JP2005174023A - Authentication system and its method - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To make a password not leak with ease even if a glance at a password input operation on a log-on screen is stolen although processing is relatively simple. <P>SOLUTION: A character set capable of constituting a password is arranged on the surface of a virtual rotary drum, which is rotated. A user uses a pointing device to input individual characters constituting his password one after another by clicking on a button 314 when the characters constituting the password are displayed at an index 313. <P>COPYRIGHT: (C)2005,JPO&NCIPI

Description

  The present invention relates to a technique for authenticating a user by inputting a password.

  In general, when operating a database or logging in to a server, an authentication procedure is performed by inputting user identification information for identifying a user and a password. Here, the password is entered from the keyboard or the like, but in order to prevent a third party with malicious intent from leaking the password due to snooping, the display screen displays “ * "Is displayed, and most of the third parties adopt a technique that makes it difficult to determine what the actual password is. However, it cannot be effective if the user's keyboard operation itself can be seen.

In view of this point, different images displayed on the screen are selected in order when entering a password, characters assigned in advance to each image are sequentially input, and the user's identity is authenticated using the password information as an authentication key. And an authentication system that prevents leakage of a password due to a third party's snooping is proposed (Patent Documents 1 and 2).
JP 2002-229948 A JP 2001-282737 A

  However, in the above proposal, it is necessary to store a plurality of images assigned to each character by the user, and if the user does not clearly store the correspondence between such images and characters, an error in inputting a password may occur. There was a problem of frequent occurrences, which increased the burden on users. In addition, since a plurality of large-capacity image data is used, there is a problem that the execution load of the program increases.

  The present invention has been made in view of such problems, and intends to provide a technique for preventing leakage of a password by simple processing.

An information processing apparatus that requires a logon procedure to perform predetermined processing,
A display control means for moving and displaying one of a character set of characters that can constitute a password and an index for indicating one character in the character set;
Storage means for sequentially storing the characters indicated by the index as characters constituting a password each time there is a character instruction input from a predetermined character instruction means;
And a determination unit that determines a character string stored in the storage unit as a logon password when a password input end instruction is issued.

  According to the present invention, the password is not easily leaked even if the password is entered on the logon screen even though it is a relatively simple process.

  Hereinafter, embodiments according to the present invention will be described in detail with reference to the accompanying drawings.

<First Embodiment>
FIG. 1 is a block diagram of an authentication system according to the first embodiment.

  In the embodiment, authentication processing by a single device will be described. However, it will be apparent from the following description that the present invention can also be applied when logging in (logging on) a server on the network.

  In the figure, 101 is a control unit that controls the entire apparatus, and 102 is an input of a pointing device such as a mouse (registered trademark) or a keyboard for a system user to input various instructions and character information to the system. Part. Reference numeral 103 denotes a display unit 103 for displaying various instructions to the user, a login dialog, a password input GUI, confidential data, and the like. For example, a liquid crystal display is used. Reference numeral 104 denotes a memory unit (RAM: Ramdam Access Memory) for expanding and executing the program of the authentication system and temporarily storing data such as a user ID and a password input by the user.

  Reference numeral 105 denotes a storage unit 105 for storing data for screen display of a character set composed of alphabets and numbers, voice data of the character set, and the like. Reference numeral 106 denotes an authentication unit 106 that collates logon information (consisting of a user ID, a password, and the like) input by the user with authentication information in the authentication database 107 and acquires an authentication result. A user database 107 stores user authentication information including a user ID, a password, and the like, and confidential information provided to the user.

  In the embodiment, the authentication unit 106 and the user database 107 are assumed to exist in the user's terminal. However, even if the apparatus is constructed on a server on the network and the apparatus functions as the terminal. I do not care. That is, when logging in to a server on the network, authentication processing is performed on the server side. If authentication is successful, login is permitted. If authentication fails, no further processing is possible, Authentication processing will be performed.

  Reference numeral 108 denotes a voice synthesizer 108 for performing voice synthesis processing on voice data (in the storage unit 105) corresponding to designated character data and presenting the voice data to the user as voice information.

  Authentication processing executed in the authentication system configured as described above will be described below with reference to FIGS.

  FIG. 2 is a flowchart showing the contents of the authentication process in the embodiment. Hereinafter, each processing step in the figure will be described. In this process, the control unit 101 starts the process when the system user gives an instruction to start the system or log in using the input unit 102 connected to the terminal device.

Step S201 (input of user ID):
First, the control unit 101 displays a logon dialog 302 as shown in FIG. 3 on the screen 301 of the user terminal. When the user inputs a user ID (for example, “tarou”) from the user ID input box 303 on the logon dialog 302, the input user ID is stored in the memory unit 104.

Step S202 (input of password):
In this step, as shown in FIG. 3, a password input GUI 313 in the form of a slot machine is virtually displayed and a password is input using this. It is assumed that the user database 107 stores a plurality of user authentication information (for example, combinations of user IDs and passwords) and access authority information for confidential information in advance. Further, the password text box 304 of the logon dialog is configured so that the password cannot be directly input, and the character string of the input password is not displayed. Instead, a fixed character, for example, “*” is displayed in advance. It shall be.

In the character rotation display unit 312 of the password input GUI 311 in the slot machine form in the logon dialog, the control unit 101 uses a set of characters that can be used for the password, for example, alphabets (lowercase letters, uppercase letters) and numbers (0-9). The set of characters that are composed includes
a, b, c, d ... y, z, A, B, C ... X, Y, Z, 0, 1, 2, ... 8, 9
Is continuously displayed as if it is rotating upward (or downward) from the first character. When the final character “9” is reached, the display is repeated from the first character “a”. In other words, these characters are displayed as if they were on the drum. The rotation display speed of the character rotation display unit 312 is set to an appropriate speed, for example, one character is rotated every 0.5 seconds. That is, the user can input one character within an error range of 0.5.

  In this state, when each character (password constituent character) constituting the user's password reaches the point portion (functioning as an index of the input character) 313, the user points to the pointing device (on the screen) as the input portion 102. The password character input button 314 is pressed (clicked) with the cursor 321). One character that constitutes a password is input by one press. By performing such an operation for the number of characters constituting the password, the entire password is input and stored in the memory unit 104. For example, when the user's password is “era21”, the password input GUI 311 inputs the corresponding password by sequentially pressing the input button 314 in each state as shown in FIG.

  The control unit 101 controls the display (rotation display) of the GUI input, detects the characters displayed at the timing when the input button 314 is pressed, and stores the characters in order as characters constituting the password. In the text box 304, “*” characters are additionally displayed.

  It should be noted that during the above operation, it is desirable that the pointing device click operation at the time of inputting the password constituent characters is configured so that a third party cannot judge at all. That is, when the input button 314 is pressed, the display form is not changed. In addition, the pointing device does not generate a sound when it is clicked or is sufficiently small. However, in preparation for a case where a click sound is generated, sound (for example, music, a pseudo click sound, etc.) that erases the click sound is generated in the speech synthesizer 108. In any case, characters can be input by the number of clicks, and the number of characters is displayed in the text box 304, so that the user can determine what character has been input. Further, the timing of displaying “*” in the text box 304 may be displayed at the timing of clicking, but it is desirable to display it after a random period from the timing of clicking. It is desirable that this period is a timing that is randomly different in a period from two to three characters after the character displayed on the character rotation display unit 312 when clicked. As a result, the correlation between the timing at which “*” is displayed in the text box 304 and the character displayed on the character rotation display unit 312 can be lost, which can be used to prevent leakage.

