
Inventor
于君
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Publication of WO2019165976A1 publication Critical patent/WO2019165976A1/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/83Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/01Input arrangements or combined input and output arrangements for interaction between user and computer
    • G06F3/048Interaction techniques based on graphical user interfaces [GUI]
    • G06F3/0487Interaction techniques based on graphical user interfaces [GUI] using specific features provided by the input device, e.g. functions controlled by the rotation of a mouse with dual sensing arrangements, or of the nature of the input device, e.g. tap gestures based on pressure sensed by a digitiser
    • G06F3/0488Interaction techniques based on graphical user interfaces [GUI] using specific features provided by the input device, e.g. functions controlled by the rotation of a mouse with dual sensing arrangements, or of the nature of the input device, e.g. tap gestures based on pressure sensed by a digitiser using a touch-screen or digitiser, e.g. input of commands through traced gestures
    • G06F3/04883Interaction techniques based on graphical user interfaces [GUI] using specific features provided by the input device, e.g. functions controlled by the rotation of a mouse with dual sensing arrangements, or of the nature of the input device, e.g. tap gestures based on pressure sensed by a digitiser using a touch-screen or digitiser, e.g. input of commands through traced gestures for inputting data by handwriting, e.g. gesture or text

Definitions

  • the present invention relates to an interaction technique between a user and a computer, and more particularly to a password input method and an apparatus using the same.
  • the system when users input passwords on various types of computer devices, in order to prevent the input content from being seen by others, the system generally adopts a non-meaningful special character instead of the input password in the password input box on the screen.
  • users in order to increase the confidentiality intensity, users often set the password to a meaningless long string that is not easy to be accurately and quickly blinded.
  • the special character of the substitute password is displayed in the password input box on the screen, It is difficult for users to find errors in the input in time.
  • what is hidden is only the password on the screen, but it cannot cover the action when the user inputs the password with the finger on the keyboard at the same time, and the password is still obtained by the others by observing and analyzing the finger action when the user operates the button.
  • the present invention provides a password input method and apparatus, which are convenient for the user to memorize and have high password security.
  • the present invention has made the following improvements:
  • an embodiment provides a password input method, including:
  • the currently received input character segment is compared with the random character segment mark of the password icon, and the password input is finally determined according to the comparison result.
  • an embodiment provides a password input device, including:
  • a display unit for displaying graphic and character information related to the password input operation
  • a data processing unit for analyzing and processing information related to the password input operation
  • Input unit for inputting password operation information to the data processing unit
  • the display unit is further configured to display the first icon group including the password icon, and display a random character segment of each icon at a position corresponding to each icon;
  • the input unit is configured to obtain a currently received character segment of the user input, and send the input character segment to the data processing unit;
  • the data processing unit is further configured to allocate each random character segment mark for each icon in the first icon group, and send the random character segment of each icon to the display unit, each random character segment includes at least one
  • the data processing unit is further configured to compare the currently received input character segment with the random character segment mark of the password icon, and finally determine whether the password input is correct according to the comparison result.
  • the password is set by the icon that is convenient for the user to remember and the random character segment mark corresponding to each icon, and the character corresponding to the password icon is input in the first icon group.
  • the segment is used for password matching, and the security of the password is enhanced by the method, and the memory burden of the user is alleviated.
  • FIG. 1 is a schematic diagram of a display unit and an input unit of an embodiment
  • FIG. 2 is a schematic diagram of a set password icon of an embodiment
  • FIG. 3 is a schematic diagram of a display unit and an input unit of another embodiment
  • FIG. 4 is a schematic diagram showing the position of the icon distribution in the first icon group being randomly changed compared with FIG. 3.
  • FIG. 4 is a schematic diagram showing the position of the icon distribution in the first icon group being randomly changed compared with FIG. 3.
  • the present application provides a password input method and apparatus, which set a password by an icon that is convenient for the user to memorize and a random character segment mark corresponding to each icon, by inputting a password icon in the first icon group.
  • the corresponding character segment is used for password matching, and the security of the password is enhanced by the method, which increases the difficulty for the password voyeur to crack the password by observing the random character segment input by the user.
  • interconnect may be static or dynamic characters, numbers, symbols, icons, logos, graphics, tiles, or a combination thereof, or may be included in dynamic or static images or drawings. Multiple local areas with exact boundaries and shapes but with exact approximate positional features.
  • icon group refers to a set of icons including a plurality of icons arranged in an ordered or unordered manner and displayed at the same time; or a static group containing a plurality of virtual regions serving as icons or Dynamic picture, this picture can even be a blank picture, in which each virtual area acting as an icon has a fixed specific position.
  • the virtual area in an icon group can display the same picture, or display different pictures, or display a blank picture, as long as the position of each virtual area serving as an icon is fixed, when the icon is a virtual area, In fact, the location information is used to distinguish different icons.
  • the "input” referred to in the present application may be input through a physical keyboard or a virtual keyboard, or may be input by a pen, a finger on a touch screen, a stroke drawing or a gesture drawing input, or may be input through a voice. It may be the movement and positioning input of the viewing focus of the human eye on the screen detected by the photoelectric recognition and sensing device.
  • the "character" referred to in the present application may be a letter, a number, a symbol typed on a physical keyboard or a virtual keyboard, a sliding track input by a pen or a finger on a touch screen, or a note input by voice.
  • the corresponding letters, numbers, and symbols may also be letters, numbers, and symbols corresponding to and triggered by the observation focus of the human eye input on the screen through the photoelectric recognition and sensing device.
  • character segment includes at least one character.
  • characters Of course, in order to increase the difficulty of voyeur recording, it is best to use multiple characters. The more characters the character segment contains, the higher the security level of the password, but the amount of calculation of the system will also increase. In actual operation, the number of characters contained in the character segment should be selected as needed.
  • random character segment refers to a character segment that is randomly assigned and has a corresponding relationship with a specific icon in only one display; when the specific icon is displayed again, it is randomly assigned another one and still only A random segment of a correspondence.
  • random character segment mark refers to a random character segment that follows the area of the position where the "icon" is located.
  • display unit includes an electronic display, or a combination of electronic displays, or a combination of an electronic display and a static graphic display.
  • a password input device in an embodiment of the present invention, includes a display unit, a data processing unit, and an input unit, wherein the data processing unit display unit and the input unit are signally connected.
  • the display unit further Connected to the input unit signal.
  • the input unit is configured to acquire an input character segment currently input by the user, and then send the received input character segment to the data processing unit.
  • the input unit may send the input character segments to the data processing unit in batches, or may send all the input character segments to the data processing unit after the user inputs.
  • a data processing unit configured to receive an input character segment sent by the input unit, assign different random segment segments to each icon currently displayed by the display unit, and input the segment and the password icon after receiving the input segment
  • the random character segment mark is compared, and according to the comparison result, it is determined whether the user's password input is correct.
  • the data processing unit can compare each input character segment with the random character segment mark of the password icon in batches, or after inputting all the input character segments together with the password icon. Random character segment marks are used for comparison.
  • no matter which comparison method is used the judgment result can be given after all the input is completed, so that the password thief will have difficulty judging that there are several input character segments and that the input character segments have errors. Increased the difficulty of password cracking.
  • the display unit is configured to display a first icon group including an icon, and a random segment label assigned to each icon by the data processing unit, and the random segment mark corresponding to the icon can be displayed beside the icon , can also be displayed in other one-to-one correspondence.
  • the method further includes: a setting unit connected to the data processing unit, wherein the setting unit is configured to set the password icon, and send the set password icon to the data processing unit, that is, when the password is set,
  • the setting unit is configured to obtain a set of password icons, and the password icon is at least two icons selected by the user from the second icon group of the plurality of icons currently displayed by the display unit.
  • the setting unit is further configured to set the number of icons in the first icon group displayed by the display unit; or the setting unit is further configured to set the number of icons in the password icon; The unit can also be used to set the number of random segment markers assigned for each icon.
  • a display screen 1 as a display unit and a keyboard 2 as an input unit are included.
  • the display screen 1 and the keyboard 2 may be independent electronic components connected to each other by wired or wireless communication, or may be virtual keyboards displayed on the same screen in the same touch screen.
  • the display screen 1 displays a first icon group including a set number icon 3, wherein the set number may be a system setting, or may be manually set by the user according to requirements, in this embodiment, as shown in FIG.
  • the first icon group contains 30 icons 3.
  • a random character segment mark 4 composed of at least one character is displayed next to each icon 3.
  • the random character segment mark 4 includes three characters, and the characters are composed of numbers.
  • the number of characters in each random segment mark 4 may also be one, two or more.
  • the characters may not be limited to numbers, may be symbols, letters, etc., and are random in a specific embodiment.
  • the keyboard 2 includes a plurality of character buttons, wherein the character buttons include all the characters constituting the random character segment marks 4.
  • the keyboard further includes the function buttons shown in the figure, and the function buttons are used for the reversal when an input error occurs.
  • the character button is a ten-digit character button 5 including 0 to 9, and the function button is an enter key 6 and a backspace key 7.
  • the icon is preferably a variety of graphics, icons that have unique features that are easy to identify, distinguish, and remember, and may be static or dynamic.
  • the present application also provides a password input method.
  • the password is first set by the setting unit. First, at least two icons are obtained as a set of password icons in a displayed second set of icons containing multiple icons.
  • the figure shows a password icon set by the user in advance through the setting unit, which includes four optional icons.
  • the four icons are selected by the user from the second icon group in FIG. 1.
  • the password After the password is set, when the user needs to enter the password protection device or view related information, the user needs to input a password to open the device or information page.
  • the process of the password input method is as follows:
  • the display unit will display a set of the first icon group including the password icon, and display the different random segment marks assigned to each icon, and display the random character segments of each icon in the Each icon forms a position of a correspondence, and each random character segment contains at least one character.
  • the user observes and determines the random segment mark corresponding to the four password icons preset in the first icon group, and types four random segment marks of the four password icons on the input unit, and then presses Enter. .
  • the input unit After receiving the character segment input by the user, the input unit sends the corresponding character segment to the data processing unit.
