Secure authentication with one-time passwords

Despite the biometrics boom, passwords are still the most popular means of authentication. In hostile environments, rogue users try to sniff or log password entries. You can foil these attempts by using one-time passwords. A one-time password becomes obsolete after it is used.

Even if an attacker were to sniff the password en route to the authentication server, the password would be useless.For a one-time password to work, the client must have some means for determining what password to use, and the server must know what password to expect.

Techniques

Security experts have developed several techniques for generating one-time passwords. Some methods base a new password on a mathematical manipulation of the previous password – or on a mathematical manipulation of the current time. Another technique known as challenge-response starts with the server sending a random number to the client. The client then calculates a response using a process that is known to both parties.

[...]

Read full article as PDF:

022-027_otp.pdf (1.92 MB)

Related content

comments powered by Disqus

Visit Our Shop

Trial Subscription

Digital Subscription

Subscribe

Direct Download

Read full article as PDF:

022-027_otp.pdf (1.92 MB)

Tag Cloud

Android Bruce Byfield Gnome KDE Kernel Linux Linux Pro Magazine Open Source Projects Red Hat Ubuntu events foss free software google

News