This section provides background information related to the present disclosure which is not necessarily prior art.
As a tool for communication, recreation and information acquisition, Instant messenger (IM) has now been accepted by more and more netizens and are becoming a regular part of their life. IM tools are not only used in recreation but also in work of numerous users.
Along with the rapid growth of IM user groups, security problems of IM tools are also growing and attracting more and more attention of the public. Security breaches caused by viruses spread through IM tools or theft of accounts become common occurrence. When an account is stolen, the IM service of the account owner is affected and, more seriously, the account owner may also lose virtual properties and face personal information leak.
The conventional IM tools usually provide services such as “password protection system” or “password appeal system” for users to get back stolen or lost accounts. When a user register an account, the user selects a password reminder question for a password and configures an answer corresponding to the password reminder question, so that the user may recover the password by answering the password reminder question correctly when the user forgets the password.
However, “password protection information” is configured by few users and can be easily forgotten; moreover, the password reminder question and the corresponding answer are transmitted as unencrypted text and can be easily intercepted by Trojan horses programs. Additionally, the user is usually allowed to configure only one question and one answer, the number and difficulty level of the password reminder questions can not be determined according to different security levels, thus sometimes it is very hard to recover a stolen or lost account.
The defects of the “password appeal system”, such as low confirmation ratio, require users to prepare too many evidences, and the success rate of the “password appeals” is low.
In conventional technologies, the association between an account and the owner of the account is weak and a password may be used for multiple services, Therefore, account stealers can easily steal and dispose of an account, or even cause greater loss of the owner of the account.