JP2007122262A - Password conversion device - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To limit the use of software such as an application without requiring any labor by using a password, and to improve the security of software while reducing the labor of the management of the password. <P>SOLUTION: This password conversion device 10 interposed between software 11 for requiring the input of a password and an input means 2 for inputting the password in response to a password input request from the software is provided with an acquisition means SW1 for acquiring the password input through the input means without handing it over to the software; a storage means 104 for storing the conversion rule of the password; a conversion means 103 for converting the acquired password into a different password according to the conversion rule; and a means 101 for handing the converted password over to the software. <P>COPYRIGHT: (C)2007,JPO&INPIT

Description

  The present invention relates to a password conversion device.

  2. Description of the Related Art Conventionally, there is an application that runs on a computer that requires a password when starting up or when opening a file used by the application.

  When a password input request is made, the user of the application is notified in advance by an appropriate method and inputs the acquired password. Then, whether the entered password is true or false is determined, and when a determination result is true, application activation processing and file expansion processing are executed.

As prior arts related to password input, for example, there are those disclosed in Patent Documents 1 to 3 shown below.
JP 2000-259324 A JP 2001-109717 A JP 2002-14926

Regarding password management, there were the following problems. For example, there is a case where the use restriction of an application permitted to be used in a specific place (for example, in a company) is performed using a password. In this case, for example, when the application is started, the user is prompted to enter a password, and the application cannot be used unless an accurate password can be input. However, if a person who knows the password, for example, stores the application on a recording medium, takes it out of a specific location, and installs it on the computer at another location, the person knows the password. Can be used. As described above, there is a possibility that proper use restriction of the application cannot be achieved.

  In addition, for example, if an application is restricted to a specific person (for example, an employee) in a specific place (for example, in a company), if the employee leaves the company, security from hacking etc. through password leakage is ensured. Therefore, it may be necessary to change the password. However, passwords are usually built into the application, and to change the password, the application had to be modified. At this time, if the same application is installed on a large number of computers (for example, several tens to several hundreds), the application on each computer must be modified for each password. The work was very complicated.

  The present invention has been made in view of the above circumstances, and an object of the present invention is to provide a technology capable of restricting the use of software such as an application without requiring labor by using a password.

  Another object of the present invention is to provide a technique capable of improving the security of software such as an application while reducing the labor of password management.

The present invention adopts the following configuration in order to solve the above problems. That is, the present invention is a password conversion device interposed between software requesting password input and input means for inputting a password in response to a password input request from the software,
An acquisition means for acquiring a password input via the input means without passing it to the software;
Storage means for storing password conversion rules;
Conversion means for converting the acquired password into a different password according to the conversion rule;
Means for delivering the converted password to the software;
Is a password conversion device including

According to the present invention, a password different from the input password converted by the conversion means according to the conversion rule is delivered to the software as the password request source. For this reason, a password (``
If the user is notified of the “apparent password”, the user can use the software by entering the apparent password without knowing the true password.

  On the other hand, according to the present invention, it is not necessary to notify the user of the true password. This means that even if a certain user installs software whose use place is restricted on a computer in a place where the use is not permitted, the password conversion device according to the present invention exists in the computer. If not, it means that the software cannot be given a true password, and as a result, the software cannot be used. This makes it possible to restrict the use of appropriate software without managing the apparent password notified to the user.

  In addition, the password conversion apparatus according to the present invention is an entity that is interposed between the software and the input means and is independent of the software. This means that if the conversion rule stored in the storage means is modified, the apparent password notified to the user can be changed without changing the true password. Thereby, labor saving of password change work can be achieved.

  In the present invention, software includes various programs such as application programs (applications) and operating systems. The password in the present invention is composed of letters, numbers, figures, symbols, or combinations thereof. Further, in this specification, “characters” constituting a password include characters, numbers, figures, and symbols defined by an arbitrary character code.

Preferably, the password conversion device according to the present invention further includes a reception unit that receives conversion rule update information, and an update unit that updates the conversion rule in the storage unit using the update information,
The receiving means is preferably configured to receive update information input through a communication line.

In this way, it is possible to automatically update the conversion rules (that is, the apparent password change operation) in the password conversion device in a short time. As a result, hacking (illegal use of software) due to password leakage can be suppressed. That is, software security can be improved.

In addition, when there are a large number of password conversion devices, update information is given all at once, so that update of conversion rules (apparent password update) in each password conversion device can be executed at a time. As a result, the password changing operation for the same software installed in a large number of computers can be greatly simplified.

  Preferably, in the password conversion device according to the present invention, the conversion rule is a rule for converting a password input according to a key layout display for a plurality of keys of the input means into a different password according to a key layout different from the key layout display. including.

  Preferably, in the password conversion device according to the present invention, the conversion rule includes a rule for converting an input character into a character of the same type or different type different from the input character.

  The rules for converting characters are created using, for example, kana conversion that converts input Roman letters (alphabet) into hiragana and kana-kanji conversion that converts hiragana (reading) into predetermined kanji or katakana according to dictionary data.

  Preferably, in the password conversion device according to the present invention, the conversion unit generates the different passwords having more or less characters than the number of characters of the input password.

  Further preferably, in the password conversion device according to the present invention, when the key included in the input means has a plurality of states, the conversion rule is made known to the user of the state of the key at the time of password input. Includes rules to switch to another state without.

  Further, in the present invention, it is preferable that the conversion unit is configured to start the conversion process after the password input from the input unit is completed.

The present invention can be specified as an information processing apparatus including the password conversion apparatus as described above. In addition, the present invention can be specified as a password conversion method having the same characteristics as the above-described password conversion device. Furthermore, the present invention can specify an information processing apparatus (computer) as a program that functions as a password conversion apparatus as described above, or a recording medium that records the program.

Further, the present invention provides means for generating information indicating a conversion rule for returning an apparent password generated from a true password requested by software to the true password;
Means for transmitting, via a communication line, information indicating the conversion rule to a computer having a password conversion device that converts the apparent password into a true password according to the software and the conversion rule, and delivers the information to the software. It is a password management device.

  According to the present invention, it is possible to limit the use of software such as an application without requiring labor. Further, according to the present invention, the labor for managing passwords can be reduced.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings. The configuration of the embodiment described below is an exemplification, and the present invention is not limited to the configuration of the embodiment.

[Background of the present invention]
First, the background of the present invention will be described. Personal computer (PC), workstation (WS)
A keyboard used as an input device of an information processing device (computer) of a mobile computer (PDA or the like) is an input interface between a computer and a person, and each of key tops of a plurality of keys provided on the keyboard Is attached with a typeface indicating characters to be input to the computer when the key is pressed.