  • the icon in the first icon group displayed by the display unit and the icon in the second icon group in the password setting step may be completely identical, and the icon in the first icon group may also be Only part of the icon in the second icon group, as long as all the password icons are included in the first icon group.
  • the icons in the first icon group may be different or partially repeated, and the same group of random segment marks are shared for the repeated icons.
  • the data processing unit After the data processing unit obtains the input character segment, the input character segment is compared with the random character segment mark of the password icon, and the current password input is determined according to the comparison result.
  • the data processing unit can compare each input character segment with the random character segment mark of the password icon in batches, or mark all the input character segments together with the random character segment of the password icon after the input is completed. Compared.
  • the system will determine that the user password is entered correctly and enter the normal program afterwards. If the character segment input by the user does not completely match the password icon, the system will send a prompt message to the user that the password input is incorrect.
  • the prompt may be a prompt mode for indicating a voice, a text or a pattern.
  • the user may be allowed to select a sequence rule for typing a random character segment mark.
  • a sequence rule for typing a random character segment mark For this time, when the password is input, only the random character segment mark corresponding to the password icon is input according to the specified order rule, and the password matching succeeds, and the password is added.
  • the user can input the correct password input result to the data processing unit simply by inputting the random character segment mark of each password icon observed by the user.
  • each random character segment typed by the user during the password input operation is easily observed and recorded by the person next to it, since these random character segments are only valid once, it is useless to write down.
  • the next time the user performs a password input operation the other set of random character segment marks corresponding to each of the previous password icons that are observed by the user can be input in the public view, and there is no need to worry about the voyeur record of others.
  • the password peeper quickly observes and records the random segment mark of the icon on the current screen by means of a tool such as a camera, and simultaneously observes and records each random segment mark typed by the user, it is still possible to know the password.
  • the data processing unit may further assign at least 2 random character segment marks for each icon, the same first icon group. All random character segment marks of all icons are different, and each random character segment mark of each icon is randomly rotated. For example, 30 random character segment marks are assigned to each icon, and the display is randomly rotated at intervals of about 1 second. The user can input any random character segment mark of each password icon seen at any time.
  • each icon has a plurality of random character segment marks displayed by random rotation, only a small part of all the random character segment marks are displayed at the same time, and the user inputs the random character segments in the display unit.
  • the random segment markers for each icon are alternated in a non-stop rotation. Thus, even if this small portion is sneaked by the voyeur with the camera, it is difficult to determine which icons are randomly pointed to by each random character segment typed by the user.
  • a static image with a fixed position may be used to display each icon, and a small display screen is used to display a random character segment mark of the icon, such as a small
  • the digital tube realizes random rotation display of random character segment marks by replacing the display content of the small display screen.
  • the distribution position of the icon in the first icon group can be randomly changed during the process of receiving the character segment input by the user.
  • the user and the voyeur After adopting the measure of the distribution position of the random change icon, since the position of the icon in the first icon group is not fixed, the user and the voyeur will find the first icon group whenever the user performs the next password input operation. All of the icon positions have been reordered randomly. The user can search for the password icon in the public view, and enter the other set of random character segment marks of the previously observed password icon, and still do not have to worry about the guess of the password icon position according to the user's eyes.
  • the icon 3 constituting the first icon group is represented by 25 English letters.
  • the distribution position of the set of letter icons displayed by the display unit is randomly changed at intervals of, for example, about 2 seconds.
  • FIG. 4 is a diagram showing the state of the first icon group after a random change of the first icon group in FIG. 3. This further increases the technical difficulty of others to peep into the password, making it more difficult to implement the means of narrowing the location of the guessing password by recording the direction of the eye gaze when the user observes the search for the password icon.
  • the icons in the first icon group can be distinguished by a few background colors, and there are only a few icons having the same background color. In this way, when the user searches for the password icon, the password icon can be found only in the icon with a specific background color.
  • any tangible, non-transitory computer readable storage medium may be utilized, including magnetic storage devices (hard disks, floppy disks, etc.), optical storage devices (CD-ROM, DVD, Blu Ray disks, etc.), flash memory, and/or the like.
  • These computer program instructions can be loaded onto a general purpose computer, special purpose computer or other programmable data processing device to form a machine such that the instructions executed on the computer or other programmable data processing device can generate means for performing the specified function.
  • the computer program instructions can also be stored in a computer readable memory, which can instruct the computer or other programmable data processing device to operate in a particular manner such that the instructions stored in the computer readable memory can form a single piece Manufacturing, including implementations that implement specified functions.
  • Computer program instructions can also be loaded onto a computer or other programmable data processing device to perform a series of operational steps on a computer or other programmable device to produce a computer-implemented process for execution on a computer or other programmable device. Instructions can provide steps for implementing a given function.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Human Computer Interaction (AREA)
  • User Interface Of Digital Computer (AREA)
  • Input From Keyboards Or The Like (AREA)