Step S203 (judgment of whether or not authenticated):
When the password input is completed and the “OK” button 305 of the logon dialog 302 is pressed by the mouse 321, the control apparatus 101 sends the combination of the user ID and password stored in the memory unit 104 to the authentication unit 106 as logon information. . In response to this, the authentication unit 106 searches whether or not the combination of the user ID and password included in the received logon information exists in the user database 107, and if it exists, sets “authentication successful”, and step S204. Proceed to If it does not exist, “authentication failure” is determined, and the process proceeds to step S205.

Step S204 (display of confidential information):
If the authentication is successful, the authentication unit 106 sends to the control unit 101 the authentication result including the authentication success and the confidential information corresponding to the authority information of the user in the user database 107. In response to this, the control unit 101 displays an information display window as shown in FIG. 8A on the liquid crystal display as the display unit 103, and displays the received confidential information on the display unit 801. After the user refers to or edits the confidential information as necessary and then inputs an “end” instruction from the “file” menu 802 on the information display window, the control unit 101 performs authentication according to the present embodiment. The process ends.

Step S205 (notification of authentication failure):
In the case of authentication failure, the authentication unit 106 notifies the control unit 101 of an authentication result including the success of authentication. In response to this, the control unit 101 displays an “authentication failure dialog” as shown in FIG. 8B on the liquid crystal display as the display unit 103.

Step S206 (Do you want to log on again?):
When the “relogon” button 811 is pressed by the user from the “authentication failure dialog”, the process returns to step S201, and the control unit 101 performs the logon process again.

  When the “end” button 812 is pressed, the control unit 101 ends the authentication process of the present embodiment.

  As described above, according to this embodiment, it is possible to avoid leakage due to password snooping by a third party, and it is possible to realize an authentication system with a high security level.

<Second Embodiment>
In the second embodiment, an authentication system of a password input method using a password input GUI in which character sets usable for passwords are laid out linearly will be described.

  Note that the system configuration of the authentication system and the flowchart of the authentication process according to the second embodiment are the same as those in FIGS. 1 and 2 in the first embodiment.

  In the case of the second embodiment, the password input GUI in the logon dialog displayed on the screen is configured as shown in FIG. In FIG. 3, the index (reference numeral 313 in FIG. 5) is fixed and the character set is displayed as moving (rotated), whereas in FIG. 5, the character set is fixed and the index (reference numeral 503 in FIG. 5) is displayed as moving. It is different in point. That is, the same can be said in that one moves relative to the other.

Hereinafter, the processing contents in step S202 of FIG. 2 when applied to FIG. 5 are as follows. Step S202 (input of password):
In this step, a password input method using a password input GUI 501 in which a set of characters usable for a password is laid out in a straight line will be described. It is assumed that the user database 107 stores a plurality of user authentication information (for example, combinations of user IDs and passwords) and access authority information for confidential information in advance. In addition, it is assumed that the password cannot be directly input from the password text box 304 of the logon dialog.

In the character set display unit 502 of the password input GUI 501 in the logon dialog, the control unit 101 sets a set of characters that can be used for a password, for example, characters composed of alphabets (lowercase letters, uppercase letters) and numbers (0-9). Set, ie
a, b, c, d ... y, z, A, B, C ... X, Y, Z, 0, 1, 2, ... 8, 9
Is displayed in a straight line, and the pointer (index) 503 is automatically moved along the character string. When the pointer 503 reaches the final character “9”, the pointer 503 is repeatedly moved from the first character “a”. In this state, when the moving pointer indicates each character (password constituent character) constituting the password, when the password character input button 504 is pressed with the cursor 321 on the screen linked to the pointing device which is the input unit 102. Then, one character at which the pointer 503 was positioned is input.

  In the illustrated example, the pointer 503 is indicated by a thick frame so that it can be distinguished from other characters. However, the present invention is limited by this because the display form may be different such as changing the color. It is not a thing. Further, in the illustrated case, the character group that can be a keyword is displayed in one line, but it may be displayed in two or more lines.

  By performing such an operation for the number of characters constituting the password, the entire password is input and stored in the memory unit 104. For example, when the password of the user is “era21”, when the pointer 503 on the password input GUI 501 is at the position shown in FIG. 9, the password is input by sequentially pressing the password character input button 504.

  However, at this time, it is desirable that the timing of clicking at the time of inputting password constituent characters is configured so that it cannot be determined by a third party. When clicked, the pointer movement is not temporarily stopped, and a visual change such as highlight drawing of the password character input button 504 is not performed. Further, the control unit 101 displays, for example, an asterisk “*” in the password text box 304 every time one character is input so that the number of characters already input can be known. At this time, as in the first embodiment, it is desirable to use an acoustic effect that cancels the click sound or adjust the display timing of “*” in the text box.

  As described above, according to the second embodiment as well, it is possible to realize an authentication system with a high security level that can avoid leakage due to password snooping by a third party.

<Third Embodiment>
A third embodiment will be described. In the first and second embodiments, the password input GUI on the screen is used. In the third embodiment, a set of characters that can be used for the password is presented to the user by voice. The character is selected from among them.

  The system configuration of the authentication system and the flowchart of the authentication process are shown in FIGS. 1 and 2 as in the first and second embodiments. However, in the third embodiment, it is assumed that there is no password input GUI in the logon dialog displayed on the screen, and only the password input button 314 is provided. As a result, step S202 in FIG. 2 is changed as follows.

Step S202 (input of password):
In this step, a password input method using a method of presenting a set of characters usable for a password to a user by voice will be described. It is assumed that the user database 107 stores a plurality of user authentication information (for example, combinations of user IDs and passwords) and access authority information for confidential information in advance. In addition, it is assumed that the password cannot be directly input from the password text box 304 of the logon dialog.

The control unit 101, via the speech synthesis unit 108, a set of characters that can be used for a password, for example, a character set composed of alphabets (lowercase letters, uppercase letters) and numbers (0-9),
a, b, c, d ... y, z, A, B, C ... X, Y, Z, 0, 1, 2, ... 8, 9
Are generated at an appropriate speed in order from the beginning based on the speech synthesis data in the storage unit 105. However, in order to distinguish lowercase letters from uppercase letters, etc., “a” is pronounced “smooruei” and “A” is pronounced “rajiei” so that the user is not confused.

  Assume that the sound that has been pronounced is amplified in an appropriate manner so that it can be heard by the user. When the final character “9” is reached, the first character “a” is repeatedly pronounced. In this state, when each character constituting the password is sounded, if the password character input button 314 is pressed by the mouse (cursor 321 on the screen) which is the input unit 102, one character is input. By performing such an operation for the number of characters constituting the password, the entire password is input and stored in the memory unit 104.

  For example, assume that the user's password is “era21”. The constituent characters of the password, that is, the voice guidance is output in the order shown in FIG. 10, but when the character 1001 surrounded by the square in the figure is pronounced, the user inputs the password character input button 504. By clicking, the password is stored in the appropriate storage location.

  However, at this time, it is desirable that the timing of clicking cannot be determined by a third party. For this purpose, it is desirable that when clicking, visual change such as highlight drawing of the input button 314 is not performed on the screen, and the sound of the mouse click is sufficiently low. The control unit 101 displays an asterisk “*”, for example, in the password text box 304 every time a character is input so that the number of characters already input can be known.

  When the voice guidance is output via headphones or earphones, it is impossible for the third party to determine what kind of voice is being output, and thus security can be further enhanced.

  As described above, according to the third embodiment of the present invention, it is possible to realize an authentication system with a high security level that can avoid leakage due to password snooping by a third party.

<Fourth Embodiment>
A fourth embodiment will be described. In the fourth embodiment, instead of the password input GUI in the slot machine form shown in the first embodiment or the GUI in which character strings in the second embodiment are laid out linearly, FIG. 4 and FIG. As shown in FIG. 6, a plurality of (four in the figure) are provided, and the character display unit 402 (602) of each GUI changes the phase to display “a set of characters usable in a password”. The password is input by pressing each password input button 404 (604) from any of the GUIs.

  That is, FIG. 4 and FIG. 6 do not indicate that the number of characters constituting the password is “4” (of course, 4 characters may be used), but provided with a plurality of input means for changing the display phase, By allowing any of these inputs, the user's password input speed is improved. Briefly, when there are N characters that can be passwords, the four input means can display each character with a phase difference of N / 4 (in the case of a slot machine), or four pointers What is necessary is just to control to move the position of the phase difference for N / 4.

  As described above, according to the fourth embodiment, in addition to avoiding leakage due to password snooping by a third party, it is possible to further improve the password input speed of the user.

<Fifth Embodiment>
Exemplary embodiments of an authentication system according to claims 5 and 7 will be described below with reference to the accompanying drawings.

  In the fifth embodiment, as in the fourth embodiment, a slot machine type password input GUI or a GUI in which character strings that can constitute a password are laid out in a straight line is respectively shown in FIGS. It is the same in that a plurality of (four in the figure) as shown above are displayed, and the “character set usable in password” is displayed by changing the phase in the character display section 402 (602) of each GUI. is there.

  However, in the fifth embodiment, for example, when the GUI of FIG. 4 is adopted, any one of them is determined as an input GUI, and the other three are used as dummy. The same applies to the case of FIG. Which one to use as the regular input GUI is pre-registered by the user (for example, selected and set when starting the computer for the first time in the day, or the database is set up). When using, register what number to use together with the user ID).

  In this case, only one password character input button 404 or 604 in FIG. 4 or FIG. 6 is used, and the password is input from the preset input GUI by clicking the password character input button 404 (604). Is entered into the system. In some cases, the password character input button may be eliminated, and the password may be input from the input GUI only by clicking on the pointing device. Further, if the phase differences between the four GUIs are not fixed, but the phase differences are determined by random numbers, the security can be further improved.

  As described above, according to the fifth embodiment, since it becomes more difficult for a user other than the user to guess the input password, it is possible to avoid leakage due to password snooping by a malicious person. An authentication system with a high security level can be realized.

<Sixth Embodiment>
A sixth embodiment will be described. In the sixth embodiment, as in the fifth embodiment, a plurality (four in the figure) are provided as shown in FIGS. 4 and 6, and the character display section 402 (602) of each GUI is provided. The same is true for changing the phase and displaying “a set of characters that can be used in a password”.

In the fifth embodiment, the user sets one of a plurality of GUIs in advance as an input GUI, and password characters are always input to the system from the GUI. In the sixth embodiment, each of a plurality of GUIs is assigned in advance to a specific key on the keyboard, for example, as follows. For example, in the case of FIG.
“Z” key: No. 1 in FIG. 4 (first GUI from the left)
“X” key: No. 2 in FIG. 4 (second GUI from the left)
“C” key: No. 3 in FIG. 4 (third GUI from the left)
“V” key: No. 4 in FIG. 4 (fourth GUI from the left)
In addition to this, when inputting individual password constituent characters, a configuration is adopted in which one of a plurality of GUIs is sequentially selected by a key and the password constituent characters can be input.

  However, in the sixth embodiment, as in the fifth embodiment, for example, only one password character input button 404 (604) in FIGS. 4 and 6 is used, and the password character input button is clicked. The password can be input from the preset input GUI, for example, or the password character input button 404 (604) is eliminated at all in both figures, and the password is input from the input GUI only by clicking the mouse. It may be configured as described above (illustration is omitted).

  As described above, in the sixth embodiment as well, it is possible to improve the password input speed of the user in addition to making it difficult for a user other than the user to guess the input password. Therefore, it is possible to realize an authentication system that balances high security level and convenience.

<Seventh Embodiment>
According to the first to sixth embodiments, a character group that can be configured as a password is:
"A, b, c, d ... y, z, A, B, C ... X, Y, Z, 0, 1, 2, ... 8, 9"
In this case, the character that can be selected only in one direction is changed regardless of the display form of the slot machine or the pointer movement form. When the changing direction is the above-mentioned character arrangement order, the first character of the password is “b”, and the second character is “a”, the input of the next character is waited until it is substantially rotated once. In the case of the fourth embodiment, by using four GUIs, the time required to wait for this input is shortened to ¼ of the period required for one round. In other words, it is sufficient to increase this number, but this requires a wider screen, and if the number is large, the user may be confused.

  Therefore, in the seventh embodiment, an example will be described in which such a problem is eliminated by appropriately changing the rotation direction of the slot rotation or the movement direction of the pointer.

  For example, in the case of the GUI of FIG. 3, “↑” and “↓” keys (keys used for moving the text cursor, page feed, etc.) provided on a keyboard that is one of the input units 102 are used. When the password is entered, the drum is stopped, and the “↑” key or the “↓” key is operated to perform display control so that the drum is rotated. This direction key is allowed at any time. For example, when a direction key for changing the rotation direction is pressed after inputting one character, the rotation direction of the slot is changed. In this way, while using one slot (GUI), the next character can be input in half of the time required for one round.

  The processing of the control unit 101 in this case will be described according to the flowchart of FIG.

  In response to a command from the control unit 101, the keyboard which is the input unit 102 enters an input waiting state. When the control device 101 detects whether one of the rotation direction keys is pressed (step S1101), the control device 101 uses the character rotation display unit 312 of the password entry GUI 311 in the slot machine form in the logon dialog. A set of characters that can be used for the password is continuously displayed as if it is rotating in the direction corresponding to the key (forward direction or reverse direction) (step S1102). However, the speed of this continuous display is set appropriately. If neither key is pressed, the control device 101 stops the rotation (step S1103). When the last character “9” is reached during forward rotation, the next character “a” is displayed next. On the other hand, when the first character “a” is reached during reverse rotation, the next character “a” is displayed. Display from 9 ″.

