Joke Collection Website - Blessing messages - How to set up SMS verification code anti-brushing mechanism to avoid being swiped?

How to set up SMS verification code anti-brushing mechanism to avoid being swiped?

1, time limit: it can be sent again after 60 seconds.

Starting from sending the verification code, the front end (client) will count down for 60 seconds. During this minute, users can't submit requests to send information multiple times. Although this method is widely used, it is of little use. People with slightly better technology can completely bypass this restriction and send SMS verification code directly.

2. Mobile phone number limit: the same mobile phone number cannot exceed 5 in 24 hours.

When using the same mobile phone number to register or send SMS verification code, the system can limit this mobile phone number, for example, only five SMS verification codes can be sent in 24 hours, and an error will be reported if the limit is exceeded (for example, the system is busy, please try again later). But this can only avoid manually brushing short messages, which is helpless for machines that use different mobile phone numbers to brush short messages in batches.

3. SMS verification code limit: send the same verification code within 30 minutes.

There is another method on the Internet: within 30 minutes, all sent requests and SMS verification codes are the same verification code. Request the SMS interface for the first time, and then cache the SMS verification code results. If you request again within 30 minutes, you will directly return the cached contents. For this way, it is not clear whether SMS interface providers will charge for sending cached information. If you are interested, you can learn about it.

4. Front-end and back-end verification: submit token parameter verification.

Few people talk about this method, and personally think it is worth a try. When the front-end (client) requests to send a short message, it also submits a Token parameter to the server, and the server verifies the Token parameter, and then sends a short message to the user's mobile phone to the interface requesting to send a short message.

This paper mainly introduces the anti-brush machine of SMS verification code. Through Bian Xiao's introduction, you should know the necessity of anti-brushing SMS verification code. As for how to design the SMS verification code anti-brushing mechanism, Bian Xiao also gave some practical suggestions. You can refer to the design of relevant mechanisms.