A number of various approaches and also diverse auxiliary means are known for releasing the access to a computer system or to a program for a user. In many instances in which there are no security requirements that are too high the access is released after the correct inputting of a user ID and of a password. Problems occur, e.g., if the same user has access rights to many computer systems or programs. The user must then have knowledge of a plurality of user ID's and associated passwords.
Instead of manually inputting a password there is also the possibility of providing the user with a portable security data carrier with whose aid an authentication is performed. However, this presupposes that suitable software is installed on the terminal used which software makes access to the portable security data carrier possible. The installation of such software is in particular problematic if the access to the computer system or to the program is to be established for the user by a terminal of a third party. This situation can occur, e.g., in the case in which a field service technician visits a client if said technician would like to access the server of his firm. In such a case, the use of a customary security data carrier is eliminated as a rule since the installation of the software required for using the security data carrier is usually not permitted on the client's terminal. In order to solve this problem, the use of a device that indicates a number on a display when a button is pushed is known. This number is read by the field service technician and registered by the terminal of the client, e.g., as a one-time password in a protected Internet page. Then, the field service technician obtains access to the server of his firm for certain time via the terminal of the client. However, this procedure has the disadvantage that the one-time password must be typed into the terminal. It is furthermore disadvantageous that access to the system can be established by anyone in possession of the device for password generation. The loss of the device can therefore be extremely critical.