To provide a method and a device for registering password with which a user can confirm whether a password is normally registered or not in the case of registering the password and the registered password is prevented from being decoded by the third person.
The user utilizes a verify request part 19 of a client 15, uses one or two passwords and lets a server 27 verify them. At such a time, the password is transferred to the server 27 in safe by utilizing an enciphering function. At the same time, the client 15 selects a random number corresponding to the number of passwords to be used for verifying among plural random numbers received from the server 27 and transmits it to the server 27. The server 27 confirms how many passwords are used for verifying from the random number received at a verifying part 30, deciphers the enciphered password, applies a unidirectional function to the provided password and compares it with a registered hash password. When they are coincident, verifying is completed.
Next Patent: INFORMATION MANAGING SYSTEM