Dynamic password authentication method and system based on software token

The invention provides a dynamic password authentication method and system based on a software token, wherein the authentication method specifically comprises the following steps: obtaining current time by a client through a built-in satellite time transfer module, and simultaneously sending identification information identifying a user and the current time to a server; looking up a key parameter which is associated with the identification information by the server according to the received identification information; combining the current time, and the key parameter associated with the user and an algorithm, which are pre-stored in the client, in the client to generate a first dynamic password, and sending the first dynamic password to the server; combining the received current time, the key parameter which is looked up and the algorithm pre-stored in the server in the server to generate a second dynamic password; and comparing the generated second dynamic password with the received first dynamic password in the server. The time used by the software token provided by the invention is obtained through a global positioning system arranged in the client, thereby ensuring the accuracy of the time and greatly improving the safety performance in use of the software token by the user.