Speech recognition is a promising alternative input technology for individuals with upper-body motor impairments that hinder the use of the standard keyboard and mouse. A recent long-term field study found that the users employed speech techniques for a variety of tasks beyond generating text documents [1]. One challenge with hands-free speech-based interactions is user authentication, which requires the users to speak their user IDs and passwords character by character. Unfortunately, speaking a password presents both security and privacy threats as well as usability problems. To address this challenge, we propose a new speech-based authentication model. An initial proof-of-concept prototype has been implemented and a pilot study was conducted. Preliminary results suggest several problems for further examination.