Secure authentication with one-time passwords
Whispered Once

© Nikolay Okhitin, