JP2017130069A - Password input device - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a password input device that allows an easy authentication operation to maintain security strength.SOLUTION: A control unit of a password input device is configured to cause characters to be randomly displayed on each cell of a matrix display part 401 of a display unit 105 upon private authentication. In this instance, the same characters as the characters displayed on cells 411a to 411d at a location corresponding to one or more cells (registration cell) arbitrary selected by a user in advance upon password registration from the characters are caused to be displayed on one or more cells at a location corresponding to the registration cell other than the cells 411a to 411d. The control unit is configured to, when the user selects the same character upon the password registration and selects the cells other than the cells 411a to 411d corresponding to the registration cell by the number of characters upon the password registration, judge that private authentication is normal, and when the user selects the cells 411a to 411d corresponding to a position of the registration cell, invalidate the private authentication.SELECTED DRAWING: Figure 5

Description

  The present invention relates to a password input device for inputting a password.

  A user-owned device such as a smartphone performs user authentication using a password, an operation pattern, or the like to hold user information, and permits (unlocks) the operation of the device. In the method using a password or an operation pattern, if the password or the operation pattern is stolen, the lock is released. Increasing the number of characters in the password and the type of authentication impairs the convenience of the authentication operation, such as the user being unable to remember the password.

  For this reason, there is a technique for displaying a background design, a character presentation zone, and a character input zone. A plurality of password characters are displayed on the background design, and the block position of the password is stored in the background design for the user. Thereafter, a different password character string is displayed on the block on the background design each time, and if the password character displayed by the password position is input in the character input area, the lock is released (see, for example, Patent Document 1).

  In addition, there is a technique for unlocking the display by randomly displaying the same number on the password input screen and selecting the same number as the registered password from the display. Further, there is a technique for displaying a plurality of images by category, selecting a category, and using image data in the category as a password (see, for example, Patent Documents 2 and 3 below).

JP 2009-146378 A JP 2006-243938 A JP 2003-122721 A

  However, in the related art, when an operation (registered character and character input order) at the time of password registration or the like is stolen, the lock is released by performing the same operation as the user at the time of authentication. In addition, since the background design and the character input area are displayed at different positions, the viewpoint of the user must be moved, the operability of the authentication operation is reduced, a predetermined display area is required, and the size of the device is reduced. Cannot be achieved. If the display area is reduced, the number of characters for the password is reduced and the security strength cannot be improved.

  In one aspect, an object of the present invention is to facilitate an authentication operation and maintain security strength.

  In one proposal, the password input device includes an input unit that selects a character displayed on the display unit by a user operation, and at the time of authentication, the character is randomly displayed on a plurality of squares of the display unit, and the character is displayed. One of the cells other than the cell at the position corresponding to the registered cell is the same character as the character displayed on the cell at the position corresponding to one or more registered cells arbitrarily selected by the user during registration. It is a requirement to include a control unit that displays more than one and invalidates authentication when a cell at a position corresponding to the registered cell is selected by the input unit.

  According to one embodiment, the authentication operation is easy and the security strength can be maintained.

FIG. 1 is a diagram illustrating a hardware configuration example of the password input device according to the embodiment. FIG. 2 is a diagram illustrating a password registration example of the password input device according to the embodiment. FIG. 3 is a flowchart of a password registration process example of the password input device according to the embodiment. FIG. 4 is a diagram for explaining a regular operation example of personal authentication of the password input device according to the embodiment. FIG. 5 is a diagram for explaining an illegal operation example of personal authentication of the password input device according to the embodiment. FIG. 6 is a flowchart illustrating an example of personal authentication processing of the password input device according to the embodiment.

(Embodiment)
FIG. 1 is a diagram illustrating a hardware configuration example of the password input device according to the embodiment. The password input device 100 is applied to a device that stores and holds the personal information of a user, and permits the operation of the device set to be locked based on a password input operation that matches the password at the time of registration.

  The password input device 100 illustrated in FIG. 1 is an example applied to a mobile terminal device having a wireless communication function such as a smartphone, a tablet, or a mobile phone. The password input device 100 includes a control unit 101, a wireless control unit 102a, a wireless unit 102b, a storage unit 103, a touch panel 104, a display unit 105, a call / voice unit 106, a power unit 107, a camera unit 108, a receiver (speaker) 109, Includes a microphone 110 and the like. The password input device 100 can be similarly applied to a mobile terminal device that does not have the wireless control unit 102a and the wireless unit 102b, which are wireless communication functions.

  The control unit 101 includes, for example, a processor such as a CPU, controls various functions (applications) of the portable terminal device, and performs control related to password registration and authentication of the password input device 100. For example, the CPU reads and executes various control programs stored in the ROM 103a of the storage unit 103, and the function of the control unit 101 can be obtained by using the RAM 103b as a work area at this time.