  Normally, when the user refers to the character attached to the key and presses the key attached with the character to be input, the character attached to the key is displayed on the display. As described above, there is a certain relationship between the character (key top display) attached to the key top and the character displayed on the display. The user can confirm whether or not his / her key input operation is incorrect by referring to the characters displayed on the display.

However, in the following cases, the contents displayed on the display in response to the user's key input may be different from those intended by the user.
(1) If the software is made in a foreign country and does not support Japanese keyboards
(2) When the numeric keypad is inactive, the Numeric key (numeric input key) is active, or the Caps Lock key (English uppercase / lowercase switching key) is on.
(3) When Kana-Kanji conversion is mistaken for Roman input mode or Kana input mode.
(4) When the input rules such as stuttering and muddy sound are wrong in romaji input.
(5) When the keyboard is customized with Kana-Kanji conversion software.
(6) When the keyboard layout is customized with utility software.

  On the other hand, when software such as an application program (hereinafter simply referred to as “application”) or OS requests a password input as a start condition (use condition), and the user inputs an accurate password Some of them only provide an environment for using software.

  Generally, when password input is required, a password input box or window is displayed on the display, and the user writes the password in an input field in the box or window using a keyboard. The password is usually composed of characters, numbers, figures, symbols, or a combination thereof that are input by keystrokes.

When entering a password, each character constituting the entered password is normally displayed as a predetermined hidden character (for example, * (asterisk)) in order to prevent leakage of the password to others. That is, regardless of the content of the password, a state (for example, “*****”) in which hidden characters are arranged is displayed in the password input field. This indicates that the relationship between the key top display and the screen display does not have to be established when entering the password. That is, even if the contents of the password input result intended by the user and the password actually delivered to the software are different, the input result is not displayed on the display, which means that the user cannot know it.

  The present invention has been made paying attention to the above points, and converts an apparent password input from a user into a true password requested by software as a password request source, and passes the software to a password conversion device. provide.

Embodiment
<Information processing device>
FIG. 1 is a diagram illustrating an information processing apparatus (computer) in which a password conversion apparatus according to an embodiment of the present invention is installed. As the computer 1, various general-purpose or dedicated computers such as a personal computer (PC), a workstation (WS), and a mobile computer such as a PDA can be applied.

  The computer 1 includes a processor such as a CPU, storage means such as a main memory (RAM and the like) and an external storage device (for example, a hard disk), an input / output interface, a communication interface, and the like. ) A keyboard 2 is connected to a display 3 which is an output device (display means).

  By executing various programs stored in the storage means, the computer 1 has a password conversion device 10, an application (software) 11, a BIOS (Basic Input Output System) 12, as shown in FIG. It functions as an apparatus including a display control unit 13, an IM (Input Method: Japanese input system) 14, a communication I / F 4, and a mailer 15.

  The IM 14 includes a Romaji-kana conversion unit 141 that converts Roman characters into Hiragana characters, a Kana-Kanji conversion unit 142 that converts hiragana characters into Kanji characters, and a control key processing unit 143 that implements functions using control keys provided on the keyboard 14. Have.

The keyboard 2 includes a key group 2A, a numeric keypad group 2B, and LEDs 2C and 2D.
The first key group 2A is roughly composed of a character input key, a switching key, and a control key. The switching key is Caps Lock that switches between uppercase and lowercase letters entered by typing the character input key.
Includes Num Lock key that is key and numeric input key.

Generally, when the Caps Lock key is on, alphabetic characters are input in uppercase letters, and when the Caps Lock key is off, alphabetic characters are input in lowercase letters. In general, when the Num Lock key is on, the numeric key group 2B can be used to enter numbers, and when it is off, the numeric key group 2B displays the cursor displayed on the display 3 with 8 cursors. Functions as a direction key that can move in the direction. In some cases, a predetermined character input key is switched to a numeric input key in accordance with ON / OFF of the Num Lock key.

  The control key is a combination of the character input key and the Ctrl key or Shift key for realizing a predefined function, the IM14 on / off switch key, and the enter key for confirming the input character or character string (input content). Includes keys etc.

  Characters, numbers, figures, symbols, key names, function names, and the like input by keystrokes are attached to the surfaces (key tops) of the keys constituting the key group 2A and the numeric key group 2B. .

The LED 2C is an indicator lamp that displays the ON / OFF state of the Caps Lock key. The LED 2D is an indicator lamp that displays the on / off state of the Num Lock key.

  The application 11 is software that provides the user of the computer 1 with a work environment according to a work use such as document editing or spreadsheet by executing an application program stored in an external storage device by a processor. is there. The user can perform a desired work by operating the keyboard 2 and inputting various information such as characters in the work environment displayed on the display 3 by the application 11.

  For example, the application 11 provides a character (sentence) input environment to the display 3 via the display control unit 13. The user can input a desired character to the input environment by pressing a character input key of the keyboard 2.

For example, when a user inputs half-width alphanumeric characters using a character input environment, a key (for example, a key with a desired alphanumeric character) is displayed in accordance with a display attached to the key in a state where IM 14 is off. , “A”). Then, a scan code corresponding to the pressed key is generated in the keyboard 2, and the scan code is input to the BIOS 12. The BIOS 12 analyzes the scan code and converts the scan code into a character code (for example, ASCII code or JIS Roman character code) according to the analysis result. The character code is transmitted to the display control unit 13, and the half-width character “A” is displayed on the display 3.

The above processing is performed every time the character input key is pressed, and the character string corresponding to the pressed key is displayed on the display 3. Then, with the predetermined character string displayed, for example, by pressing the Enter key, the input content (content of the input character string) is confirmed and transmitted to the application 11. Then, the application 11 executes a predetermined process defined in advance for the input content (character string).

On the other hand, when the user inputs Japanese (Hiragana, Katakana, Kanji) using the character input environment, the display attached to the key and the request are made with the IM 14 turned on. Enter Romaji or Kana characters according to the input mode (Romaji input, Kana input). For example, when inputting a hiragana “A” by Roman character input, the user presses a key with a letter “A”. Then, in the same manner as described above, the character code “A” is output from the BIOS 12 and input to the IM 14.

In IM14, the romaji kana conversion unit 141 converts the romaji into hiragana using the kana conversion table 141A. The Kana conversion table 141A stores a conversion table of Romaji and Hiragana. For example, Romaji “A” (character code) is converted to Hiragana “A” (character code). Such a conversion result is displayed on the display 3 via the display control unit 13. At this time, the hiragana “a” is displayed in a so-called unconfirmed state.

  In the unconfirmed state, when the user wants to convert hiragana “a” into kanji with “a” or “a” reading, the user presses a predetermined conversion key prepared in the key group 2A, for example. Then, the kana-kanji conversion unit 142 acquires, as a conversion candidate, one of the kanji characters having the reading “a” using the dictionary (reading and kanji correspondence table) 142A. At this time, katakana “a” is treated as one of the kanji characters.

When there are a plurality of conversion candidates, each time the user presses the conversion key, the kana-kanji conversion unit 142 sequentially searches for different conversion candidates and each conversion candidate is displayed on the display 3. When the user presses a key (for example, the Enter key) for confirming the input of the conversion candidate when the desired conversion candidate is displayed on the display 3, the conversion candidate is determined as the input result. The confirmed input content is given to the application 11, and a predetermined process corresponding to the input content is executed.

  By the way, the application 11 requests the user to input a password at the time of starting the application 11, and when the application 11 receives an appropriate password, it is assumed that the user has a legitimate right to use the application 11 and is requested from the user. Is configured to provide a working environment.

  Therefore, the application 11 is configured to output a password input request when receiving the activation request. The password input request is given to the display control unit 13, and the display control unit 13 displays a predetermined password input screen (window) W according to the request.

The window W has a password input field W1. The user enters a predetermined password character string notified in advance in the password input field W1. At this time, the input characters are displayed in a predetermined hidden character for password concealment. And when all the characters that make up the password have been entered, the content confirmation key (for example, the Enter key) is pressed,
A password character string is given to the application 11.

<Password converter>
In the embodiment, the password conversion device 10 is a function realized by a processor executing a program stored in a storage unit constituting the computer 1. In FIG. 1, the password conversion device 10 has the following configuration in consideration of the above-described configuration and operations and actions based on the configuration.

  That is, the password conversion apparatus 10 includes a control unit 101, a switching key control unit 102 connected to the control unit 101, a key conversion unit 103, and key maps 104A and 104B referred to by the key conversion unit 103. .

In addition, the password conversion device 10 includes a Kana conversion table 141B # 0, # 1 that can be switched between the Kana conversion table 141 and the Kana conversion table 141A, and a Kana-Kanji conversion unit 142 between the dictionary 142A. The switchable dictionary 142B # 0, # 1 and the control key processing unit 143 have a control key table 143B that can be switched between the control key table 143A.

Furthermore, the password conversion device 10 has a function for switching the output destination of the character code from the BIOS 12 between the password management device 10 and the application 11 side, and a function for switching the kana conversion table, dictionary, and control key table to be used. And have. These functions are schematically shown as switches SW1, SW2, SW3, SW4 in FIG. Switching control of each switch is performed by the control unit 101.

  The control unit 101, the switching key control unit 102, the key conversion unit 103, and the switches SW1 to SW4 are functions realized by executing a program. The key map, the kana conversion table, the dictionary, and the control key table are, for example, external storage. It is created on a storage means such as a device. Hereinafter, the configuration of the password conversion apparatus 10 shown in FIG. 1 will be described in detail individually.

<Control part>
The control unit 101 controls operations of the switching key control unit 102, the key conversion unit 103, and the switches SW1 to SW4 when a password is input. Specifically, the control unit 101 performs the following processing.
<1> Switching control of switch SW1 <2> Switch key state control through switching key control unit 102 <3> Key input conversion through key map conversion unit 103 <4> Switching control of switches SW2 to SW4 The application 11 is configured to detect a password input request output to the display control unit 13 (display 3). When detecting the password input request, the control unit 101 activates the entire password conversion apparatus 10 and switches the switch SW1 to a state in which the control unit 101 is selected. Thus, the character (keyboard input) output from the BIOS 12 is input to the password conversion device 10 (obtained by the control unit 101) without being delivered to the application 11.

On the other hand, when the application 11 succeeds in password authentication, the control unit 101 performs a termination process of the password conversion apparatus 10 and switches the switch SW1 to a state in which the application 11 is selected. Thus, after successful password authentication, the keyboard input is transmitted to the application 11 without going through the password conversion device 10.

Thus, the password conversion apparatus 10 is configured to be activated only when a password is input. However, the password input request detection function (and e-mail detection function described later) by the control unit 101 is configured to be resident (always activated when the computer 1 is activated).

  In addition, the control unit 101 uses the switching key control unit 102, the key conversion unit 103, and the IM 14 to perform password conversion control for converting an apparent password input from the keyboard 2 into a true password requested by the application 11. Execute. The password conversion control is executed according to the state of the password conversion apparatus 10 set in the state management table 105 of the control unit 101. The state management table 105 is created on the storage means.

  In the present embodiment, a plurality of password conversion rules are defined for the password conversion device 10, and the password conversion device 10 is configured to perform password conversion according to one of the plurality of conversion rules. The state of the password conversion device 10 is prepared according to the conversion rule applied in that state.

  FIG. 2 is a diagram illustrating an exemplary data structure of the state management table 105. As shown in FIG. 2, the state management table 105 stores a state defined for the password conversion device 10 and a flag indicating ON / OFF of the state.

In the example shown in FIG. 2, “switching key control (0)”, “key conversion (1)”, “character number increase / decrease (2)”, “kana conversion” are defined as the states (conversion rules) defined in the password conversion device 10. Five states (conversion rules) comprising “(3)” and “Kana-Kanji conversion (4)” are prepared. Attached to each state (
The numbers 0) to (4) indicate codes (identification information) assigned to the respective states.

  The state of the password conversion device 10 is specified by setting the flag for each state to ON (1) / OFF (0). In the example shown in FIG. 2, only “key conversion” is turned on, and the rest are turned off. Thus, the password conversion device 10 is in a state of performing password conversion by “key conversion”.

  However, when two or more flags are set to ON at the same time, it is possible to create a further state in which the states (0) to (4) are appropriately combined. However, in order to simplify the description, in the following description, a mode in which only one flag can be turned on from states (0) to (4) will be described.

Further, the state management table shown in FIG. 2 includes details of detailed settings corresponding to the states (0) to (4) (
Detailed information) is stored. In the example shown in FIG. 2, the state (0), that is, the conversion rule “switching key control”.
As a detailed setting when is turned on, “switching key type” can be selected.

  “Switch key type”, for example, “Num Lock key only (0)”, “Caps Lock key only (1)”, “Num Lock key and Caps Lock key (2)”, etc. Key type definitions can be prepared.

Furthermore, a definition indicating the key state after switching can be given to the “switching key type”. For example, the key corresponding to the set switching key type is switched on (
Can be defined). For example, “Caps (1)” shown in FIG. 2 indicates that the Caps Lock key is turned on (however, LED 2C is turned off) when a password is input.

