1. Field of the Invention
The present invention is related to a method for verifying authorized access, and is specifically a method for verifying authorized access with an improved means of inputting a password, so as to prevent a spectator of the inputting process from learning the password, and to facilitate memorizing the password.
2. Description of the Prior Art
Recently, motivated by the fast development and standardization of microelectronics, it has become very common to apply electronic password for verifying the identification of a user, which is almost a standard method for verifying authorized access. Because of its convenience and flexibility this kind of method for verifying authorized access has been applied in many buildings, offices, or common houses. Furthermore, this kind of method has been applied more broadly on computers and various control systems connected by networks, so as to assure the privacy of personal data, or to provide paid information service to specific users by verifying user's identification with a password.
Because of the mentioned convenience and flexibility and the fast development of networks at the meantime the use of electronic password has been becoming more and more frequent. Besides the means for verifying identification of a person asking for entrance, electronic password has been also applied in fields such as personal computers, workstations with multiple users, websites providing data with limited access, or portable electronic devices such as cell phones and personal digital assistants (PDA) wherever the privacy of personal data is to be protected. More recently, assisted by the fast improvements of wireless transfer techniques, portable electronic devices as mentioned above have been able to efficiently exchange information with various server systems for storing bulk data. Therefore, in terms of login into servers with bulk data by way of wireless network, users of portable electronic devices can reach personal data saved on server systems or check real-time information such as news of the day, without any limitations of the time or the location where the users are. Because information itself has market value or its privacy has to be protected, a method of verifying authorized access is obviously unavoidable when electronic information is provided, administrated, and transferred. Here, the most common means is to use electronic password in a method for verifying authorized access. In the highly virtualized modern life, therefore, the broad use of electronic password has become a sign of the present time.
It is trivial that to maintain the privacy of password is presupposed for its effectively protecting user's rights. There have been many inventions devoting to protecting password while being transferred in networks. Their main means is to design new software or hardware, so as to prevent a third person from catching the password during its transfer, or to make a decoding of the password more difficult. However, even if these designs make password safe during the transfer in networks, it is still possible that a spectator learns the password directly by observing the inputting process, especially when the inputting operation has to be performed in a circumstance where the existence of spectators can not be excluded completely, such as using public computers or work stations in a public area like library or an office. Often, authorized persons input password for entering an area or a house with limited access when spectators do exist. Furthermore, When operating the very common Automatic Teller Machine (ATM) it exists the same problem. These examples are very common in the modern and information-intensive daily life and some working fields. Therefore, a solution is needed to prevent a spectator of the process of inputting a password from learning the password. In addition to the safety problem of the password's privacy, for many users, the traditional password using a sequence of alpha-numeric characters is difficult to remember. A further problem of the traditional password is that a sequence of alpha-numeric characters is possible to be learned by an automatic program repeating trying to enter the system. Therefore, the traditional password is also disadvantageous when a hacker tries to infringe through networks.
An alternative way of using graphical password to verify authorized access has been known for solving the above-mentioned problems of the traditional password that is difficult to remember and can not effectively prevent from network infringements. By this means of entering a password a user is required to touch or select in an displayed graphical image predetermined areas in a predetermined sequence. In this means of using graphical password the user has to touch specified areas on a touch-sensitive display panel or move cursors to select specified areas of an image. Therefore, a spectator observing the entering process can still learn the entered password. On the other hand, in a further alternative means for entering password a password entry system displays a matrix of random ordered alpha-numeric characters and requires a user to press a dedicated row or column button for each character of the memorized password appearing in that row/column. In this means of using matrix of random ordered alpha-numeric characters the password used is a sequence of alpha-numeric characters as the traditional password and has the disadvantage of being difficult to remember.