1. Field of the Invention
The present invention relates to a password updating apparatus for automatically updating a password used to access a network through a computer as a communication terminal unit and a computer-readable recording medium used therefor to store a program for implementing a method of automatically updating a password.
2. Description of the Prior Art
As computer communications using the Internet become popular, password theft on networks poses problems. To prevent damage caused by such password theft, providers who provide Internet services recommend that users periodically update their passwords.
In general, however, it is difficult for a user to think out a new password and store and manage it because the password needs to be a string of characters that are incomprehensible to third parities. For this reason, many users register plain passwords just once, and use them for long periods of time. If, therefore, a password is stolen on a network, information is stolen by the stolen password.
Methods of preventing damage caused by such password theft by automatically updating passwords are disclosed in Japanese Unexamined Patent Publication Nos. 62-31231 and 62-184563.
The technique disclosed in Japanese Unexamined Patent Publication No. 62-31231 is, however, associated with the passwords to be set in terminal units. If this technique is directly applied to the password set by a user, the user must still store and manage the password. According to the technique disclosed in Japanese Unexamined Patent Publication No. 62-184563, when a recording medium such as a floppy disk in which a password is stored is stolen, the user cannot access a provider even if he/she stores and manages the password stored in the recording medium in a different manner.
The present invention has been made in consideration of the above situation in the prior art, and has as its object to provide a password updating apparatus capable of automatically updating a password without giving a user any trouble, and a computer-readable recording medium used therefor to store a program for implementing a method of automatically updating a password.
It is another object of the present invention to provide a password updating apparatus capable of automatically updating a password to prevent damage caused by password theft on a communication line, and a computer-readable recording medium used therefor to store a program for implement a method of-automatically updating a password.
In order to achieve the above the objects, according to the first principal aspect of the present invention, there is provided a password updating apparatus comprising:
(a) a current password storage section in which a currently set current password is stored;
(b) a seed data storage section in which seed data serving as a seed for generating a password is stored;
(c) a generation data storage section in which generation data for generating a password is stored;
(d) a password generating section for generating a new password from the seed data stored in the seed data storage section in accordance with the generation data stored in the generation data storage section;
(e) a new password storage section for storing the new password generated by the password generating section;
(f) an access requesting section for requesting access to another computer through a communication line by using the current password stored in the current password storage section; and
(g) an update requesting section for requesting another computer connected in accordance with the request from the access requesting section to update the current password used for the access to the new password stored in the new password storage section.
According to the password updating apparatus of the first main aspect, the current password used to access another computer is sequentially updated without giving the user the trouble of storing and managing the password. In other words, the password can be automatically updated without giving the user any trouble. Since the password output onto the communication line is sequentially updated, damage caused by password theft on the communication line can be prevented.
The password updating apparatus of the first main aspect can further comprise an input section for inputting seed data to be stored in the seed data storage section.
As the seed data input with the input section, for example, an absolute password that can be easily memorized by the user can be generated.
In the password updating apparatus of the first principal aspect, the password generating section further comprises a monitoring section for monitoring the time at which the new password is to be generated, the password generating section generates the new password in accordance with the monitoring result obtained by the monitoring section, and the update requesting section requests updating of the password to be used for future access to the connected another computer when the password generating section generates the new password.
In this case, the monitoring section can be designed to request updating of the password used for future access to be connected to another computer when the password generating section generates a new password.
The password updating apparatus of the first principal aspect may further comprise a first password updating section for causing the current password storage section to store the new password stored in the new password storage section as a current password when a password update request is generated by the update requesting section.
In the password updating apparatus of the first principal aspect, the apparatus further comprises a password history storage section for storing at least one password used in the past to access another computer, and a notification information storage section for storing notification information indicating whether confirmation of updating of the password is notified from another computer in response to a request from the update requesting section, and the access requesting section generates a request to access another computer through the communication line by sequentially using the current password stored in the current password storage section and the past passwords stored in the password history storage section when the notification information stored in the notification information storage section indicates that xe2x80x9cconfirmation of updating of the password is not notified from another computerxe2x80x9d.
According to this arrangement, in the password updating apparatus of the first principal aspect, the access requesting section can further comprise a second password updating section for, when access to another computer is requested by using the past password stored in the password history storage section, and connection to another computer is established in accordance with the request, causing the password storage section to store as a current password the past password used by the access requesting section to generate a request to access another computer.
With this arrangement, even if, for example, the completion of updating of the password is not notified from another computer, since access to another computer can be tried with the current password or one of the past passwords, the password can be restored at a considerably high probability.
In the password updating apparatus of the first principal aspect, a plurality of computers can be connected to the communication line. In this case, another computer to which an access request is generated by the access requesting section is one of the plurality of computers which can be connected to the communication line, the generation data storage section stores a plurality of generation data corresponding to the respective computers, and the password generating section generates the new password from the seed data stored in the seed data storage section in accordance with generation data, of the plurality of generation data stored in the generation data storage section, which corresponds to another computer to which the access request is generated by the access requesting section.
With this arrangement, since different passwords are output onto the communication line for the respective other computers to be connected, damage caused by password theft can be prevented more effectively.
In order to achieve the above objects, according to the second main aspect of the present invention, there is provided a recording medium storing a program for executing:
(A) a current password storage function of securing a storage area in which a currently set current password can be stored;
(B) a seed data setting function of setting seed data serving as a seed for generating a password;
(C) a generation data setting function of setting generation data for generating a password;
(D) a password generating function of generating a new password from the seed data set by the seed data setting function in accordance with the generation data set by the generation data setting function;
(E) an access requesting function of requesting access to another computer through a communication line by using the current password stored in the storage area secured by the current password storage function; and
(F) an update requesting function of requesting another computer, which is connected in accordance with the request from the access requesting function, to update the current password used for the access to the new password generated by the password generating function.
In the recording medium of the second main aspect, the password generating function may further store a program for executing a monitoring function of monitoring the time to crease the new password.
In this case, the password generating function generates the new password in accordance with the monitoring result obtained by the monitoring function, and the update requesting function generates a request to update the password to be used for future access to the connected another computer when the password generating section generates a new password.
The recording medium of the second main aspect may further store a program for executing a password updating function of causing the current password storage function to store as a current password in the storage area the new password generated by the password generating function when a password update request is generated by the update requesting function.
The recording medium of the second main aspect can further store a program for executing:
a password history storage securing function of securing a storage area for storing at least one password used by the access request function in the past to access another computer,
a password history storage function of, when the new password generated by the password generating function is stored as a current password in the storage area secured by the current password storage function, storing the current password as a past password in the storage area secured by the password history storage securing function;
a notification information storage securing function of securing a storage area for storing notification information indicating whether confirmation of updating of a password is notified from another computer, in response to a request from the update requesting function, and
a notification information storage function of storing notification information indicating that confirmation of updating of a password is notified in the storage area secured by the notification information storage securing function when confirmation of updating of the password is notified from another computer.
The access requesting function can request access to another computer through the communication line by sequentially using the current password stored in the storage area secured by the password storage securing function and the past passwords stored in the storage area secured by the password history storage securing function when the notification information stored in the storage area secured by the notification information storage securing function indicates that xe2x80x9cconfirmation of updating of the password is not notified from another computerxe2x80x9d.
The above and many other objects, features and advantages of the present invention will become manifest to those skilled in the art upon making reference to the following detailed description and accompanying drawings in which preferred embodiments incorporating the principles of the present invention are shown by way of illustrative examples.