  The wireless control unit 102a is connected between the wireless unit 102b and the control unit 101, and performs data processing related to a call or wireless communication of data. The radio unit 102b transmits the radio signal data-processed by the radio control unit 102a to a mobile phone network or the like with radio waves of a predetermined radio frequency via an antenna. For example, the wireless unit 102b performs wireless communication with the base station, and transmits and receives wireless signals to and from other mobile terminal devices having a wireless communication function. The radio signal received from the radio unit 102 b is subjected to radio data processing (reception processing) by the radio control unit 102 a and output to the control unit 101. The data output from the control unit 101 is subjected to wireless data processing (transmission processing) by the wireless control unit 102a and wirelessly transmitted via the wireless unit 102b.

  For example, the call / voice unit 106 acquires voice from the microphone 110 and outputs it from the receiver (speaker) 109 during wireless communication. The call / voice unit 106 is included in the mobile terminal device and uses the microphone 110 and the receiver 109 based on various functions (applications) executed by the control unit 101.

  As described above, the storage unit 103 includes the ROM 103a, the RAM 103b, a flash memory (not shown), and the like, and stores and holds various data (programs and user data of various applications executed by the control unit 1010) of the mobile terminal device. . The storage unit 103 holds authentication information including a password. The control unit 101 can also maintain the security of the authentication information inside the device by encrypting the authentication information by a predetermined encryption method and storing it in the storage unit 103.

  The touch panel 104 functions as an input unit for characters and the like by a user operation. For example, the touch panel 104 is a transparent operation unit provided on the display unit 105 and detects a contact position of a user's finger using XY coordinates or the like. Using the touch panel 104, various operations of the portable terminal device and password registration and authentication operations described later are performed. Password characters include hiragana, kana, kanji, symbols, numerical values, other languages such as alphabets, etc., and can be arbitrarily set by the user.

  The display unit 105 displays various information for various operations of the mobile terminal device and password registration and authentication operations. The power supply unit 107 supplies operating power to each unit of the mobile terminal device. The camera unit 108 captures an image.

(Example of password registration)
FIG. 2 is a diagram illustrating a password registration example of the password input device according to the embodiment. For example, when registering a password in which the mobile terminal device is a smartphone, the control content by the control unit (CPU) 101 and the operation content of password registration by the user will be described in order.

  First, at the time of password registration operation by the user, the control unit 101 displays a password registration screen 200 on the display unit 105 as shown in FIG. The password registration screen 200 includes a position display unit (matrix display unit) 201 at the center of the screen and a password display unit 202 positioned above the matrix display unit 201. The matrix display unit 201 is arranged in a grid pattern in the vertical and horizontal directions, and includes a plurality of cells 211 having a predetermined number of matrices.

  A transparent touch panel 104 is superposed on the display unit 105. The user touches a predetermined square 211 portion of the matrix display unit 201 displayed on the display unit 105 with a finger (operation selection), so that the touch panel 104 has position information (XY coordinates) of the operation-selected square 211. Is output to the control unit 101.

  Then, as shown in FIG. 2B, the user selects and operates at least one square 211 on the matrix display unit 201 at the time of password registration. When two or more are selected, the cells 211 are selected one by one in order. In the example of FIGS. 2B to 2E, this corresponds to the case where the operation selection is performed four times.

  Each time the user selects and operates the cell 211 on the matrix display unit 201, the touch panel 104 detects the position information (XY coordinates) of the cell 211 on which the operation has been selected and outputs it to the control unit 101. Then, the control unit 101 displays a randomly selected character in the portion of the cell 211 selected for operation, and displays a character string in the operation selection order on the password display unit 202. The control unit 101 has a function of a random character generation unit (not shown) that randomly selects characters.

  Here, when the user registers the password, the characters displayed in the operation-selected cell 211 and the information on the operation selection order displayed on the password display unit 202 are used for later personal authentication. However, the character string displayed on the password display unit 202 as a password operated by the user at the time of password registration is randomly changed at the time of personal authentication described later, and is an invalid (dummy) password.

  In the example of FIGS. 2B to 2E, for convenience, the operation-selected cell 211 and the password display unit 202 have ascending numbers “1”, “2”, “3”, “4” in order of operation selection. The example which displayed is shown. At this time, it is assumed that the cells 211a, 211b, 211c, and 211d are sequentially selected (referred to as registered cells). The control unit 101 causes an arbitrary character to be displayed for each operation selection of the registration cell 211 and causes the password display unit 202 to display characters in the input order.

