摘要 |
PROBLEM TO BE SOLVED: To provide an authentication system for maintaining advanced security without recording the entire password in any client server, maintaining the same security as a system having a long pass phrase even in a variable-length one like a gesture pattern as authentication information to be given by an operation, and being able to achieve a challenge count which enables authentication processing by a gesture pattern even if a password recorded in an authentication server is irreversibly converted information, and cannot permit more authentication when authentication errors are continuously made the prescribed number of times or more.SOLUTION: A password is encrypted by using an encryption key derived from biological information, such as information stored by a person and a fingerprint, and an account identifier and the encrypted password are recorded in a client. For authentication by a server, the recorded encrypted password is decrypted to acquire a plaintext password to perform authentication by using the plaintext password and the account identifier.SELECTED DRAWING: Figure 1 |