  In this state, when each character (password constituent character) constituting the user's password reaches the point portion 313, when the password character input button 314 is pressed by the cursor 321 on the screen by operating the input portion 102, One character is input (step S1104). After this, if the appropriate rotation direction key is pressed (in the same direction as before) so that it rotates in a convenient direction for entering the next password constituent character, i.e. the direction in which the character is displayed earlier. If it is good, there is no need to change the rotation direction key), and the next password constituent character can be input more smoothly. After such an operation is sequentially performed from the first character to the last character of the password, when the “OK” button 305 is pressed (step S1105), the input password is stored in the memory unit 104.

  For example, FIG. 12 shows an example of the input flow of password constituent characters when the user password is “era21”. As shown in the figure, before inputting the characters constituting the password, the rotation direction key 701 shown in the figure is pressed and rotated in an appropriate direction, so that the characters constituting the target password can be shortened in a shorter time. To be able to enter.

  However, at this time, it is desirable that the timing of clicking at the time of inputting password constituent characters is configured so that it cannot be determined by a third party. Therefore, when clicking, it is desirable that the sound of mouse clicks be sufficiently low without causing visual changes such as temporarily stopping rotation display or highlight drawing of the password input button 314 on the screen. In addition, the reversal operation of the rotation direction of the character rotation display unit 312 by the rotation direction key is appropriately performed so that the input password constituent characters cannot be determined. Further, the control unit 101 displays, for example, an asterisk “*” in the password text box 304 every time one character is input so that the number of characters already input can be known. As described in the first embodiment, it is desirable that the timing for displaying “*” changes randomly within a time range in which several characters are rotated instead of using the clicked timing as it is.

  The above is a modification of FIG. 3 in the first embodiment, but it can also be applied to the GUI of FIGS. 4 to 6 and the voice guide input of FIG.

  For example, when applied to FIG. 4, the direction of all slots may be changed to the designated direction by operating the “↑” key or the “↓” key.

  In the case of FIG. 5, since the pointer moves to the left and right, the “←” key and the “→” key are assigned, and the direction in which the pointer moves is determined by pressing these direction keys. FIG. 13 shows the input timing of the direction key and the character constituting the password when the character string constituting the password is “era21”. In the figure, the “→” key is pressed before inputting the character “r” next to the character “e”, but the character “r” indicates the movement direction at the timing when the character “e” is designated and input. Since they are the same, it is not necessary to press the direction key immediately before inputting the character “e”.

  The same applies when applied to the case of FIG. That is, by operating the “←” key or the “→” key, the direction of all slots is changed to the designated direction.

  Also, in the case of input by the voice guide of FIG. 10, the direction of voice synthesis is assigned to the “→” key, “→” key, and / or “↑” key, “↓” key, It is only necessary to play in the indicated direction.

  In the above, since the slot rotation or pointer movement direction is undecided in the initial state, the slot rotation or pointer movement (including the pointer for audio playback) is performed after the direction key is pressed. However, in the initial state, the slot may be rotated in a predetermined direction, or the pointer (including the pointer for audio playback) may be moved.

<Eighth Embodiment>
In the seventh embodiment, the input of the character string constituting the password is speeded up. However, an approach different from this or an example of adding a further function to the seventh embodiment is described below. Explained.

  In the case of the authentication system described in the first to seventh embodiments described so far, in order to reliably input an intended character, in the case of a slot machine type, in the case of a drum rotation speed, in the case of a pointer movement The moving speed of the pointer, and in the case of voice, the switching speed of the text to be read out must be set to the greatest common divisor in order to be common to all users. In other words, a user who uses the system frequently is accustomed to the operation, and therefore, it is hoped that he / she can input at a higher rotational speed.

  Therefore, in the present embodiment, an example will be described in which the rotation speed in the slot machine format and the movement speed of the pointer (including a pointer indicating the target character position read out by the voice guide) are determined based on past logon progress.

  FIG. 15 is a block diagram of the authentication system in the eighth embodiment. The difference between FIG. 15 and FIG. 1 is that it has a timekeeping unit 109 that holds the time, and the rest is the same as FIG. Further, it is assumed that the password input GUI is the same as in the embodiments described above.

  The structure of the user database 107 in the eighth embodiment is as shown in FIG.

  As shown in the figure, the user database is roughly divided into an authentication information part 1402 and a confidential information part 1404, the former of which includes a plurality of data sets 1403 (for N persons) used for user authentication. And Each data set 1403 includes user ID, password, logon count, logon time history, and authority information. In addition, the logon time history includes a plurality of pieces of time information (year / month / day / hour / minute / second) when the user logs on to the system as shown by reference numeral 1406 in the order from the newest. The authority information includes information (details omitted) indicating which part of which confidential information 1405 can be browsed.

  On the other hand, in the latter confidential information section 1404, a plurality of confidential information 31405 (details omitted) are stored as shown in the figure.

  In the eighth embodiment, the authentication unit 106 and the user database 107 (1401) may be constructed either in the user terminal or in a host device on a network (not shown). Further, the database storing the usage status of the user and the database for the purpose of searching and browsing for obtaining information by the user may be different.

  Now, authentication processing executed in the authentication system configured as described above will be described with reference to the flowchart of FIG. This figure corresponds to FIG. 2, but all processes will be described in order to facilitate understanding of the explanation. Here, an example applied to FIG. 3 will be described as a GUI for inputting a password.

Step S201 (input of user ID):
The control unit 101 displays a logon dialog 302 on the screen 301 of the user terminal. When the user inputs a user ID (for example, “tarou”) from the user ID input box 303 on the logon dialog 302 and finally presses the “Enter” key, the input user ID is stored in the memory unit 104. .

Step S201-B (reading of logon count data and setting of rotation speed):
Based on the user ID, the control apparatus 101 searches the authentication information part 1402 in the user database 107 (1401), and when there is a data set 1403 including the user ID, the log-on data of the user included in the data set 1403 exists. Is stored in the memory unit 104. However, when the user has not logged on to the system, it is assumed that 0 (zero) is stored in the logon count data. Next, the control device 101 sets the rotation speed of the slot machine configuration GUI used in the next step S202 based on the logon count data in the memory unit 104 as follows (the set rotation speed data is stored in the memory unit). 104).

Number of logons Rotation speed (rate / second)
0-10 0.10
11-20 0.12
21-30 0.14
31-40 0.16
41-50 0.18
51 or more 0.20
However, the rotation speed in the table indicates the number of rotations of a set of characters that can be used for a password (see the next step) on the GUI in one second (for example, this numerical value is 0. 0). A value of 10 indicates that the number of characters corresponding to 1/10 of a character set that can be a password in 1 second is displayed, in other words, the character set is rotated once in 10 seconds. Needless to say, these numbers are just an example.

Step S202 (input of password):
In this step, as shown in FIG. 3, password input is performed using a password input GUI 313 in the form of a slot machine. It is assumed that a password cannot be directly input from the password text box 304 of the logon dialog.

