In some programmable controllers, a security measure is taken to prevent a fraudulent operation based on leakage of a password. For example, in a known technique, a memory card having a user authentication table is attached on a programmable controller in order to control access to the programmable controller from a tool. Further, a login request command in which user login information is written is transmitted from the tool to the programmable controller, and the programmable controller is allowed to be accessed when IDs and passwords of the both are identical (for example, see Patent Document 1).