Abstract

L'invention concerne un procédé et un appareil d'entrée de mot de passe, ledit procédé consistant à : afficher un premier groupe d'icônes contenant des icônes de mot de passe; attribuer des marques de champ de caractères aléatoires, qui sont différentes les unes des autres, à chaque icône dans le premier groupe d'icônes, et afficher le champ de caractères aléatoires de chaque icône à une position correspondant à ladite icône, chaque champ de caractères aléatoires contenant au moins un caractère; acquérir les champs de caractères reçus actuellement entrés par un utilisateur; et comparer les champs de caractères d'entrée reçus actuellement aux marques de champ de caractères aléatoires des icônes de mot de passe, et déterminer si l'entrée de mot de passe est correcte selon un résultat de comparaison. Dans différentes opérations d'entrée de mot de passe, les champs de caractères aléatoires correspondant aux icônes de mot de passe sont différents, et ainsi les icônes de mot de passe ne peuvent pas être déterminées en observant subrepticement les champs de caractères entrés par l'utilisateur, ce qui améliore la sécurité de mot de passe, de plus, les icônes de mot de passe sont faciles à mémoriser, ce qui réduit l'effort de mémoire de l'utilisateur.
PCT/CN2019/076336 2018-02-28 2019-02-27 Procédé et appareil d'entrée de mot de passe Ceased WO2019165976A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201810165149.3A CN108319874A (zh) 2018-02-28 2018-02-28 一种密码输入方法和装置
CN201810165149.3 2018-02-28

Publications (1)

Publication Number Publication Date
WO2019165976A1 true WO2019165976A1 (fr) 2019-09-06

Family

ID=62900541

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/076336 Ceased WO2019165976A1 (fr) 2018-02-28 2019-02-27 Procédé et appareil d'entrée de mot de passe