In the character rotation display unit 312 of the password input GUI 311 in the slot machine form in the logon dialog, the control unit 101 uses a set of characters that can be used for the password, for example, alphabets (lowercase letters, uppercase letters) and numbers (0-9). A set of characters a, b, c, d... Y, z, A, B, C... X, Y, Z, 0, 1, 2,.
Is rotated upward (or downward) from the first character at the rotation speed (in the memory unit 104) set in step S201-B. When the final character “9” is reached, the display is repeated from the first character “a”. In this state, when each character constituting the user's password (password constituent character) reaches the point portion 313, the user presses the password character input button 314 with the cursor 321 linked to the pointing device as the input portion 102. One character is input. By performing such an operation for the number of characters constituting the password, the entire password is input and stored in the memory unit 104. For example, when the password of the user is “era21”, when the password input GUI 311 is in each state as shown in FIG. 7, the password is input by sequentially pressing the input button 314.

  However, at this time, it is desirable that the timing of clicking at the time of inputting password constituent characters is configured so that it cannot be determined by a third party. That is, when clicking, it is desirable that the click sound is sufficiently low without causing a visual change such as temporarily stopping the rotation display or highlight drawing of the password input button 314 on the screen. The control unit 101 displays an asterisk “*”, for example, in the password text box 304 every time a character is input so that the number of characters already input can be known.

Step S203 (judgment of whether or not authenticated):
When the password input is completed and the “OK” button 305 of the logon dialog 302 is pressed by the mouse 321, the control apparatus 101 sends the combination of the user ID and password stored in the memory unit 104 to the authentication unit 106 as logon information. . In response to this, the authentication unit 106 searches whether the data set 3103 including the combination of the user ID and the password included in the received logon information exists in the authentication information unit 1402 in the user database 107 (1401). If it exists, “authentication success” is determined, and the process proceeds to step S204. If it does not exist, “authentication failure” is determined and the process proceeds to step S205.

Step S204 (display of confidential information):
When the authentication is successful, the authentication unit 106 sends confidential information 1405 corresponding to the authentication result including the authentication success and the authority information (in the data set 1401) of the user in the user database 107 (1401) to the control unit 101. send. In response to this, the control unit 101 displays an information display window as shown in FIG. 8A on the liquid crystal display as the display unit 103, and displays the received confidential information 3105 on the display unit 801. After the user refers to or edits the confidential information 3105 as necessary, for example, when an “end” instruction is input from the “file” menu 802 on the information display window, the control unit 101 executes step S211. To do.

Step S205 (notification of authentication failure):
In the case of authentication failure, the authentication unit 106 notifies the control unit 101 of an authentication result including the success of authentication. In response to this, the control unit 101 displays an “authentication failure dialog” as shown in FIG. 8B on the liquid crystal display as the display unit 103.

Step S206 (Do you want to log on again?):
When the “relogon” button 811 is pressed by the user from the “authentication failure dialog”, the process returns to step S201, and the control unit 101 performs the logon process again.

  When the “end” button 812 is pressed, the control unit 101 ends the authentication process of the present embodiment.

Step S211 (increment of logon count data):
The control apparatus 101 increments the logon count data of the user data set 3103 in the user database 107 (3101) by one. Thereafter, the control device 101 ends the authentication process of the present embodiment. Note that the process of step S211 may be performed immediately before step S204.

  Although the eighth embodiment has been described by applying the GUI of FIG. 3, it is apparent that the eighth embodiment can be applied to FIGS. 4 to 6 or FIG. 10 which is a voice guide input. That is, the present invention can be applied to the slot machine type rotation speed, pointer movement speed, and the number of characters to be read aloud.

  In particular, when the eighth embodiment is applied to the seventh embodiment, the time required for password input can be further reduced.

<Ninth Embodiment>
Next, a ninth embodiment based on FIGS. 14 to 16 will be described. The feature of the ninth embodiment is an example in which the instruction input speed of a character set that can be a password is changed according to the interval from the previous logon to the current logon. In the ninth embodiment, an example applied to the GUI of FIG. 5 will be described.

  Hereinafter, in the ninth embodiment, step S201-B in FIG. 16 is changed as follows.

Step S201-B (reading of logon time history data and setting of moving speed):
Based on the input user ID, the control apparatus 101 searches the authentication information part 1402 in the user database 107 (1401), and if a data set 1403 including the user ID exists, the control device 101 Logon time history data is read and stored in the memory unit 104. However, when the user has not logged on to the system, the maximum logon interval that can be managed is stored in the logon count data. Next, the control device 101 acquires current time data from the time measuring device 109. Next, the control apparatus 101 uses the current time data and the logon time history data to set a “logon interval”, for example,
Logon interval = calculated as the time from the last logon time to the current time, and used in the next step according to the value “the moving speed of the pointer on the GUI in a form in which the character set (see next step) is laid out linearly, For example, the setting is made as follows (the set moving speed data is stored in the memory unit 104).

Logon interval (time) Movement speed (rate / second)
200-240 0.10
160-200 0.12
120-160 0.14
80-120 0.16
40-80 0.18
0-40 0.20
However, the movement speed in the table indicates the number of characters that the pointer on the GUI moves (scans) the character set per second (for example, when this value is 0.10) The pointer scans from the first character “a” to the last character “9” in 10 seconds). In addition, although it does not need to explain, these numerical values only show an example.

  If the logon is successful, the time is additionally stored in the data set 1403 of the corresponding user ID.

  The above is an example applied to the GUI of FIG. 5, but it is obvious that the present invention can also be applied to FIG. 3, FIG. 4, FIG. 6, or FIG.

<Tenth Embodiment>
The tenth embodiment is particularly effective when any of a plurality of GUIs may be used, as shown in FIGS. For example, when applied to FIG. 4, four GUIs are shown. When the rotation speeds of the GUIs from left to right are defined as V1, V2, V3, and V4,
V1 <V2 <V3 <V4
The user inputs using the GUI he / she desires.

  With this configuration, the user can appropriately select a GUI with a speed suitable for himself and input a password, so that it is possible to achieve both a password input error and a reduction in input time. .

  In the case of application to FIG. 6, it is only necessary to replace the rotation speed with the movement speed of the pointer, so that it will not be described.

<Eleventh embodiment>
Next, an eleventh embodiment will be described. The eleventh embodiment is particularly convenient when applied to the eighth and ninth embodiments.

  According to the eighth and ninth embodiments, if the number of logons is large or the logon interval is short, the rotation speed in FIG. 4 or the movement speed of the pointer in FIG. 6 increases. For this reason, the change speed becomes too fast, and conversely, it may be determined as an input error.

  Therefore, in the eleventh embodiment, an example will be described in which the change speed is reduced when an input error occurs. The characteristic part in the eleventh embodiment is in step S202 of FIG. 16, and the other parts are the same as those in FIG. That is, it is assumed that the initial change speed is determined based on the number of logons (or logon interval) in step S201-B.

  FIG. 17 shows details of step S202 in the eleventh embodiment. Here, an example applied to the GUI of FIG. 3 will be described.

In the character rotation display unit 312 of the password input GUI 311 in the slot machine form in the logon dialog, the control unit 101 uses a set of characters that can be used for the password, for example, alphabets (lowercase letters, uppercase letters) and numbers (0-9). A set of characters a, b, c, d... Y, z, A, B, C... X, Y, Z, 0, 1, 2,.
Is displayed in an upward direction (or downward direction) from the first character at the rotational speed (eg, 0.20) determined in step S201-B (step S1701). However, when the final character “9” is reached, the display is repeated from the first character “a”. The numerical value of the rotation speed indicates the number of rotations of a set of characters that can be used for a password on the GUI per second (for example, when the numerical value is 0.10, the character Assume that the set makes one revolution in 10 seconds).

