In recent years, prevention of leakage of data is widely concerned. Thus, data storage apparatuses with a data protection function for preventing invalid data reading etc., are now used.
In general, the data storage apparatus including a data protection function manages personal identification data such as personal identification number (PIN) and authenticates a person using the personal identification data. Data read and the like are authorized only for a person who succeeds with the authentication.
In some cases, in consideration of a case where a righteous user forgets the personal identification data, personal identification data having authority to perform initialization in which data are invalidated and the data protection function is inactivated may be prepared. This personal identification data has no authority to read data. Here, the inactivation of data protection function means that the data protection function is shifted to a non-operation state from an operation state. Shift of the data protection function from the non-operation state to the operation state will be referred to as activation of data protection function. Such personal identification data for initialization strongly require secrecy to invalid users and protection to malicious setting by invalid users.