To provide an authentication server, capable of reissuing a password to a user who has forgotten the password by an on-line procedure in a high-security environment.

The authentication server comprises a means 14 for requesting input of a temporary password to be temporarily used in response to a password reissuing request from a user terminal; and a means 15 for generating, in response to receipt of the temporary password, an initialization password. The generated initialization password is encrypted with the temporary password, and transmitted to an e-mail address of the user ID concerned (17). When a decoded initialization password is inputted from the user terminal within a predetermined period after transmission of the e-mail, the decoded initialization password is verified, and when the request is authenticated to be a password reissuing request from a person having valid authority, the password of the user concerned in a user information database is written with a new password input by the user.

COPYRIGHT: (C)2009,JPO&INPIT