  Then, as shown in FIG. 2F, the user operates the confirm button 203 so that the control unit 101 confirms the operation (operation end) related to password registration. As mentioned above, the password as a character string is not registered. Therefore, the control unit 101 sets (stores) each position of the cell 211 (registered cell) selected by the user and the order of the cell 211 (registered cell) selected by the user as authentication information at the time of password registration. By operating the delete button 204, the operation selection by the user immediately before can be deleted (cancelled).

  When such a plurality of cells 211 are selected for operation, the user only has to memorize the positions of the selected cells 211 (registered cells) and the order of operation selection. That is, the characters displayed on the matrix display unit 201 and the password display unit 202 are invalid (dummy) passwords that cannot be used for personal authentication and do not need to be stored by the user.

  Also, at the time of personal authentication described later, characters are displayed on a square having the same number of matrices as the square 211. At the time of personal authentication, the user can select and register the character type to be displayed on the cell 211. The character type is a character to be displayed when the user performs personal authentication.For example, any number of patterns such as numbers only, letters only, mixed numbers and letters, hiragana, katakana, kanji, etc. is selected and registered in advance. I can keep it.

  Further, after the operation of the confirmation button 203 in FIG. 2 (f), the control unit 101 displays a selection screen 221 for the presence / absence of character display shown in FIG. 2 (g) on the display unit 105. The above password registration process is terminated.

  On the selection screen 221, selection buttons 222 a and 222 b are provided for selecting whether to display the selected alphanumeric characters as they are or not to display them during personal authentication. If the selection button 222a is selected, the control unit 101 displays characters (alphanumeric characters) at the time of personal authentication later. If the selection button 222b is selected, the control unit 101 does not display characters (alphanumeric characters) at the time of personal authentication later. In this case, the display on the password display unit 202 is displayed, for example, with a symbol such as “*” that cannot identify the character.

  FIG. 3 is a flowchart of a password registration process example of the password input device according to the embodiment. The process example which the control part 101 performs is shown. First, at the time of password registration operation, the control unit 101 displays a matrix display unit 201 and a password display unit 202 as a password registration screen 200 on the display unit 105 (step S301).

  Next, when the user selects one or a plurality of cells 211 on the matrix display unit 201 during password registration, the control unit 101 uses the position and order of the operation-selected cell 211 (registered cell) as authentication information. Store and hold (step S302). At this time, the control unit 101 displays a randomly selected character in the operation selected cell 211 (registered cell), and displays a character string in the operation selection order on the password display unit 202. Thereafter, when the user operates the confirm button 203, the control unit 101 confirms password registration (ends processing).

  Thereafter, the control unit 101 stores the setting of the character type to be displayed on the cell 211 at the later personal authentication (step S303). Thereafter, the control unit 101 stores the setting of whether to display characters at the time of personal authentication later (step S304), stores the authentication information including the above settings, and ends the process. These character types and presence / absence of character display are selected and set by a user operation.

(Example of personal authentication: during regular operation)
FIG. 4 is a diagram for explaining a regular operation example of personal authentication of the password input device according to the embodiment. That is, an example of personal authentication based on a regular operation by the user who has registered the password will be described. The contents of control by the control unit 101 after the password registration operation described above and the contents of password registration operation by the user will be described in order. The example shown in FIG. 4 is an example in which the character display on the matrix display unit 401 is “present” and the character type to be displayed is “mixed number and character” by setting at the time of password registration.

  In the password registration operation described above, it is assumed that the user selects and operates the cells 211a, 211b, 211c, and 211d of the matrix display unit 201 in order as registered cells (see FIGS. 2B to 2E). At the time of personal authentication, the control unit 101 selects a character other than the cell (designated coordinates) 411 corresponding to the registered cell 211 corresponding to the number of characters at the time of password registration when the user selects the same character as when registering the password. Judge that the personal authentication is normal.

  First, as shown in FIG. 4A, at the time of personal authentication, the control unit 101 displays an authentication screen (initial screen) 400 on the display unit 105. The authentication screen 400 includes a position display unit (matrix display unit) 401 at the center of the screen and a password display unit 402 positioned at the top of the matrix display unit 401, as in the case of password registration. The matrix display unit 401 includes a plurality of squares 411 having the same number of matrixes as the squares 211 at the time of password registration.

  The squares 411 (411a to 411d) indicated by bold lines on the matrix display unit 401 in FIG. 4A describe the positions of the registration squares 211 (211a to 211d) at the time of password registration for convenience. At the time of personal authentication, the control unit 101 does not perform highlighting such as a thick line indicating the position of the registration cell 211 on the matrix display unit 401 shown in FIGS.

  Then, the control unit 101 displays characters of the character type set at the time of password registration on each square 411 of the entire matrix display unit 401. In the example of FIG. 4A, a mixed character of numbers and letters is randomly selected for each square 411 and displayed. Thus, during personal authentication, different characters are displayed for each authentication on each square 411 of the matrix display unit 401 of the authentication screen 400.