  In the example shown in FIG. 2, “key map number” can be selected as the detailed setting when the state (1), that is, the conversion rule “key conversion” is on. “Key map number” indicates designation of a key map referred to by the key conversion unit 103. In this example, when the key map number “0” is designated, the key map 104A is used, and when “1” is designated, the key map 104B is used.

  The key maps 104A and 104B store different contents, and the password conversion conversion rule by “key conversion” can be further subdivided by changing the key map designation in the detailed settings. .

  In the example shown in FIG. 2, “increase / decrease” can be selected as the detailed setting when the state (2), that is, the conversion rule “character number increase / decrease” is on. Here, as a conversion rule by “increasing or decreasing the number of characters”, the control unit 101 increases or decreases the number of constituent characters with respect to the apparent password (character string) input from the keyboard. Is configured to generate passwords.

  When increasing the number of characters, how to increase the number of characters can be set as appropriate. For example, the same character as a character at a predetermined position (first, last, or predetermined number) can be given to the end of the character string. Further, the number of increased characters is also arbitrary.

  When the number of characters is reduced, the reduction method can be set as appropriate. For example, it is configured to delete a character existing at a predetermined position. At this time, how many characters are deleted from which position can be arbitrarily set.

  In the present embodiment, for example, one of “increase (0)” and “decrease (1)” can be designated as “increase / decrease”. When “increase (0)” is designated, the same character as the character existing at the predetermined position of the apparent password is set to be added to the end of the apparent password.

On the other hand, when “decrease (1)” is designated, the apparent position of the password (
For example, the character existing at the end) is configured to be deleted. Note that, instead of the above-described configuration, it is possible to set detailed rules regarding the increase / decrease of characters and increase the types of conversion rules.

  In the example shown in FIG. 2, “table / dictionary number” can be selected as the detailed setting when the state (3), that is, the conversion rule “kana conversion” is on. The “table / dictionary number” indicates designation of a kana conversion table used by the Romaji-kana conversion unit 141. In this example, when the table / dictionary number “0” is specified, the kana conversion table 141B # 0 is used, and when “1” is specified, the kana conversion table 141B # 1 is used. .

  In the example shown in FIG. 2, “table / dictionary number” can be selected as the detailed setting when the state (4), that is, the conversion rule “Kana-Kanji conversion” is on. In this case, “table / dictionary number” indicates designation of a kana conversion table and a dictionary used by the kana-kanji conversion unit 142. In this example, when the table / dictionary number “0” is specified, the kana conversion table 141B # 0 and the dictionary 142B # 0 are used. When “1” is specified, the kana conversion table 141B # 1 and the dictionary 142B are used. # 1 is used.

  In this way, like the key map number, a plurality of kana conversion tables and dictionaries can be prepared, and the kana conversion table and dictionary to be used can be arbitrarily designated. Thus, one of a plurality of conversion rules having different results can be selected in the states (3) and (4).

  Further, in the example shown in FIG. 2, on / off of the “control key” can be selected in the states (3) and (4). When the “control key” is off (0), it means that the control key table 143A is used by the control key processing unit 143. When the “control key” is on (1), the control key table 143A is used by the control key processing unit 143. Means that the control key table 143B is used instead.

  When the control unit 101 detects a password input request from the application 11, the control unit 101 refers to the setting content of the state management table 105, and sends a control instruction according to the setting content to the switching key control unit 112, the key conversion unit 103, or This is given to the IM 14, or the switching control of the selection state of the switches SW2 to SW4 is performed.

  When the password is input in the half-width English character input mode, the control unit 101 displays a password character string input from the BIOS 12 according to “switching key control (0)” or a password character string output from the key conversion unit 103 (apparently The password conversion result) can be given to the application 11 as a true password character string.

  In addition, the control unit 101 can provide the application 11 with the conversion result into Japanese by the IM 14 as a true password character string when the password is input in the Japanese input mode.

<Switching key control unit>
The switching key control unit 102 switches the state of the switching keys (Caps Lock key and Num Lock key) provided on the keyboard 2 to the state specified in the control instruction given from the control unit 101. At this time, the switching key control unit 102 also controls the ON / OFF state of the LEDs 2C and 2D. Specifically, the switching key control unit 102 maintains the state of the LED 2C and / or 2D at that time when the LED 2C and / or 2D is normally turned on or off by state switching.

For example, the switching key control unit 102 switches the Caps Lock key, which is in the off state when the password is input, to the on state without lighting the LED 2C. As a result, the user intends to input lowercase characters, and actually, uppercase characters are input.

  Alternatively, the switching key control unit 102 switches on the Num Lock key, which is set by the user at the time of password input, while turning off the LED 2D.

  Thus, for example, when the numeric keypad 2B is changed to the direction key by turning off the Num Lock key, the numeric keypad input that the user intends to input numbers is accepted as the direction key input, and as a result, the character input is invalid. Key input.

  By the switching key control as described above, the input result of the password input by the user is different from the one intended by the user. Therefore, if the input result obtained by the switching key control is a true password when the user enters an apparent password, such an unintended input result can be used as a true password. 11 can be given.

<Key converter>
The key conversion unit 103 receives a character code from the BIOS 12 and a key map number as a control instruction from the control unit 101. The key conversion unit 103 converts the character mode into a character code according to one of the key maps 104A and 104B corresponding to the designated key map number, and passes it to the control unit 101.

The key maps 104 and 104B store information (map) indicating a key arrangement different from the character arrangement (key arrangement according to the key display) attached to the key group 2A and the numeric key group 2B of the keyboard 2.

For example, in the key map 104A, A, B, C,.
A key arrangement is defined such that the key inputs are, for example, C, D, E,. on the other hand,
In the key map 104B, a key arrangement is defined such that key inputs A, B, C,... According to the key display on the keyboard 2 are F, G, H,.

The key conversion unit 103 is a key array (conversion rule) defined in the key maps 104A and 104B.
The character code input from the control unit 101 is converted according to As a result, a character (for example, “a” or “A”) input in accordance with the key display is converted to a character (for example, “c” or “C”) that does not conform to this. Such a conversion result is passed to the control unit 101.

The functions realized by the key conversion unit 103 and the key map 104 include utility software that provides a user with a keyboard key layout (layout) customization function, such as Keylay for Windows (registered trademark) 98 of Microsoft Corporation. Use 1
This can be realized by changing the positions of the character input keys described above.

  In the present embodiment, two key maps 104A and 104B are shown to indicate that the number of key maps 104 is arbitrary. There may be one key map 104 or three or more.

<< Table / Dictionary switching control >>
When the application 11 requests a Japanese password, the control unit 101 converts a character string (Roman character) corresponding to an apparent password read from the keyboard 2 into a Japanese character string that constitutes a true password. To IM14.