Country Status (2)

Country Link
CN (1) CN108319874A (fr)
WO (1) WO2019165976A1 (fr)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108319874A (zh) * 2018-02-28 2018-07-24 于君 一种密码输入方法和装置
US11736472B2 (en) 2019-06-10 2023-08-22 Microsoft Technology Licensing, Llc Authentication with well-distributed random noise symbols
US12155646B2 (en) 2019-06-10 2024-11-26 Microsoft Technology Licensing, Llc Authentication with random noise symbols and pattern recognition
US11258783B2 (en) * 2019-06-10 2022-02-22 Microsoft Technology Licensing, Llc Authentication with random noise symbols and pattern recognition

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101183941B (zh) * 2007-08-03 2011-03-09 廖睿 随机隐询式密码认证技术
CN103413103A (zh) * 2013-08-30 2013-11-27 任建军 一种图形密码输入系统及方法
CN103916515A (zh) * 2012-12-31 2014-07-09 比亚迪股份有限公司 用于移动终端的动态解密方法及移动终端
CN108319874A (zh) * 2018-02-28 2018-07-24 于君 一种密码输入方法和装置

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101183941B (zh) * 2007-08-03 2011-03-09 廖睿 随机隐询式密码认证技术
CN103916515A (zh) * 2012-12-31 2014-07-09 比亚迪股份有限公司 用于移动终端的动态解密方法及移动终端
CN103413103A (zh) * 2013-08-30 2013-11-27 任建军 一种图形密码输入系统及方法
CN108319874A (zh) * 2018-02-28 2018-07-24 于君 一种密码输入方法和装置

Also Published As

Publication number Publication date
CN108319874A (zh) 2018-07-24

Similar Documents

Publication Publication Date Title
US10176315B2 (en) Graphical authentication
US20200065469A1 (en) Password pattern recognition authentication method
RU2589397C2 (ru) Аутентификация графических жестов
KR101885836B1 (ko) 이미지 패스워드 시스템을 이용한 사용자 인증 방법 및 부가서비스 제공 방법
US20060174339A1 (en) An arrangement and method of graphical password authentication
WO2019165976A1 (fr) Procédé et appareil d'entrée de mot de passe
CN101587398A (zh) 密码保护方法
US9589125B2 (en) 3D pass-go
Kwon et al. SteganoPIN: Two-faced human–machine interface for practical enforcement of PIN entry security
Ritter et al. Miba: Multitouch image-based authentication on smartphones
JP2015133116A (ja) 端末上で機密データを入力する方法
WO2019137489A1 (fr) Dispositif et procédé de saisie de mot de passe, et support d'informations lisible par ordinateur
KR102014408B1 (ko) 이미지 터치 패스워드를 이용한 사용자 인증 방법 및 이를 위한 컴퓨터 프로그램
WO2019165979A1 (fr) Procédé et équipement pour entrer un mot de passe ayant un symbole et une étiquette de segment de caractère aléatoire
WO2019165978A1 (fr) Procédé et dispositif d'entrée de mot de passe utilisant une entrée indirecte d'une marque de champ de caractère aléatoire
JP6430011B6 (ja) 漢字入力方法及び装置
WO2019210819A1 (fr) Procédé et appareil d'authentification d'un mot de passe de type icône doté d'une marque de champ de caractère aléatoire
JP2017536630A6 (ja) 漢字入力方法及び装置
Gao et al. Usability and security of the recall-based graphical password schemes
KR20180067082A (ko) 다이얼식 가상 보안 키패드 및 이를 이용한 인증 방법 및 장치
KR102325833B1 (ko) 그래픽 오티피를 이용한 사용자 인증방법 및 인증시스템
JP6493973B2 (ja) 文字列入力方法及びプログラム
KR20170114955A (ko) 캐릭터를 이용한 그래픽 사용자 인증 및 부가서비스 제공 방법 그리고 이를 실행하는 시스템
KR20190133818A (ko) 픽처 패스워드를 이용한 사용자 인증 방법 및 컴퓨터 프로그램
Kim et al. Shoulder-surfing resistant smartphone authentication scheme using virtual joystick

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19761238

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19761238

Country of ref document: EP

Kind code of ref document: A1