  Specifically, the control unit 101 displays random characters on a square 411 corresponding to the registration square 211 (the squares 211a to 211d) at the time of password registration. As shown in FIG. 4A, the character of the thick line 411a is “x”, the character of the square 411b is “0”, the character of the square 411c is “n”, and the character of the square 411d is “1”. .

  The control unit 101 reads information on each position of the designated cell 211 (registered cells, 211a to 211d) set and stored at the time of user password registration and the order of selection of the registered cell 211. Then, characters that are randomly displayed on the cells 411 (411a to 411d) at positions corresponding to the registered cells 211 on the matrix display unit 401 are stored in the storage unit 103 as a verification password. In the example of FIG. 4A, the characters “x”, “0”, “n”, and “1” displayed on the cells 411a to 411d are stored as verification passwords.

  Further, the control unit 101 displays random characters in addition to the positions of the squares 411 (411a to 411d) corresponding to the positions of the registration square 211 at the time of password registration. At this time, the control unit 101 converts the characters (“x”, “0”, “n”, “1”) set in the cells 411 (411a to 411d) into cells other than the positions of the cells 411 (411a to 411d). One or more items are displayed on 411.

  In the example shown in FIG. 4A, the character “x” of the cell 411a is also applied to the five cells 411 (411e, 411f, 411g, 411h, 411i) other than the cell 411a of the matrix display unit 401. It is displayed. The character “0” of the cell 411b is also displayed on the five cells 411 other than the cell 411b. The character “n” of the square 411c is also displayed on three squares 411 other than the square 411c. The character “1” of the square 411d is also displayed on five squares 411 other than the square 411d.

  Next, the user inputs a password on the password display unit 402. At this time, it is not necessary for the user at the time of password registration to store the password character itself, and the user stores only the position of the operation-selected registration cell 211 (211a to 211d) and the operation-selected order. It is in a state.

  In the subsequent operation input, the user does not select the cells 411 (411a to 411d) displayed at the positions corresponding to the registered cells 211 (211a to 211d). That is, the user selects another square 411 (other than 411a to 411d) of the same character as the registered square 211 displayed at a position other than the position corresponding to the registered square 211 (211a to 211d).

  Specifically, as shown in FIG. 4B, the user selects the first character “x” at the time of password registration. However, the character “x” of the cell 411a at the position corresponding to the registered cell 211a is not selected, and the cell 411e, 411f, 411g, 411h, 411i other than the cell 411a on which the character “x” is displayed is selected. One square 411e is selected. At this time, the user may select any of the squares 411e, 411f, 411g, 411h, and 411i other than the square 411a.

  At this time, the control unit 101 performs an operation on a cell other than the cell 411a corresponding to the registered cell 211a, and the first character “x” at the time of password registration matches the first character “x” of the verification password. It is determined that the first character user operation is an appropriate operation.

  Next, as shown in FIG. 4C, the user selects the second character “0” at the time of password registration. However, the character “0” of the cell 411b at the position corresponding to the registered cell 211b is not selected, and one cell 411 (for example, cell 411j) in which the character “0” is displayed from a plurality of cells other than the cell 411b. Select.

  At this time, the control unit 101 matches the second character “0” at the time of password registration with the second character “0” of the verification password, and is an operation of a cell other than the cell 411b corresponding to the registered cell 211b. Therefore, it is determined that the second character user operation is an appropriate operation.

  Next, as shown in FIG. 4D, the user selects the third character “n” at the time of password registration. However, the character “n” of the cell 411c at the position corresponding to the registered cell 211c is not selected, and one cell 411 in which the character “n” is displayed from a plurality of cells other than the cell 411b (for example, cell 411k). Select.

  At this time, the control unit 101 operates the square other than the square 411c corresponding to the registered square 211c, and the third letter “n” at the time of password registration matches the third letter “n” of the verification password. It is determined that the third character user operation is an appropriate operation.

  Next, as shown in FIG. 4E, the user selects the fourth character “1” at the time of password registration. However, the character “1” of the cell 411d at the position corresponding to the registered cell 211d is not selected, and one cell 411 in which the character “1” is displayed from a plurality of cells other than the cell 411d (for example, cell 411m). Select.

  At this time, the control unit 101 performs an operation on a square other than the square 411d corresponding to the registered square 211d and the fourth letter “1” at the time of password registration matches the fourth letter “1” of the verification password. It is determined that the user operation of the fourth character is an appropriate operation.

  When the user selects the same number of characters as in password registration in the order of FIGS. 4B to 4E and all user operations are appropriate, the control unit 101 determines that the personal authentication has been completed normally. to decide. That is, when the user selects the same character as when the password is registered and selects a square other than the square (designated coordinates) 411 corresponding to the registered square 211, the personal authentication is normally performed. Can be completed.