Here, the Kana conversion table 141A stores hiragana conversion tables (a, i, u, e, o, ... → a, i, u, e, o, ...) according to the Romaji notation. Yes. On the other hand, each of the kana conversion tables 141B # 0 and # 1 stores a hiragana conversion table that does not depend on the correspondence between normal romaji notation and hiragana.

For example, the kana conversion table 141B # 0 can store a conversion table based on the conversion rule of (a, i, u, e, o,... → i, ro, ni, ho,...). . Also, the kana conversion table 141
In B # 1, a conversion table having a different conversion rule from 141B # 0 is stored.

  When the state at the time of detecting the password input request is “kana conversion (3)”, the control unit 101 switches the switch SW2 from the kana conversion table 141A side to the 141B side and changes the kana conversion table 141B according to the detailed setting. One of # 0 and # 1 is turned on, and the other is turned off.

As a result, when the apparent password character string (Roman characters constituting the reading) acquired by the control unit 101 from the BIOS 12 is given to the Roman Kana conversion unit 141 of the IM 14, the Roman Kana conversion unit 141 causes the Kana conversion table 141B # 0. Is used to convert the apparent password string into a true password consisting of hiragana. Then, the true password is given from the IM 14 to the application 11.

Each of the dictionary 141B # 0 and # 1 stores a conversion table from hiragana (reading) to kanji that is not registered in the dictionary 141A. The registered contents of the dictionaries 141B # 0 and # 1 are different from each other. Note that kanji (dictionary registration contents) corresponding to reading stored in each dictionary 141B partially or constitute a true password, and only one kanji is prepared for a plurality of readings.

  When the state at the time of detecting the password input request is “Kana-Kanji conversion (4)”, the control unit 101 switches the switches SW2 and SW3 from the Kana conversion table 141A and the dictionary 142A side to the 141B and 142B side and performs detailed settings. Accordingly, one of the kana conversion table and the dictionary is turned on, and the other is turned off.

  As a result, when the apparent password character string (Roman characters constituting the reading) acquired by the control unit 101 from the BIOS 12 is given to the Roman Kana conversion unit 141 of the IM 14, the Roman Kana conversion unit 141 causes the Kana conversion table 141B # 0. Is used to convert the apparent password string into a hiragana string. Subsequently, the kana-kanji conversion unit 142 converts the converted hiragana character string into kanji corresponding to the kanji reading (dictionary registration contents). The conversion result constitutes a true password. The true password is given from the IM 14 to the application 11.

  The dictionary 142B and the control table 143B can be realized by using a dictionary or control table customization function provided in a Japanese input system such as Microsoft's IME 2000, for example. The number of kana conversion tables and dictionaries can be set arbitrarily.

<Operation example>
Next, an operation example of the password conversion apparatus 10 will be described focusing on processing by the control unit 101. 3 and 4 are flowcharts showing processing by the control unit 101.

  The process illustrated in FIG. 3 is started when the control unit 101 detects a password input request from the application 11. When the processing starts, the control unit 101 first performs switching control of the switch SW1 so that the keyboard input is input to the password conversion device 10 (step S1). As a result, the control unit 101 enters a state in which an apparent password input from the keyboard 2 toward the application 11 is acquired instead of the application 11.

  Next, the control unit 101 determines whether the current character input mode using the keyboard 2 is alphanumeric or Japanese (step S2). For example, the control unit 101 can determine the input mode according to the state of the on / off key of the IM 14. If the input mode is single-byte alphanumeric characters (IM14 off), the process proceeds to step S3. If the input mode is Japanese (IM14 on), the process proceeds to step S14.

In the following description of FIGS. 3 and 4, the true password in the half-width alphanumeric input mode is “ABCD”, for example, and the true password in the Japanese input mode is “true (reading is“ shin ”)”. Assume that

In step S <b> 3, the control unit 101 refers to the state management table 105 (FIG. 2) and identifies the currently turned on state. At this time, if the current state is “switching key control (0)”, the process proceeds to step S4, and if it is “key conversion (1)”, the process proceeds to step S7, where “increase / decrease number of characters (2)”. ", The process proceeds to step S9.

In step S <b> 4, the control unit 101 gives a control instruction according to the detailed settings defined in the state management table 105 to the switching key control unit 102. Thereby, the switching key control unit 102 sets a predetermined switching key (switching key specified in the table 105) to a predetermined state (switches on / off). For example, the Caps lock key is set to on. At this time,
The lighting / extinguishing control of the LEDs 2C and 2D is not executed so that the key state switching is not recognized by the user.

Next, the control unit 101 waits for a password confirmation input (key entry of an input confirmation key (for example, Enter key)) performed after an apparent password input is performed on the keyboard 2 (loop processing in step S5). ). When the input of the password is completed, the user presses the input confirmation key as an operation that means the end of the input. At this time, the input character is displayed as a hidden character on the display 3. When the input confirmation key is pressed, the password input screen (window W) displayed on the display 3 is deleted.

When the control unit 101 detects input confirmation of the password (S5; YES), it gives a control instruction to the switching key control unit 102 and returns the state of the switching key (Caps Lock key) controlled in step S4 to the original state ( In step S6), the password at the confirmation input is delivered to the application 11 as a true password (step S11).

  At the time of confirming input, for example, “ABCD” (true password) that is input by the user with the intention of inputting the apparent password “abcd” is held in the control unit 101. The password character string (“ABCD”) output from the control unit 101 is input to the application 11 through the IM 14 in the off state.

  The application 11 performs verification processing (authentication processing) between the delivered password and the true password (“ABCD”) held by the application 11. At this time, if they match, it is assumed that the user is an appropriate user, and a process of providing the user with a predetermined work environment by the application 11 is executed. On the other hand, if the delivered password and the true password do not match, the application 11 outputs a password re-input request to the display 3.

When the control unit 101 passes the password to the application 11, it determines whether or not a password re-input request is output to the display 3 within a predetermined time (step S).
12). That is, the control unit 101 monitors a password re-input request for a predetermined time.

  When a password re-input request is detected (S12; YES), the control unit 101 returns the process to step S2, and executes the same process as the previous process for the re-input password.

On the other hand, when the password re-input request is not detected (S12; NO), it is assumed that the password authentication is successful, the keyboard input (switch SW1) is returned to the original state (step S13), and the process is terminated.

  By the way, when it is determined in step S3 that the current state is “key conversion (1)”, the control unit 101 determines an input confirmation key that is performed following the input of the password character string, as in step S5. Wait for keystroke (determined input) (loop processing in step S7).

  When the control unit 101 detects a confirmed input (S7; YES), the control unit 101 controls the password character string (for example, the apparent password “BCDE”) input at that time together with the detailed setting in the state management table 105. To the key conversion unit 103. As a result, the key conversion unit 103 converts the password character string (“BCDE”) into a different password character string (“ABCD”) using the designated key map 104.

The control unit 101 receives the conversion result from the key conversion unit 103 and outputs it as a true password. The output password is handed over to the application 11 as input from the keyboard 2. Thereafter, the processes in steps S12 and S13 as described above are executed, and the process shown in FIG. 3 ends.

  By the way, when it is determined in step S3 that the current state is “increase / decrease in number of characters (2)”, the control unit 101 uses an input confirmation key that is performed following the input of the password character string, as in step S5. Wait for keystroke (confirmed input) (loop processing in step S9).

When the control unit 101 detects a confirmed input (S9; YES), the control unit 101 executes a character number increasing / decreasing process on the character string (for example, “ABCDE”) constituting the apparent password input by the user at that time (step S9; YES) S10).

  In this example, in the state management table 105, “decrease in number of characters (1)” is set as detailed information of the state (2), that is, “increase / decrease in number of characters (2)”. Suppose that it is specified to delete the last character.

The control unit 101 deletes the last character of the password character string “ABCDE” according to this detailed information, generates a different password character string “ABCD”, and outputs it as a true password. The output password is delivered to the application 11 (S11). Thereafter, the processes in steps S12 and S13 as described above are executed, and the process shown in FIG. 3 ends.

  If it is determined in step S2 that the input mode is Japanese and the process proceeds to step S14, the control unit 101 refers to the state management table 105, and the current state is “kana conversion (3)”. Or “Kana-Kanji conversion (4)”.

  If the state is “kana conversion (3)”, the control unit 101 advances the process to step S15. In step S15, the control unit 101 controls the switch SW2 in accordance with the detailed information of the state to switch the kana conversion table 141A to the kana conversion table 141B, and only one of the kana conversion tables 141B (# 0 or # 1). Set to on.

  On the other hand, if the state is “Kana-Kanji conversion (4)”, the control unit 101 advances the process to step S16. In step S16, the control unit 101 controls the switch SW2 according to the detailed information of the state, switches the kana-kanji conversion table 141A to the kana conversion table 141B, and sets only one of the kana conversion tables 142B to ON. Further, the control unit controls the switch SW3 to switch the dictionary 142A to the dictionary 142B and set only one of the dictionary 142B (# 0 or # 1) to ON.

When step S15 or S16 ends, the control unit 101 turns on / off the control key according to the detailed information of the corresponding state (switches the control key table: step S1).
7 and S18).

Next, the control unit 101 waits for a confirmation input that is input following the input of the password character string (Roman characters) that is input as an apparent password (Japanese) reading (loop processing in step S19). ).

When the control unit 101 detects a confirmed input (S19; YES), it passes the password character string input from the keyboard to the IM 14 (step S20). As a result, in the IM 14, the Romaji-kana conversion unit 141 uses the specified kana conversion table 141B for the password character string (for example, “ni-se (false)” in Roman notation) received from the control unit 101. To hiragana. Here, it is assumed that “shin (ni → se, se → n)” is obtained as the conversion result.

  The control unit 101 is configured to receive a kana conversion end notification output by the IM 14 at the end of the kana conversion process. When the control unit 101 passes the password character string to the IM 14, the control unit 101 waits for reception of the kana conversion end notification (loop processing in step S 21).

  Upon receiving the kana conversion end notification, the control unit 101 refers to the state management table 15 again and confirms the current state (step S22). At this time, if the state is “kana conversion (3)”, the control unit 101 gives a delivery instruction to the IM 14 assuming that a true password has been obtained by the kana conversion process (step S25). Then, the IM 14 delivers “shin” obtained by the kana conversion process to the application 11 as a true password. Thereafter, the process proceeds to step S12 (FIG. 3).

  On the other hand, if the state is “kana-kanji conversion (4)”, the control unit 101 gives a kanji conversion instruction to the IM 14 (step S23). Then, in IM14, the kana-kanji conversion unit 142 performs kanji conversion processing. That is, the kana-kanji conversion unit 142 reads the hiragana “shin” obtained by the kana conversion process and extracts the corresponding kanji from the designated dictionary 142B.

  Here, in the designated dictionary 142B, only the kanji character “true” constituting the true password for the reading “shin” is registered, and the kanji character “true” is obtained as a conversion result for the reading. When the conversion result is obtained in this way, the IM 14 notifies the control unit 101 of the end of the kanji conversion process.

  When the control unit 101 instructs the kanji conversion process, the control unit 101 waits for receipt of a notification of completion of the kanji conversion process (loop processing in step S24). When the end notification is received, a delivery instruction is given to the IM 14 (step S25). Then, the IM 14 hands over “true” obtained by the kanji conversion process to the application 11 as a true password. Thereafter, the process proceeds to step S12 (FIG. 3).

When the process proceeds to step S12, the control unit 101 performs the same process as described above (
S12, S13), the processing shown in FIGS. 3 and 4 is terminated. However, the control part 101 returns the state of switch SW2-SW4 to the state before the start of the said process in step S13.

<Effect>
According to the operation example described above, an apparent password such as “BCDE” or “ABCDE” or “false” or “false” notified to the user in advance is sent to the computer 1 when a password is requested. When the password is input, the password conversion device 10 converts these apparent passwords into true passwords such as “ABCD”, “shin”, and “true” and passes them to the application 11.

On the other hand, the password character string input by the user is displayed in hidden characters until the input confirmation key is pressed, and when the input confirmation key is pressed, the window W is erased from the screen. As a result, the user cannot know from the outside that the contents of the input characters and that the password has been converted after the input is confirmed.

  Therefore, according to the password conversion device 10, the user can be provided with the environment for using the application 11 without notifying the user of the real password by notifying the user of the apparent password and allowing the user to input the password.

Further, the password conversion device 10 is interposed between the keyboard 2 as an input means and the application 11 and is independent of the application 11. Then, the true password incorporated in the application 11 is not altered. As a result, by changing the conversion rule for the apparent password set in the password conversion device 10, the password (notifying the user) without changing the application 11 (
(Apparent password) can be changed.

<Password management device>
Next, a configuration for changing (updating) a conversion rule set in the password conversion apparatus 10 and changing (updating) an apparent password to be notified to the user according to the change rule will be described.

"Constitution"
FIG. 5 is a diagram illustrating a configuration example of the password management apparatus 20 for managing password conversion rules (apparent passwords) related to the computer 1. The password management device 20 is connected to a plurality of computers 1 equipped with the password conversion device 10 via a network (for example, the Internet).

