A user authentication method includes varying a threshold value for human body recognition depending on the extent to which an input graphical password matches with a registered graphical password and determining whether to authenticate a user or not based on a result of comparing the user's human body recognition information with registered human body recognition information. Thus, it is possible to improve convenience, reliability, and security of user authentication based on a graphical password in a device, such as a PDA or other portable electronic device, not having a key manipulation unit. In addition, a biometrics unit that used to provide authentication functions and to carry out user authentication may be improved by lowering both FAR and FRR by variably setting a threshold value for biometrics depending on the result of user authentication using a graphical password.