  Then, as shown in FIG. 4 (f), the control unit 101 displays an authentication completion screen 420, and allows the operation of the device that is set to be locked, allowing the operation of the mobile terminal device (smart phone) (to unlock the device). Equivalent). At this time, as shown in the figure, characters such as “authentication OK” indicating that the personal authentication is normally completed may be displayed on the authentication completion screen 420.

  Thereafter, the user can perform various operations of the mobile terminal device (smartphone). In the example of FIG. 4F, various application names are displayed, and the user can select operation of the application.

(Example of personal authentication: during unauthorized operation)
FIG. 5 is a diagram for explaining an illegal operation example of personal authentication of the password input device according to the embodiment. For example, an example of personal authentication at the time of an unauthorized operation by a person other than the user who performed the password registration will be described.

  A person other than the authorized user does not know the position of the registration cell 211 (211a to 211d) at the time of password registration operation. Further, the user does not know that the position (XY coordinates) of the square 411 corresponding to the registered square 211 is necessary instead of the characters displayed on the registered square 211 as a password. The position of one or a plurality of registered cells 211 (the cell (designated coordinates) 411 at the time of personal authentication) selected on the matrix display unit 201 is stored only by the authorized user himself / herself.

  As shown in FIG. 5A, during personal authentication, the control unit 101 displays an authentication screen (initial screen) 400 including a matrix display unit 401 and a password display unit 402 on the display unit 105. During this personal authentication, different characters are displayed for each authentication on each square 411 of the matrix display unit 401 of the authentication screen 400.

  FIG. 5A is the same screen as FIG. 4A, and the bold lines are also shown for convenience in this figure. Actually, the square (designated) corresponding to the registered square 211 on the matrix display unit 401 is shown. (Coordinates) Highlighting such as a thick line indicating the position of 411 is not performed. The control unit 101 randomly displays characters of the character type (mixed number and alphabet) set at the time of password registration on each square 411 of the entire matrix display unit 401.

  An unauthorized user displays a cell 411 at a position corresponding to the registered cell 211 (211a to 211d) in which the four characters “x”, “0”, “n”, and “1” at the time of password registration illustrated in FIG. 2 are selected. I don't know the location of (411a-411d).

  Then, as shown in FIGS. 5B to 5D, an unauthorized user selects the first character “x” with the square 411a, selects the second character “0” with the square 411b, and sets 3 with the square 411c. It is assumed that the character “n” is selected. The operations shown in FIGS. 5B to 5D are in a state in which a square (designated coordinates) 411 corresponding to the registered square 211 at the time of password registration is selected.

  Thereafter, as shown in FIG. 5E, it is assumed that an unauthorized user selects the fourth character “1” with a square 411m. The square 411m is not the designated coordinate (411d). In this case, the control unit 101 detects that all operation inputs (input passwords) up to the fourth character match the verification password. However, the operations up to the third character shown in FIGS. 5B to 5D are all operations of the designated coordinate cell 411 (411a to 411c) corresponding to the registered cell 211 (211a to 211c). Judge.

  As a result, the control unit 101 determines that the operation up to the third character is an inappropriate operation. In this case, even if the operation of the fourth character is appropriate, the control unit 101 invalidates the personal authentication.

  Then, the control unit 101 counts “1” as the number of inconsistencies. In this case, the control unit 101 displays an authentication invalidation screen 520 as shown in FIG. On the authentication invalidation screen 520, a screen that does not permit the operation of the mobile terminal device (smart phone) (maintain lock) is displayed. At this time, as shown in the drawing, a password indicating that the password is incorrect and input again is displayed on the authentication invalidation screen 520.

  Thereby, an unauthorized user cannot perform various operations of the mobile terminal device (smartphone). Thereafter, the control unit 101 displays the personal authentication authentication screen (initial screen) 400 shown in FIG. 5A, clears the previously displayed password display, and causes the user to perform operation input from the beginning again. In addition, when the number of inconsistencies reaches a predetermined number of times (for example, three times as a threshold), the control unit 101 randomly replaces the entire display characters of the cells 411 on the matrix display unit 401 on the initial screen 400. Display.

  For example, it is assumed that an unauthorized user has acquired the four characters “x”, “0”, “n”, “1” and the input order of the characters by some unauthorized method. For example, it is assumed that passwords (character strings “x”, “0”, “n”, “1”) displayed on the password display unit 402 during operation for personal authentication have been stolen. Even in this case, at the time of personal authentication, only the password (character string) is matched and the lock is not released. On the matrix display unit 401, one or more four characters of the designated coordinate squares 411 (411a to 411d) are also displayed on the square 411 other than the designated coordinates. An unauthorized user does not know the position of the designated coordinate cell 411 corresponding to the registered cell 211 (211a to 211d) at the time of password registration operation.

