Verifying the identity of a user before granting access to objects or services is an important step in nearly all applications or environments. Some applications (e.g. pervasive environment) may impose additional requirements for user authentication mechanism, such as to be continuous and unobtrusive. The former refers to constant or periodic re-assurance of the identity, while the latter means that the authentication mechanism should be unobtrusive andimplicit (without attracting user's attention). Traditionaluser authentication mechanisms (e.g. passwords or fingerprints) cannot be or is difficult to adapt to fulfill such requirements. This paper studies an unobtrusive mechanism of user authentication based on a new biometric modality. Arm swing, which occurs during gait, is proposed as a weak biometric for user authentication. We collected arm swing of the person by using a motion recording sensor, which records acceleration of the arm swing in three orthogonal directions. Using frequency domain analysis of the arm swing accelerations, we obtained anEqual Error Rate (EER) of 10% based on a preliminary data set including 120 arm swing samples from 30 persons.