  Here, 0 is substituted for an index variable i indicating the number of password constituent characters to be input (step S1702). Next, the variable i is incremented by 1, and 0 is substituted for the variable k for substituting the number of input mistakes for the password constituent characters (step S1703).

  Next, it is determined whether or not the variable k is equal to or less than the upper limit value kmax of the number of input mistakes (step S1704). If true, the process proceeds to step S1705, and if false, the password input process is terminated. If false, the character string input so far may be stored in the memory unit 104 and then the process may proceed to step S203, or the entire authentication process may be immediately terminated.

  Next, when each character constituting the user's password (password constituent character) reaches the point portion 313, when the password character input button 314 is pressed by the cursor 321 linked to the pointing device as the input portion 102, i The th character is input (step S1705).

  Next, the control unit 101 sends a data set including the user ID, the value of the counter i, and the input password constituent characters to the authentication unit 106. In response to this, the authentication unit 106 determines whether or not the data set 1403 including the user ID in the received data exists in the authentication information unit 1402 in the user database 107 (1401). And whether the input character is “correct” or not, and notifies the control unit 101 of the result.

  The control unit 101 branches to steps S1707 and S1708, respectively, according to the authenticity of the result (step S1706).

  First, if the result is true, the control apparatus 101 determines whether or not the “OK” button 305 has been pressed by the user (step S1707). If true, the input character string is stored in the memory unit 104, and Proceed to step S203. If false, the process returns to step S1703 and proceeds to input of the next character.

  If it is determined in step S1706 that it is false, the control unit 101 displays a message indicating that “password component character input error” on the display unit 103 (step S1708), and then the character on the character rotation display unit 312. The rotational speed of the assembly is reduced by one step (step S1709). Then, after the variable k is incremented by 1 (step S1710), the process returns to step 1704, and the input of the password constituent characters with the input error is performed again. However, it is assumed that the speed stage is as follows, for example.

  In addition, when lowering the speed, a lower limit is determined and no further principle is used. In the case of the eighth embodiment, since the minimum speed is “0.10”, the speed is not further reduced.

  In FIG. 17, when it is determined that the i-th character matches, the process returns to step S1703, but the variable k may not be cleared to zero.

  In this embodiment, it is desirable that the timing of the mouse click at the time of inputting the password constituent characters is configured so that it cannot be determined by a third party when inputting the password. That is, when the pointing device is clicked, it is assumed that there is no visual change such as temporarily stopping the rotation display or highlight drawing of the password input button 314 on the screen, and the sound of the mouse click is sufficiently low. The control unit 101 displays an asterisk “*”, for example, in the password text box 304 every time a character is input so that the number of characters already input can be known.

  If this step is configured, for example, when the password of the user is “era21”, when the password input GUI 311 is in each state as shown in FIG. Each time a constituent character (“e”, “r”, “a”, “2”, “1”) is input, the correctness of the character is determined by the system, and the character in the character rotation display unit 312 is determined according to the result. The rotation speed of the assembly is adjusted appropriately.

  In order to reflect the final GUI character change speed next time, processing such as changing the number of logons of the user database 107 to the number at that time may be performed.

  In the above-described embodiment, it has been shown that it is particularly convenient to apply to the eighth and ninth embodiments, but conversely speaking, the speed is usually changed to some extent, and the input speed is reduced every time an input error occurs. You may make it do. Therefore, it is obvious that the eleventh embodiment can be applied not only to the eighth and ninth embodiments but also to other embodiments.

<Twelfth Embodiment>
Next, a twelfth embodiment will be described. The system configuration in the twelfth embodiment is the same as that shown in FIG.

  The processing flow of the twelfth embodiment is the same as that of FIG. 2, but will be described in order below for easy understanding. This process is started when a user of the system gives an instruction to start the authentication system by a pointing device or the like that is the input unit 102 connected to the terminal device.

Step S201 (input of user ID):
The control unit 101 displays a logon dialog 1802 in FIG. 18 on the screen 1801 of the user terminal. When the user inputs a user ID (for example, “tarou”) from the user ID input box 1803 on the logon dialog 1802 via the keyboard and finally presses the “Enter” key, the input user ID is stored in the memory unit 104. Stored in

Step S202 (input of password):
FIG. 19 shows a flow of password input processing in step S202, which will be described below.

  In this step, a password input method using a password input unit 1803b having a pointer by “symbol” as shown in FIG. 19 will be described. It is assumed that the password field 1804 of the logon dialog cannot be directly input.

The control unit 101 causes the password input unit 1803b in the logon dialog 1802 to store a set of characters that can be used for the password, for example, a set of characters composed of alphabets (lowercase letters, uppercase letters) and numbers (0-9),
"A, b, c, d ... y, z, A, B, C ... X, Y, Z, 0, 1, 2, ... 8, 9"
Is arranged in the region 1805 shown in the figure.

  Then, the control unit 101 sets a symbol group (indicator group) which is the same number as the characters in the character set 1805 and is different from the character set region 1805 (along the individual characters in the character set region 1805). , As shown in a region 1806 shown in the figure. However, the order of this symbol group is appropriately determined by the system in advance. In addition, in a secret manner (when sufficient safety can be confirmed), a specific symbol in the symbol group 1806, for example, “@” shown in the figure is set as a password input pointer symbol 1806b by the user. (Although not mentioned in the present embodiment, this pointer symbol 1806b may be changed periodically). Furthermore, it is assumed that which symbol is the password input pointer 1806b on the screen so that it cannot be visually discriminated (only a legitimate user confirms that the symbol “@” is a pointer. )

  The control unit 101 assigns 1 to the counter i (step S1901).

  Next, when the left movement button 1807 or the right movement button 1808 is pressed by the cursor 321 that is linked to the pointing device, the control unit 101 moves the pointer symbol group 1806 leftward or rightward and displays it (respectively) ( Step S1902). However, it is assumed that the symbols protruding from the left end (or right end) by this moving operation appear in order from the opposite right end (or left end). This move button may be input many times so that the pointer (1806b) known only to the user is located immediately below the first character constituting the password known to the user.

  Here, the control unit 101 increments the counter i by 1 (step S603).

  Next, when the input button 1809 is pressed by the cursor 321, the control unit 101 changes the character indicated by the pointer symbol “@” 1806 b (the character directly above this “@” 1806 b) to the i-th password constituent character. Is stored in the memory unit 104 (step S1904).

  For example, in the case of FIG. 18, since the character “Z” is directly above the pointer symbol “@” 1806b, “Z” is input and stored. Simultaneously with this input operation, “*” is additionally displayed in the password input field 1804.

  As described above, after the movement of the symbol group 1806 and the input of the password constituent characters are repeated, the input of all the characters constituting the password is completed, and finally the “OK” button 1811 is pressed (step S1905). The control unit 101 stores the input character string at that time in the memory unit 104 as a password, and proceeds to step S203. Note that the character group 1805 may move instead of the symbol group 1806 moving. In short, it suffices if one of them moves relatively.