  Therefore, an unauthorized user can select one or more squares 411 (411a to 411d) of designated coordinates when inputting the four characters “x”, “0”, “n”, and “1” registered as passwords. High nature. That is, the possibility of selecting all four characters registered by the unauthorized user as passwords using only the cells 411 other than the designated coordinates can be extremely reduced.

  As a result, even if an unauthorized user has acquired the characters of the password and the input order of the characters by some unauthorized method, the authentication can be invalidated.

  In the above example, the example in which the input password matches the verification password has been described. However, if the input password and the verification password do not match (character string mismatch), the authentication is naturally invalidated.

  FIG. 6 is a flowchart illustrating an example of personal authentication processing of the password input device according to the embodiment. The process example which the control part 101 performs is shown. First, at the time of personal authentication, the control unit 101 displays a matrix display unit 401 and a password display unit 402 as an authentication screen (initial screen) 400 on the display unit 105 (step S601). As shown in FIG. 5, this authentication screen 400 is randomly displayed on each square 411 of the matrix display unit 401 using characters of the character type set at the time of password registration.

  In addition, the control unit 101 stores the characters displayed on the designated coordinate cell 411 as a verification password (step S602). Specifically, the control unit 101 reads out information on the positions of the registration cells 211 (211a to 211d) set and stored at the time of password registration by the user and the order of selection of the registration cells 211. Then, the control unit 101 compares the characters displayed on the cells 411 (411a to 411d) at the positions (designated coordinates) corresponding to the registered cells 211 on the matrix display unit 401 and the order of selection (that is, character strings) with the verification password. Is stored in the storage unit 103.

  In addition, when displaying in step S601, the control unit 101 displays one or more characters that are the same as the characters displayed in the designated coordinates on the cells 411 other than the designated coordinates in random coordinates (step S603).

  Specifically, the control unit 101 displays random characters on a square (designated coordinates) 411 corresponding to the registration square 211 at the time of password registration. For example, as shown in FIG. 4A, characters (“x”, “0”, “n”, “1”) are randomly displayed on cells 411 (411a to 411d) of designated coordinates. Furthermore, the characters (“x”, “0”, “n”) displayed in the designated coordinate cell 411 on all the cells 411 other than the position of the designated coordinate cell 411 (411a to 411d) on the matrix display unit 401. , “1”) are randomly displayed per character.

  Thereafter, the control unit 101 receives an operation input for authentication by the user (step S604). At this time, the user stores the position (XY coordinate) of the registration cell 211 (211a to 211d) that he / she selected and operated at the time of password registration.

  At the time of personal authentication, the user checks the characters displayed on the squares (designated coordinates) 411 (411a to 411d) corresponding to the registration squares 211 (211a to 211d) at the time of password registration. After that, the user follows the pre-arrangement of personal authentication, and the character displayed on the designated coordinate cell 411 (411a to 411d) is changed to the designated coordinate cell 411 (411a) among all the cells on the matrix display unit 401. ˜411d) is selected from the squares 411. At this time, selection is performed in the order of the registration boxes 211 selected at the time of password registration (input password operation in FIGS. 4B to 4D).

  In the user's input password operation in step S604, the control unit 101 determines whether the user has selected no designated coordinates (step S605). If the user has not selected any square 411 (411a to 411d) of the designated coordinates for one or more characters as the input password (step S605: Yes), the process proceeds to step S606. On the other hand, if the user has selected at least one of the designated coordinate cells 411 (411a to 411d) (step S605: No), the process proceeds to step S607.

  In step S606, the control unit 101 determines whether the verification password matches the input password (step S606). If the collation password and the input password match (step S606: Yes), the character string matches by user selection other than the designated coordinates, so the control unit 101 normally terminates the personal authentication and releases the device lock state. (See FIG. 4 (f)). On the other hand, if the verification password does not match the input password (when the character strings do not match, step S606: No), the process proceeds to step S610.

  The processing after step S607 is processing for invalidating the personal authentication by the current user operation. In step S607, the control unit 101 determines whether or not to display the password selected by the user as characters on the password display unit 402 based on the setting at the time of password registration (step S607).

  If the setting is made so that the password selected by the user is not displayed as a character (step S607: No), the character selected by the user is hidden (for example, the symbol “*”) and displayed on the password display unit 402, and authentication is also invalidated (step S608). ), The process proceeds to step S610. In the case of setting to display the user-selected password as characters (step S607: Yes), the user-selected character is displayed as it is on the password display unit 402, but the authentication is invalidated (step S609). The invalidation of authentication at the time of step S608 and step S609 is a state in which the invalidation of authentication for the current user operation is determined inside the control unit 101, and the outside (user) is not immediately notified. It is.

