1. Field of the Invention
The present invention relates to a method and an apparatus for preventing a computer from being used by an unauthorized user, and more particularly, to a method and an apparatus for preventing a personal computer from being illegally used by using a password.
2. Description of the Related Art
Passwords have been used in a personal computer. Typically a password is used for enabling a resume function when a main power is turn on in a personal computer. The personal computer is classified into a desktop computer used on a desk, a portable laptop computer which can be used on laps of a user, a note book computer which is thin and small so as to be put into a case, and a palmtop computer which can be used on a palm of a user. In any type of computer, a power-on password function allows the computer to distinguish between an authorized user and an unauthorized user before the resume function is enabled.
As the personal computer becomes smaller, security information stored in the computer as well as prevention of the computer from being stolen is requested. For this, in a conventional technology, a password known to only a user is stored in a memory, the password is input by the user whenever the personal computer is booted, and the input password is compared with a stored password stored in the memory. The authorized user may use the computer.
However, the conventional method for storing a password in a memory is not preventing the computer from being stolen and is useless for a person who knows the structure of the personal computer. If anyone intercepts off a backup power from the memory, the password stored in the memory disappears. Then, the unauthorized user who has stolen the computer may use the computer.
U.S. Pat. No. 4,959,860 for a Power Password Function For Computer System issued to Watters et al. discloses a battery-powered RAM storage area used to hold a used defined password when the system is turned off. The battery-powered RAM storage area is protected against being accessible by unauthorized users when the system is turned on. This reference, however, fails to show the interception by the unauthorized user and any other protection to prevent the unauthorized user from using the computer.
U.S. Pat. No. 5,222,231 and U.S. Pat. No. 5,430,867 for a Data Processing System Having a Resume Function And an Operating Method thereof and U.S. Pat. No. 5,704,040 for a Computer Having Resume Function issued to Gunji respectively disclose a backup RAM having a volatile memory supplied with a backup power or an EEPROM. The back up RAM includes a password area for storing a password, a check sum, and a password flag. Also, this reference does not show to prevent an unauthorized user from using the computer.
U.S. Pat. No. 5,537,544 for a Portable Computer System Having Password Control Means For Holding One Or More Passwords Such That The Passwords Are Unreadable By Direct Access From A Main Processor issued to Morisawa et al. discloses a Password memory such as an EEPROM storing a plurality of registered passwords along with access right data assigned to the registered passwords. This reference does not show to prevent the unauthorized user from intercepting the backup power to the EEPROM and using the computer.
The conventional methods and apparatus merely store or control a plurality of passwords and enable the resume function when password input by user is compared with the stored password. I have noticed that the art, as indicated by the foregoing examples, fails to show to prevent the unauthorized user from intercepting the backup power to the EEPROM and using the computer. Moreover, the conventional method is not enough to prevent an unauthorized user from using the computer. Furthermore, the unauthorized user may be encouraged to steal and use the conventional computer.
It is an object of the present invention to provide a method and an apparatus for preventing an unauthorized user from illegally using a computer.
It is another object to provide a method and an apparatus for discouraging an unauthorized user to steal and use a computer.
It is still object to provide a method and an apparatus for preventing an unauthorized user from deleting a password stored in a computer.
It is yet another object to provide a method and an apparatus for storing a password into at least two memories.
It is still another object to provide a method and an apparatus for determining whether a user is an unauthorized user.
It is further object to provide a method and an apparatus for using a second password in order to determine whether a user is an unauthorized user when a first password is deleted
It is another further object to provide a method and an apparatus for using a second password in order to determine whether a user is an unauthorized user when a first password is not set.
These and other objects may be achieved by using a method and an apparatus in a computer to provide a password checking program and at least two memories storing passwords such as a first password and a second password. The first password is stored in CMOS RAM and the second password is stored in BIOS ROM. During performing a POST process, the password is stored in memories included in the computer. If the first password stored in the CMOS RAM, when the password is stored in the CMOS RAM, is identical to a password input by a user, booting the computer continues. If not, booting the computer is stopped. If a password is not set to the CMOS RAM, the password input by the user is compared to the second password stored the flash memory in the BIOS ROM. If the password input by the user is identical to the second password stored in the flash memory when the second password is set to the flash memory, booting the computer continues. If not, booting the computer is stopped.