Along with the popularization of the Internet, web services to provide various services on the web by the Internet become popular. Authentication by the user ID and password is generally used for user authentication in web services. The user registers the user ID and password in advance in a server that provides a web service, and the user inputs the user ID and password by a browser or the like when using the web service. The server performs user authentication depending on whether the input user ID and password match the user ID and password registered in advance.
Especially, since a password is input to authenticate the user, it is secret information which has a high degree of secrecy and which has to be strictly managed on both the user side and the server side. That is, the server side is requested to strictly manage a password registered by the user such that it is not leaked, and the user side is requested to strictly manage the password such that the user does not forget the password and leak it to others.
Moreover, for example, there is JP 2003-69560 that describes a technique to ensure identification. JP 2003-69560 describes a technique of ensuring a link between a public key and a terminal by terminal authentication by the use of the telephone number.