  Thereafter, in step S610, the control unit 101 clears all characters of the password input by the user and counts the number of inconsistencies by “1” (step S610). Thereafter, the control unit 101 determines whether the number of inconsistencies has reached a predetermined number of times (for example, a threshold value of 3) (step S611). If the number of inconsistencies has not reached the predetermined number of times (No at Step S611), the process returns to Step S604. On the other hand, when the number of inconsistencies reaches a predetermined number determined in advance (step S611: Yes), the control unit 101 updates the characters displayed on the square 411 on the matrix display unit 401 (step S612). The process returns to step S601. By this update, characters displayed on all squares 411 on the matrix display unit 401 are randomly replaced.

  In addition to the above processing example, for example, when the update processing of the characters displayed on the square 411 on the matrix display unit 401 reaches a predetermined number of times, the personal authentication processing is terminated and the user is notified that the authentication is invalid. It is also possible to adopt a configuration such as notifying to. Further, the number of squares (vertical and horizontal matrix numbers) displayed on the matrix display unit 201 at the time of password registration and the corresponding matrix display unit 401 at the time of personal authentication can be arbitrarily set.

  According to the embodiment, when a password is registered, a legitimate user selects one or more arbitrary squares on the matrix display unit 401, and sets the coordinate position (XY coordinate) of the selected square (registered square). Just remember. Thereafter, at the time of personal authentication when using the device, the authentication can be completed by selecting a character randomly displayed at the designated coordinates corresponding to the registered square and selecting a square other than the designated coordinates.

  In addition, since the cells displayed on the matrix display unit 401 at the time of personal authentication are merely displayed in random characters, the unauthorized user is confused about what operation input should be performed as a password. Make it impossible to judge. For example, if an input password is simply selected without looking at a square on the matrix display unit 401, the possibility that the collation password matches the character is low, and the authentication is invalid and cannot be unlocked. In addition, if even one character of the input password selects the designated coordinates, the authentication becomes invalid.

  Furthermore, even if the password (character string) displayed on the password display unit 402 is stolen during personal authentication, the security strength can be maintained and further improved. That is, since a password (character string) required on the authentication screen changes randomly, an unauthorized user cannot specify a character string that can be used as a password.

  At the time of personal authentication, the device is not unlocked only by matching the password (character string). Since random characters are displayed in each square on the screen at the time of personal authentication, an unauthorized user cannot specify the position where the designated coordinates are. In addition, the unauthorized user does not know that it is necessary to operate and select a cell other than the cell 411 having the designated coordinates corresponding to the registered cell 211 for personal authentication.

  Even if it turns out that it is necessary to select and operate a cell at a position other than the designated coordinate cell 411, an unauthorized user cannot specify the position of the designated coordinate cell 411 when entering the password. At this time, one or a plurality of the same characters as the characters displayed on the designated coordinate cell 411 are also displayed on the cells other than the designated coordinate cell 411. As a result, the authentication can be invalidated by selecting even one of the designated coordinate cells 411.

  Further, according to the embodiment, if the touch panel 104 is provided so as to overlap the display unit 105 and the cell on the display unit 105 is directly operated and selected, it is not necessary to provide an input keypad and a password screen separately. . And even a small portable terminal device such as a smartphone can secure a large number of squares with a multi-stage matrix number, can increase the number of passwords (number of characters) for authentication, and can further improve the security strength. Become.

  Further, the number of registered squares (and designated coordinates) in the plurality of squares may be arbitrarily set by the user and any number of one or more. In addition, the character type displayed as a password in the form of a password during personal authentication can be selected by user designation from multiple patterns such as numbers, letters, mixed numbers and letters, hiragana, katakana, kanji, etc. it can. Thereby, it becomes easy to confirm (identify) characters at the time of personal authentication according to the user's preference, and the user's operation can be facilitated.

  The password input device according to the embodiment described above is applicable not only to smartphones as target devices but also to other portable terminal devices such as tablets. Further, the present invention can be applied to devices other than a device provided with a touch panel overlaid on the display unit, security strength can be maintained, and further improvement can be achieved.

  Note that the processing method of the password input device described in this embodiment can be realized by executing a password processing program prepared in advance by a processor such as a CPU provided in the above-described portable terminal device or the like. The password processing program is recorded on a readable recording medium such as a flash memory, and is executed by being read from the recording medium by a processor. The password processing program may be distributed via a network such as the Internet.

  The following additional notes are disclosed with respect to the embodiment described above.