  If this step is configured as described, when the input button 1809 is sequentially pressed when the symbol group 1806 is in each state of FIG. 20, the character string “ZcB90” is input to the system as a password.

However, in FIG. 10, for convenience, a character set that can be a password and a symbol group that is an index are respectively
a b c x y z A B X Y Z 0 1 9
~ =-# $% &'() @ * +?
(14 each).

Step S203 (judgment of whether or not authenticated):
The control unit 101 sends a set of user ID and password stored in the memory unit 104 to the authentication unit 106 as logon information. In response to this, the authentication unit 106 searches whether the data set 1403 including the combination of the user ID and the password included in the received logon information exists in the authentication information unit 1402 in the user database 107 (1401), If it exists, “authentication success” is determined, and the process proceeds to step S204. If it does not exist, “authentication failure” is determined, and the process proceeds to step S205.

Step S204 (display of confidential information):
If the authentication is successful, the authentication unit 106 sends confidential information 1405 according to the authentication result including the success of authentication and the authority information (in the data set 1403) of the user in the user database 107 (3101) to the control unit 101. send. In response to this, the control unit 101 displays an information display window 900 as shown in FIG. 8A on the liquid crystal display as the display unit 103, and displays the received confidential information 3105 on the display unit 901. After the user refers to or edits the confidential information 1405 as necessary, for example, when an “end” instruction is input from the “file” menu 902 on the information display window, the control unit 101 ends this processing. .

Step S205 (notification of authentication failure):
In the case of authentication failure, the authentication unit 106 notifies the control unit 101 of the authentication result including the authentication failure. In response to this, the control unit 101 displays an “authentication failure dialog” 910 as shown in FIG. 8B on the liquid crystal display as the display unit 103.

Step S206 (Do you want to log on again?):
If the “relogon” button 911 is pressed by the user from the “authentication failure dialog”, the process returns to step S201, and the control unit 101 performs the logon process again.

  If the “end” button 912 is pressed, the control unit 101 ends the authentication process of the present embodiment.

  As described above, by appropriately assigning symbols to the pointer group, a third party steals the screen operated by the user of the system and obtains a predetermined character string (password) itself or information related to the character string. It succeeds in making it hard to guess.

  As described above, the pointer 1806b is known only to the user (the administrator may be included), so that other users can use another symbol as a pointer. Become. In other words, since symbols used as pointers differ for each user, the data set 1403 for each user in FIG. 14 stores information indicating what is used as a pointer. To do. Further, the control unit 101 displays the screen (window) of FIG. 18, and when a user ID is input (determined when the enter key is pressed), the corresponding user ID is retrieved from the user database. The pointer identification information of the data set is received. Thereafter, the buttons 1807 to 1809 are used to input and store a password based on the pointer identification information.

  As described above, according to the twelfth embodiment, an authentication system with a high security level (safety) capable of avoiding the risk of password leakage due to malicious third party snooping can be realized.

  In the twelfth embodiment, the character set that can constitute the password and the symbol (group) that functions as the pointer are displayed side by side, and the symbol group is moved (scrolled) as appropriate. The target to be performed may be a character set that can constitute a password. In short, either one may be moved relative to the other.

  In the embodiment, the example in which the pointer for inputting the password is a symbol has been described. However, as illustrated in FIG. 21, a “simple image” may be used. In the case of FIG. 21, the pointer used by the user is an image 2101, and an example using this is shown. As illustrated, the password “ZcB90” can be input by appropriately moving the image group to the left and right. Compared to FIG. 20, the amount of memory required for handling images increases, but it is clear that the same effect can be achieved. As an advantage in the case of FIG. 20, an image created by the user himself (an image of a favorite talent, etc.) can be used as a pointer. In this case, the corresponding image is registered in the data set 1403 for each user in FIG. In addition, as another image serving as a dummy, an image prepared in advance may be used, or an image registered by another user may be used.

<13th Embodiment>
In the case of the twelfth embodiment, since the cursor 321 moves on the three buttons 1807 to 1809, the timing when the button 1809 is clicked may be overlooked by a third party. If the combination of the leftmost character of the character set 1805 and the leftmost symbol of the symbol set 1806 at each timing when the button 1809 is clicked, the correct password is entered into the system even if the password itself is unknown. It will be done. In other words, there is a slight risk that a third party can impersonate the user and log on to the system. Therefore, in the thirteenth embodiment, the following is performed.

  First, when the user ID is input on the screen of FIG. 18 (can be determined by pressing the enter key), the pointer identification information of the data set of the corresponding user ID is received from the user database. To do. Thereafter, the symbol group 1806 is rearranged.

  If it does in this way, after all, whenever it logs on, the arrangement order of the symbol group 1806 will change, and there is no such a worry (refer FIG. 22, FIG. 23).

  Further, since the user inputs one character each time the button 309 is clicked, one character may be input by clicking the button 309, and the symbol group 1806 may be rearranged each time capturing is completed. However, both may be adopted.

  With the processing described above, even when the combination of the leftmost character set and symbol set in the password input unit 1803b at the time of password input (when the button 1809 is clicked) is known, the correct password is input to the system. It is possible to avoid the risk of a malicious third party impersonating the user and logging on to the system.

  The first to thirteenth embodiments according to the present invention have been described above. However, it is obvious that the authentication system of the above embodiment is not limited to a specific application such as database browsing or search.

  It is also apparent that the present invention can function as an application that operates on a general-purpose information processing apparatus such as a personal computer.

  In particular, the password input technique described in this embodiment can be applied to an existing system that displays a password input dialog box. More specifically, an application related to password input according to the present embodiment is interposed instead of directly inputting into a password input field such as an existing database using a keyboard. When it becomes necessary to enter a password in a database, etc., the password input application described in the embodiment is executed instead of directly operating the keyboard, and the password entered through the application is stored in the database. It would be convenient to paste in the password input field.

  In addition, since the computer program is normally stored in a computer readable storage medium such as a CDROM, and is set in a computer and copied or installed in the system, the present invention may include such a computer readable storage medium as its category. it is obvious.

It is a system block block diagram in the 1st thru | or 7th embodiment. It is a flowchart which shows the logon processing procedure in the system in the 1st thru | or 7th embodiment. It is a figure which shows the screen of the logon user interface in 1st Embodiment. It is a figure which shows the screen of the logon user interface in 4th Embodiment. It is a figure which shows the screen of the logon user interface in 2nd Embodiment. It is a figure which shows the screen of the logon user interface in 4th Embodiment. It is a figure which shows transition of the input screen of the character which comprises the password in 1st Embodiment. FIG. 4A shows a screen when logon is successful, and FIG. 4B shows a screen when failure occurs. It is a figure which shows transition of the character and screen which comprise the password in 2nd Embodiment. It is a figure which shows the relationship between the order of the character at the time of carrying out the audio | voice reproduction | regeneration in 3rd Embodiment, and the input timing of a password. It is a flowchart which shows the process sequence in 7th Embodiment. It is a figure which shows transition of the input screen of the character which comprises the password in 7th Embodiment. It is a figure which shows the other transition of the input screen of the character which comprises the password in 7th Embodiment. It is a figure which shows the structure of the user database 107 in 8th Embodiment. It is a system block block diagram in 8th Embodiment. It is a flowchart which shows the process sequence in 8th Embodiment. It is a flowchart which shows the password input process in 11th Embodiment. It is a figure which shows the screen of the logon user interface in 12th Embodiment. It is a flowchart which shows the password input process in 12th Embodiment. It is a figure which shows transition of the input screen of the character which comprises the password in 12th Embodiment. It is a figure which shows the other transition of the input screen of the character which comprises the password in 12th Embodiment. It is a figure which shows the rearrangement process in 13th Embodiment. It is a figure which shows the other rearrangement process in 13th Embodiment.

