公开(公告)号：JPH10320354A

公开(公告)日：1998-12-04

申请号：JP10882298

申请日：1998-04-20

Applicant: IBM

Inventor： BINH KYUU NUYEN ,  RICHARD J REDPATH ,  SINGHAL SANDEEP KISHAN

IPC: G06F15/00 ,  G06F21/00 ,  G06F21/20

Abstract: PROBLEM TO BE SOLVED: To authenticate a user, to limit a damaged password and to obtain service that is commercially executable by limiting the use of distributed service to a user through a password and a random factor which are given at the time of the first access. SOLUTION: A user 200 is authenticated to a lobby server 220 through a cookie 210 (password and an additional random factor). Next, the server 220 checks whether the cookie 210 includes an effective password. First, it decides whether the password is effective or not. When it is not effective, the password is rejected. When the password is effective, it is decided whether a user record 230 exists to the user or not. If it is no, the server 220 creates a user record to the password. In the case of yes, it is decided whether the cookie 210 that is given by the user 200 coincides with what is inside the record. In the case of yes, success is returned.