1. Field
Apparatuses consistent with exemplary embodiments relate to a method of authenticating a password and a portable device thereof, and more particularly, to a method of authenticating a password of a portable device including a screen which may be a touch screen and the portable device thereof.
2. Description of the Related Art
The development of personal portable devices that are capable of participating in e-commerce, and of implementing the full range of financial transactions, has brought with it a heightened level of concern for the protection of the user's personal information accessible on and via such devices. One main approach to realizing protection for personal portable devices has been the setting and authentication of a password.
More specifically, known approaches to authenticating a user include inputting preset numbers, or drawing a figure in a preset pattern. However, these known approaches, i.e., the use of an ordered sequence of numbers or the use of an input pattern, are susceptible to compromise by malefactors who may, unbeknownst to the user, covertly observe how the user inputs the password; that is, by “shoulder-surfing”, another might view the pattern entered by the user, or the position of the user's fingers when completing authentication, even without necessarily being able to observe the user's display. This is because, on a typical display, button arrangements are fixed, and so another person can estimate and often reproduce the manner in which the user entered an authentication sequence or pattern. This fact may result in exposure or compromise of the user's authentication sequence or pattern, thereby jeopardizing the safety of the user's personal information.
Touch screens, which are especially prolific in modern personal portable devices, also offer the risk that oils or other matter may be left behind when a user enters an authentication sequence or pattern. In other words, touch screens are susceptible to compromise through traces left behind from the user's fingertips. Such trace information may enable another person to estimate or reproduce the user's authentication sequence or pattern.
Accordingly, a more powerful, secure method of authenticating a password, and thus authenticating a user is needed.