A secure password authentication method prevents Trojans from stealing user input information and is used for key information input in a computer or a network. The working process is as follows: (1) the user enters the target application login interface (composed by a common input interface and a plurality of input independent interface and on the screen display), input through the input interface and some possible input interface; (2) the target application through additional channels (such as mobile phone SMS, telephone, mobile phone automatic speech, computer voice prompt) prompts the user to input the effective interface information; (3) according to the user specified input effective sub sub interface information input interface authentication information; (4) service according to their own legitimacy to the user input information sub interface and user input authentication information verify that the user. A Trojan horse can not know the valid input sub interface referenced by the user input, so that the user's password can not be obtained by the authentication information entered by the user.
【技术实现步骤摘要】
【技术保护点】
一种防止病毒或木马窃取信息的方法,用于计算机或网络环境下的敏感信息输入,其特征在于: A.该方法通过附加信道传递部分用户认证相关信息,从而在病毒或木马无法窃取附加信道信息时,能够保护用户输入的口令; B.登录界面包含多个可能的输入子界面 ,这些输入子界面同时在屏幕上显示,木马在不能截获附加信道信息的前提下无法知道用户按照哪个输入子界面进行输入; C.用户根据从附加信道获得的有效子输入子界面指示进行输入; D.登录界面的每个输入子界面对应一种具体输入解释规则,登录服务器可 以据此把用户输入信息解释为真正要输入的信息。
【技术特征摘要】
还没有人留言评论。发表了对其他浏览者有用的留言会获得科技券。