Abstract: A user authentication method and apparatus including determining whether a password has been input; setting a first threshold value if the input password matches with a registered password and setting a second threshold value if the input password does not match with the registered password; and determining whether to authenticate the user or not based on a comparison of the user's biometrics information with registered biometrics information and the first or second threshold value.