Joke Collection Website - Public benefit messages - How to design verification code?
How to design verification code?
In the process of designing SMS verification code, not only simply send a verification code, but also pay attention to other issues such as security issues, cost issues and so on. , mainly in the following aspects:
I. Signature
In the current SMS verification code design, the name of the APP or website is usually put at the beginning and enclosed in brackets to indicate which APP or website sent the verification code.
If a user applies for logging in or registering multiple softwares in a short time, putting the signature on his head can let the user know which app the verification code belongs to at a glance, and avoid mistaking the verification code of one software for another software and making mistakes.
Two. Length of verification code
At present, the length of SMS verification code is generally 4 to 6 digits, with 6 digits in the majority. Why 4 to 6 digits?
From the security point of view, ordinary machines need to traverse the four-digit verification code to the fourth power of 10, and the six-digit verification code needs to reach the sixth power of 10, which takes at least a few minutes. The validity period of the verification code is only a few minutes, which will be mentioned later.
From the convenience and memory of people, the 4-6-digit verification code is just enough for ordinary people to remember, and it will be a little hard to grow it.
Three. Validity period of verification code
Why should I set the validity period of verification code?
First, as mentioned above, in order to prevent the machine from traversing the verification code to achieve the purpose of attack, it can be effectively prevented by invalidating the verification code before the machine completes traversing.
Secondly, due to the delay in sending the verification code, if the user does not receive the verification code after applying for sending the verification code, the user will apply for the verification code many times in a short time, and the applied verification code is the same within the validity period, so as to prevent the user from applying for the verification code many times and the previous verification code was successful but failed.
However, this method is only applicable to some less strict occasions, such as when the bank transfer is relatively strict, and it is necessary to re-generate the verification code once.
4. Restrict the application of verification code
Some people will use SMS verification code to harass others and frequently ask for SMS verification code of other people's mobile phone numbers, which will affect the normal use of others. Therefore, for the same APP, there is usually only one request for 60 seconds.
One is to avoid the delay problem mentioned above.
Second, in order to prevent people from harassing others through the verification code, and many apps will limit the number of times the same mobile phone number is sent in a certain period of time. For example, within 24 hours, the same mobile phone number can only be applied for five times. After the number exceeds, it will refuse to send it, and it will be prompted to try again after 24 hours.
V Insert fraud prevention at the end.
Some malicious people will cheat by SMS verification code.
For example, write in a short message that your bank card is transferring money, and then click on the link or dial a mobile phone number if you have any questions, so you fall into his trap.
Therefore, add a fraud reminder after the SMS verification code, for example, remind users that there will be no link and mobile phone number in normal SMS, and they will not actively dial the user's mobile phone number to prevent someone from using the verification code for fraud.
The use of intransitive verbs to explain verification codes
Explain the purpose of the verification code in the short message, one is to remind the user what the verification code is for, and the other is to prevent someone from stealing someone else's mobile phone number to get the verification code, to remind the owner what someone is doing with his mobile phone number, and to help the user to be vigilant.
These are all the points related to the design of verification code that I summarized, and I look forward to your praise.
- Related articles
- Say good night to your girlfriend humorously.
- Many harassing calls from Macao, Hong Kong and Singapore. I installed an anti-fraud app, and the mobile phone housekeeper couldn't stop them. Why?
- How to say New Year greetings to the boss?
- In 2022, some scenic spots affected by the epidemic in Shenzhen were temporarily closed.
- What does sp mean, on the Internet?
- How to get the SMS of Android Huawei Shark?
- Does the date on the mobile phone show the lunar calendar or the solar calendar?
- What does the welfare number of Elf Festival mean?
- Changing mobile phone cards does not change the number. After switching to a mobile 4G card, I cannot receive bank card text messages.
- How to bless friends who buy stocks?