The password management device 20 is a password for the application 11 of each computer 1 (
(Real password) is managed, an apparent password to be notified to the user of each computer 1 is generated, and a conversion rule for converting the apparent password into a true password is provided to each password conversion device 10. Update information for setting is generated, and an electronic mail including these is transmitted to each computer 1.

  The password management device 20 can be configured using an information processing device (computer) having a communication function including a processor such as a CPU, storage means such as a main memory and an external storage device, an input / output interface, a communication interface, and the like. .

In FIG. 5, the password management device 20 has a control unit 201, a switching key correspondence conversion unit 202, a key conversion unit 203, and key maps 204 </ b> A and 204 </ b> B by causing a processor to execute a program stored in a storage unit. , An IM 204 having a romaji kana conversion unit 241, a kana-kanji conversion 242 and a control key processing unit 243, a kana conversion table 241B # 0, # 1, a dictionary 242B # 0, # 1, a control key table 243B, and a management It functions as a device having a table 205, a status code management table 206, a mail creation / transmission unit 207, and a communication I / F 208 connected to a network.

  FIG. 6 is a diagram illustrating a data structure of the status code management table 206 referred to by the control unit 201. As shown in FIG. 6, the status code table 206 includes a status code list that can be set for the password conversion apparatus 10 and a pointer 210 that can point to each record constituting the list. When the pointer 210 comes to the end of the record, the pointer 210 is configured to point to the first record.

The status code list includes a plurality of records indicating status codes that can be selected by the control unit 201. The status code is composed of a combination of a code indicating a status that can be taken by the password conversion device 10 and a code indicating detailed information corresponding to the status.

  In the example shown in FIG. 6, the leftmost number of the status code indicates the status (0) to (4) as shown in FIG. 2, and the second and subsequent numbers from the left can be set for the corresponding status. The contents of detailed information are shown.

  For example, the status code “01” indicates the status “switching key control” and “switching key type” “Caps”. Alternatively, the status code “10” indicates the status “key conversion” and “key map number” “0”.

  Thus, the status code indicates the content of the conversion rule set by the password conversion device 10. The numbers in parentheses in the state management table shown in FIG. 2 indicate the state and detailed information code according to the state code system.

FIG. 7 is a diagram illustrating an example of the data structure of the management table 205 that is referred to and managed by the control unit 201. In FIG. 7, the management table 205 is prepared for each application (computer) having a computer ID (identification information of the computer 1), an application number, a true password, a status code, a mail address, and an apparent password as elements. Consists of multiple records.

  In the management table 205, the computer ID, application number, true password, and mail address are stored in a fixed manner. On the other hand, the status code is written by the control unit 201 from the status code management table 206 at an appropriate timing (for example, every predetermined period). The apparent password is updated every time the status code in the table 205 is updated.

  Returning to FIG. 5, the control unit 201, the switching key correspondence conversion unit 202, the key conversion unit 203, and the IM 204 are procedures reverse to the process in which the password conversion apparatus 10 converts the apparent password into a true password according to the status code. To create an apparent password from the true password.

  For example, the switching key correspondence conversion unit 202 creates an apparent password “abcd” from a true password (for example, “ABCD”) according to the status code “01”. Alternatively, the key conversion unit 203 creates an apparent password “BCDE” from a true password (for example, “ABCD”) with reference to the key map 204A or 204 according to the status code “10”.

Alternatively, the control unit 201 creates an apparent password “ABCDE” or the like from a true password (for example, “ABCD”) in accordance with the status code “20” and a password increase / decrease rule set in advance in itself. Alternatively, the IM 204 uses the kana conversion table 241B, the dictionary 242B, and the control key table 243B according to the status code “3X” or “4X” (X is arbitrary detailed information), and uses a true password (for example, “shin” or “ From “true”), the apparent password “false” or “false” is created.

<Operation example>
The control unit 201 reads the status code related to the update at a predetermined timing from the status code management table 206, performs apparent password creation control according to the status code, and includes the apparent password and status code thus created. E-mail creation and transmission control is executed.

FIG. 8 is a flowchart showing processing by the control unit 201. Hereinafter, an operation example of the password management apparatus 20 will be described with a focus on processing by the control unit 201.

  However, in order to simplify the explanation, as shown in FIG. 6, the plurality of applications 11 have the same true password, and the status codes (set for each computer 1 (password conversion device 10)) ( The case where the same password (apparent password created according to the status code) is set and created will be described. Moreover, the case where the same e-mail address to each computer 1 is used is shown.

  However, it is possible to apply a password different for each application, apply a different status code to each application 11, or allow the computer 1 to have a different mail address.

  In FIG. 8, the control unit 201 starts the processing at a constant cycle (for example, every 24 hours). When starting the processing, the control unit 201 refers to the status code management table 206 (FIG. 6) and moves the pointer 210 by one (step S201).

Next, the control unit 201 takes out the status code in the record pointed to by the pointer 210 (step S102). The control unit 201 sets the status code extracted from the table 206 in the management table 205 (FIG. 7).

Next, the control unit 201 generates an apparent password corresponding to the status code (step S103). That is, the control unit 201 analyzes the contents of the status code, and according to the status code, any one of the switching key correspondence conversion unit 202, the key conversion unit 203, the IM 204, and the control unit 201 that should generate an apparent password. And the true password in the management table 205 is given to the specified object. The control unit 201 receives a reverse conversion result (apparent password) of the true password from the identified target.

Next, the control unit 201 updates the management table 205 (step S104). That is, the control unit 201 stores the apparent password in the management table 205. Next, the control unit 201 encrypts the status code obtained in step S102 according to a predetermined encryption method (
Step S105).

  Next, the control unit 201 generates an e-mail generation and transmission instruction including an encrypted status code (encryption code), an apparent password (update information), and an e-mail address (destination address) of each computer 1. The mail is sent to the mail creation / transmission unit 207 (step S106). Then, the process ends.

  The mail creation / transmission unit 207 is realized by using a so-called mailer automatic mail creation / transmission function. The mail creation / transmission unit 207 has a mail text format (an email file template), and inserts an apparent password at an apparent password entry position in the text. Also, the mail creation / transmission unit 207 inserts an encryption code at a predetermined position in the mail text. The encryption code may be entered in an invisible area in the email file.

  The mail creation / transmission unit 207 designates a transmission source address and a destination address for the email that has been created, and then transmits the email through the communication I / F 208. The electronic mail is stored in a mailbox corresponding to the destination address through the network.

