摘要 |
<p><P>PROBLEM TO BE SOLVED: To provide a user authentication system capable of preventing the acquisition of passwords by phishing, and enabling a password to be set for every application that a user uses. <P>SOLUTION: A server 2 stores image information 261 for each user, and reference image information, i.e., some image in the image information 261, and a reference password in association with information specifying an application. Prior to user authentication using the password, a client 1 is made to display the image information 261. The server 2 causes the user to designate a part of the image information 261 displayed in the client 1, acquires the image designated by the user as authentication image information, and collates the reference image information of the application used by the user with the authentication image information. Then the server 2 performs user authentication using the reference password of the application used by the user, only if the collation of the authentication image information is successful. <P>COPYRIGHT: (C)2008,JPO&INPIT</p> |