Claims (18)

An information processing apparatus that requires a logon procedure to perform predetermined processing,
A display control means for moving and displaying one of a character set of characters that can constitute a password and an index for indicating one character in the character set;
Storage means for sequentially storing the characters indicated by the index as characters constituting a password each time there is a character instruction input from a predetermined character instruction means;
An information processing apparatus comprising: a determination unit that determines a character string stored in the storage unit as a logon password when an instruction to end password input is given.   The display control means is drum rotation display means for displaying the index fixedly, arranging the character set on a virtual rotating drum, and displaying the rotation of the rotating drum. The information processing apparatus described.   The information processing apparatus according to claim 1, wherein the display control unit is a unit that arranges and displays the character sets in a fixed manner, and moves and displays the indices in order of the character sets. A plurality of the display control means, and a plurality of the character instruction means corresponding to each display control means, the character phases indicated by the indicators of the individual display control means are different from each other,
The storage means sequentially stores characters corresponding to the rotation position of the corresponding rotating drum as characters constituting a password each time a character instruction is input by any one of the character instruction means. Item 4. The information processing apparatus according to Item 1. A plurality of the display control means and a plurality of the character instruction means corresponding to each display control means, the relative movement speeds of the indicators of the individual display control means are different from each other,
The storage means sequentially stores characters corresponding to the rotation position of the corresponding rotating drum as characters constituting a password each time a character instruction is input by any one of the character instruction means. Item 4. The information processing apparatus according to Item 1.   The information processing apparatus according to claim 1, further comprising a plurality of display control units, wherein the character instruction unit functions only for one display control unit set in advance. And a determination means for determining whether or not an instruction to change the relative movement direction of the indicator has been input by the display control means;
7. A moving direction control unit that controls the relative movement of the index in the instructed moving direction when the determining unit determines that there has been a change instruction. The information processing apparatus described in 1. Furthermore, history storage means for storing the number of logons or the time from the previous logon to the current logon,
The speed control means for controlling the relative movement speed of the indicator by the display control means based on the information stored in the history storage means, The control apparatus according to any one of claims 1 to 7, Information processing device. Furthermore, a determination means for determining whether or not the password matches,
9. A moving speed reduction means for controlling the display control means so as to decelerate and display the relative movement speed of the indicator when the determination means determines that they are inconsistent. The information processing apparatus according to any one of the above. An information processing apparatus that requires a logon procedure to perform predetermined processing,
Voice output means for sequentially synthesizing and outputting a character set of characters that can constitute a password;
Storage means for sequentially storing characters to be output by the voice output means as characters constituting a password each time there is a character instruction input from a predetermined character instruction means;
An information processing apparatus comprising: a determination unit that determines a character string stored in the storage unit as a logon password when an instruction to end password input is given. An information processing apparatus that requires a logon procedure to perform predetermined processing,
A display means for displaying adjacently a character set of characters that can constitute a password and an index set of the same number of character sets and different display forms;
In accordance with a movement direction input from a predetermined movement direction input means, movement display means for moving and displaying one of the character set and the index set in a direction designated with respect to the other;
Storage means for sequentially storing characters adjacent to a user-specific index position in the index set as characters constituting a password each time there is a character instruction input from a predetermined character input means;
An information processing apparatus comprising: a determination unit that determines a character string stored in the storage unit as a logon password when an instruction to end password input is given. A method of controlling an information processing apparatus that requires a logon procedure to perform predetermined processing,
A display control step of moving and displaying one of a character set of characters that can constitute a password and an index for indicating one character in the character set;
A storing step of sequentially storing the characters indicated by the index as characters constituting a password in a predetermined storage unit each time there is a character instruction input from the predetermined character instruction unit;
And a determination step of determining a character string stored in the storage means as a logon password when an instruction to finish inputting the password is given. A method of controlling an information processing apparatus that requires a logon procedure to perform predetermined processing,
A voice output step of sequentially synthesizing and outputting a character set of characters that can constitute a password;
A storage step of storing the character to be output by the voice output step in order in a predetermined storage unit as a character constituting a password each time there is a character instruction input from the predetermined character instruction unit;
And a determination step of determining a character string stored in the storage means as a logon password when an instruction to finish inputting the password is given. A method of controlling an information processing apparatus that requires a logon procedure to perform predetermined processing,
A display step of displaying adjacently a character set of characters that can constitute a password and an index set of the same number of character sets and different display forms;
A movement display step of moving and displaying one of the character set and the index set in a direction designated with respect to the other according to a movement direction input from a predetermined movement direction input means;
Each time there is a character instruction input from a predetermined character input means, a character adjacent to a user-specific index position in the index set is sequentially stored in a predetermined storage means as a character constituting a password;
And a determination step of determining a character string stored in the storage means as a logon password when an instruction to finish inputting the password is given. A computer program for an information processing apparatus that requires a logon procedure to perform predetermined processing,
A display control means for moving and displaying one of a character set of characters that can constitute a password and an index for indicating one character in the character set;
A storage unit that sequentially stores the character indicated by the index as a character constituting a password in a predetermined storage unit each time a character instruction is input from the predetermined character instruction unit;
A computer program that functions as a determination unit that determines a character string stored in the storage unit as a logon password when an instruction to end password input is given. A computer program for an information processing apparatus that requires a logon procedure to perform predetermined processing,
Voice output means for sequentially synthesizing and outputting a character set of characters that can constitute a password;
A storage unit that sequentially stores, in a predetermined storage unit, characters to be output by the voice output step as characters constituting a password each time there is a character instruction input from the predetermined character instruction unit;
A computer program that functions as a determination unit that determines a character string stored in the storage unit as a logon password when an instruction to end password input is given. A computer program for an information processing apparatus that requires a logon procedure to perform predetermined processing,
A display means for displaying adjacently a character set of characters that can constitute a password and an index set of the same number of character sets and different display forms;
In accordance with a movement direction input from a predetermined movement direction input means, movement display means for moving and displaying one of the character set and the index set in a direction designated with respect to the other;
Means for storing characters adjacent to a user-specific index position in the index set in a predetermined storage means in order as characters constituting a password each time there is a character instruction input from the predetermined character input means;
A computer program that functions as a determination unit that determines a character string stored in the storage unit as a logon password when an instruction to end password input is given.   A computer-readable storage medium storing the computer program according to any one of claims 15 to 17.

Images