On the other hand, in FIG. 1, the mailer 15 is configured to immediately download an electronic mail via the communication I / F 4 when the electronic mail arrives in the mailbox. When the electronic mail is downloaded, the control unit 101 refers to the transmission source address of the electronic mail. At this time, if the transmission source address is an address indicating that from the password management device 20 (the control unit 101 knows in advance), the conversion rule update processing as shown in FIG. 9 is started.

  FIG. 9 is a flowchart illustrating an example of conversion rule update processing executed by the control unit 101. The process shown in FIG. 9 is started when the control unit 101 detects an e-mail from the password management apparatus 20.

  In FIG. 9, first, the control unit 101 cuts out (extracts) the encrypted status code stored in a predetermined position of the e-mail (step S201). Next, the control unit 101 decrypts the encrypted status code to obtain the status code (step S202).

Next, the control unit 101 refers to the state management table 105 (FIG. 2) and performs on / off setting of a flag according to the state code (step S203). Subsequently, the detailed information in the state management table 105 is updated according to the code content indicating the detailed information in the status code (step S).
204). Then, the control unit 101 ends the process.

<Function and effect>
The above-described password conversion device 10 is mounted (installed) on the computer 1 arranged in the company, for example. Each computer 1 is connected to the password management apparatus 20 via a network.

  For example, the password management device 20 is set to generate and send an e-mail including update information as shown in FIG. 8 outside the business hours of the company (for example, late at night). Then, the conversion rule (apparent password) is updated before the business start time.

  Accordingly, the user (employee) of each computer 1 can know the apparent password used to start the application 11 today by checking the e-mail from the password management device 20 downloaded by the mailer 15 at the time of work. it can. If the user inputs an apparent password when the application 11 is activated, the password management apparatus 10 converts the apparent password into a true password according to the status code related to the update, and provides the application 11 with the apparent password. Thereby, the user can start the application 11 normally.

  At this time, the status code is stored in an invisible area in the e-mail, or the content cannot be grasped by the user by encryption, so the user cannot know the true password from the status code.

  As described above, a system for easily changing the password for starting the application 11 in a short time is constructed. By adjusting the processing interval by the password management device 20, the password can be updated not in days but in hours or minutes.

  In addition, the status code is divided into detailed status information and combinations of states (for example, conversion processing of states (3) and (4) that read alphabetic characters obtained in states (0) to (2)). Can be easily increased. That is, a large number of conversion rules can be created as needed.

The processing described above is executed in parallel in each of a large number of computers 1 connected to the password management device 20. Therefore, password change processing for a large number of computers 1 (applications) can be easily performed at a time.

  According to the embodiment described above, without the password conversion device 10, the user cannot use the application 11 using the apparent password. For this reason, for example, even if the user (employee) takes the application 11 restricted to use in the company outside and installs it on a personal computer at home, for example, the password conversion device 10 is not installed. As a result, the application 11 cannot be used. Thereby, it is possible to effectively limit the use of the application 11.

  Further, according to the embodiment, the apparent password can be updated every short period (for example, every day) by a simple method. For this reason, even if a certain user (employee) retires, an apparent password is leaked from the employee, and hacking based on this leaks, the apparent password has already been updated. The application 11 cannot be used with the above password. In this way, the security of the application 11 can be improved.

In the configuration of the above-described embodiment, the conversion table itself (key map or the like) may be distributed instead of the status code. Further, the apparent password may be notified to the user by a method different from the status code.

It is a figure which shows the structural example of the information processing apparatus carrying the password converter by this invention. It is a figure which shows the example of a data structure of the state management table shown in FIG. It is a flowchart which shows the example of the process by the control part shown in FIG. It is a flowchart which shows the example of the process by the control part shown in FIG. It is a figure which shows the structural example of the password management apparatus which concerns on embodiment of this invention. It is a figure which shows the example of a data structure of the status code management table shown in FIG. FIG. 6 is a diagram illustrating a data structure example of a management table illustrated in FIG. 5. It is a flowchart which shows the process by the control part of the password management apparatus shown in FIG. It is a flowchart which shows the process example of the control part of the password conversion apparatus at the time of the email reception from the password management apparatus shown in FIG.

Explanation of symbols

1. Information processing device (computer)
2 ... Keyboard 3 ... Display 4 ... Communication interface 10 ... Password converter 11 ... Application (software)
14 ... IM
20 ... Password management device 101 ... Control unit 102 ... Switching key control unit 103 ... Key conversion unit 104A, 104B ... Key map 105 ... State management table 141B ... Kana conversion table 142B ... Dictionary

Claims (11)

A password conversion device interposed between software requesting password input and an input means for inputting a password in response to a password input request from the software,
An acquisition means for acquiring a password input via the input means without passing it to the software;
Storage means for storing password conversion rules;
Conversion means for converting the acquired password into a different password according to the conversion rule;
A password conversion device including means for delivering the converted password to the software. A receiving means for receiving the update information of the conversion rule;
The password conversion apparatus according to claim 1, further comprising an update unit that updates a conversion rule in the storage unit using the update information. The password conversion apparatus according to claim 2, wherein the reception unit receives update information input through a communication line. 4. The conversion rule according to claim 1, wherein the conversion rule includes a rule for converting a password input according to a key layout display for a plurality of keys of the input unit into a different password according to a key layout different from the key layout display. The password conversion device described. The password conversion device according to claim 1, wherein the conversion rule includes a rule for converting an input character into the same type or different type of character different from the input character. The password conversion device according to claim 1, wherein the conversion unit generates the different password having a number of characters larger or smaller than a number of characters of the input password. 2. The conversion rule includes a rule for switching a key state at the time of password input to another state without being known by a user when a certain key included in the input unit has a plurality of states. The password conversion apparatus in any one of -6. The password conversion device according to claim 1, wherein the conversion unit starts the conversion process after the password input from the input unit is completed. A password conversion device interposed between software requesting password input and an input means for inputting a password in response to a password input request from the software,
Obtaining the password entered via the input means without passing it to the software;
Converting the acquired password into a different password according to a conversion rule stored in the storage means;
A password conversion method including delivering the converted password to the software. A program that causes a computer to function as a password conversion device interposed between software that requests password input and input means for inputting a password in response to a password input request from the software,
Obtaining a password input via the input means without passing it to the software;
Converting the acquired password into a different password according to a conversion rule stored in a storage means;
A program for causing a computer to execute the step of delivering the converted password to the software. Means for generating information indicating a conversion rule for returning an apparent password generated from a true password requested by software to the true password;
Means for transmitting the information indicating the conversion rule to a computer equipped with a password conversion device that converts the apparent password into a true password according to the software and the conversion rule and delivers the information to the software via a communication line. Password management device.

Images