摘要 |
A user inputs (S11) a password entry at a computer (110), which processes (S12) the entry using a function to obtain a plurality of sub-entries that are sent to a server (120). Each sub-entry is generated by padding the password entry to obtain a fix-length password entry from which are generated a number of strings in which different combinations of k characters are missing and then passed through a one-way function. The server (120) receives the sub-entries and compares each sub-entry with stored password verifiers for the user to determine (S13) if they match. If at least one sub-entry matches a password verifier, the user is authenticated and a notification is sent (S14) to the user via the computer (110). If no sub-entry matches a password verifier, then the user is not authorized (S15). Up to k typing errors can be accepted in the password entry. |