To present an authentication method to be used also as the substitute of biometrics.

An authentication terminal receives a temporary code composed of an arbitrary character string, and generates a terminal specifying code which includes information for specifying the authentication terminal, based on the temporary code (S3). An authentication management server checks the validity of the authentication terminal according to the terminal specifying code, and generates a confirmation code which includes information indicating the temporary code in the case of validity (S7). The authentication terminal receives the inputs of the code corresponding to the confirmation code and the code corresponding to the temporary code, and inspects compatibility in the code corresponding to the confirmation code (S9-S11). When the confirmation code is determined to be appropriate, the authentication terminal generates a one-time password, and requests the generation of the same one-time password to the authentication management server (S12, S13). The authentication management server generates the one-time password in response to a request from the authentication terminal, and requests the change of the password to an authentication usage device (S15).