The invention discloses a double-factor identity authentication method based on a biological identification technique. The method includes the steps that a user submits an account registration requestto a server through a browser; a first random figure is generated by the server, and the first random figure and a public key of the server are sent to the browser; the user sets a user account and acode on the browser; the biological feature information of the user is collected and sent to the browser; the code set by the user is combined with the biological feature information through the browser, and a master key of the user is generated; the public key of the server is used for conducting encryption on the first random figure and the master key of the user through the browser, and the user account, the encrypted first random figure and the encrypted master key of the user are sent to the server; the server searches for a user's private key corresponding to the user account accordingto the received user account, utilizes the user's private key to decrypt the encrypted first random figure and the encrypted master key of the user, and obtains the decrypted master key of the user and a second random figure.