(Additional remark 1) The input part which selects the character displayed on the display part by user operation,
At the time of authentication, the characters are randomly displayed on a plurality of cells on the display unit, and are displayed on cells at positions corresponding to one or a plurality of registered cells arbitrarily selected by the user at the time of registration from among the characters. The same character as the character is displayed on one or more of the cells other than the cell at the position corresponding to the registered cell,
A control unit that invalidates authentication when a cell at a position corresponding to the registered cell is selected by the input unit;
A password input device characterized by that.

(Appendix 2) The control unit
In the authentication, if the order of selection of the squares and the order of selection of the registered squares at the time of registration do not match, the authentication is invalidated.
The password input device according to Supplementary Note 1, wherein:

(Appendix 3) The control unit
At the time of registration, an invalid character is displayed as a password for the authentication on the plurality of cells of the display unit.
The password input device according to appendix 1 or 2, characterized in that:

(Appendix 4) The control unit
Based on the setting of the character type at the time of registration by the user in advance, displaying the character of the character type on the square at the time of the authentication,
The password input device according to any one of appendices 1 to 3, characterized by:

(Supplementary Note 5) The control unit
On the display unit, a plurality of the cells are displayed as a matrix display unit having a predetermined number of matrices.
The password input device according to any one of supplementary notes 1 to 4, wherein

(Appendix 6) The control unit
On the display unit, a password display unit for displaying characters by selection of the square of the matrix display unit is displayed.
Controlling the display of the character on the password display unit during the authentication based on the setting of the presence or absence of character display at the time of registration by the user in advance,
The password input device according to appendix 5, characterized by:

(Appendix 7) The control unit
When the authentication is invalidated a predetermined number of times, characters on the whole of a plurality of squares are randomly replaced and displayed on the display unit,
The password input device according to any one of appendices 1 to 6, characterized in that:

(Appendix 8) A transparent touch panel is provided on the display unit,
The touch panel outputs the position of the square displayed on the display unit to the control unit;
The password input device according to any one of appendices 1 to 7, characterized by:

(Appendix 9)
Display a character on the display unit, select the displayed character by a user operation,
During authentication, characters are randomly displayed on a plurality of squares on the display unit, and the same characters as those displayed on one or a plurality of registered squares arbitrarily selected by the user at the time of registration from among the characters, Display on one or more of the cells other than the cell at the position corresponding to the registered cell,
Invalidate authentication when a cell at a position corresponding to the registered cell is selected;
A password input program for executing a process.

100 Password Input Device 101 Control Unit (CPU)
102a Radio control unit 102b Radio unit 103 Storage unit 103a ROM
103b RAM
DESCRIPTION OF SYMBOLS 104 Touch panel 105 Display part 106 Call / voice part 107 Power supply part 108 Camera part 109 Receiver 110 Microphone 200 Password registration screen 201 Matrix display part 202 Password display part 211 Mass 211a-211d Registration mass 400 Authentication screen 401 Matrix display part 402 Password display part 411 cells 411a to 411d cells (specified coordinates)

Claims (8)

An input unit for selecting a character displayed on the display unit by a user operation;
At the time of authentication, the characters are randomly displayed on a plurality of cells on the display unit, and are displayed on cells at positions corresponding to one or a plurality of registered cells arbitrarily selected by the user at the time of registration from among the characters. The same character as the character is displayed on one or more of the cells other than the cell at the position corresponding to the registered cell,
A control unit that invalidates authentication when a cell at a position corresponding to the registered cell is selected by the input unit;
A password input device characterized by that. The controller is
In the authentication, if the order of selection of the squares and the order of selection of the registered squares at the time of registration do not match, the authentication is invalidated.
The password input device according to claim 1. The controller is
At the time of registration, an invalid character is displayed as a password for the authentication on the plurality of cells of the display unit.
The password input device according to claim 1 or 2. The controller is
Based on the setting of the character type at the time of registration by the user in advance, displaying the character of the character type on the square at the time of the authentication,
The password input device according to any one of claims 1 to 3. The controller is
On the display unit, a plurality of the cells are displayed as a matrix display unit having a predetermined number of matrices.
The password input device according to any one of claims 1 to 4, wherein The controller is
On the display unit, a password display unit for displaying characters by selection of the square of the matrix display unit is displayed.
Controlling the display of the character on the password display unit during the authentication based on the setting of the presence or absence of character display at the time of registration by the user in advance,
The password input device according to claim 5. The controller is
When the authentication is invalidated a predetermined number of times, characters on the whole of a plurality of squares are randomly replaced and displayed on the display unit,
The password input device according to any one of claims 1 to 6. A transparent touch panel is provided on the display unit,
The touch panel outputs the position of the square displayed on the display unit to the control unit;
The password input device according to any one of claims 1 to 7.

Images