The present disclosure relates to a password authentication apparatus and a password authentication method.
Conventionally, personal authentication has been required to limit the use of web services by persons other than an authorized user from a cellular phone, a PHS, or a PDA (Personal Digital Assistant). In general, the personal authentication is achieved by determining whether a password is entered correctly upon authentication using, for example, a four-digit personal identification number or a combination of plural alphanumeric characters (hereinafter referred to as “password”).
However, conventional authentication methods using the password have a disadvantage that the password can be easily leaked out to a third party if the third party sees the user's input operations. Particularly, if the third party has taken photos or video of the user's input operations with a photographic device, such as a camera, at the time of password input, the third party can analyze the images and determine the password. As a result, the possibility of password “leakage” or compromise of a password increases.
Such a problem is particularly relevant to portable terminals, such as laptop computers or PDAs, because they are portable and hence the third party has increasing opportunities to see their screens.
Therefore, it is desirable to provide a password authentication apparatus and a password authentication method capable of reducing the risk of password information leakage even if a third party sees user's input operations.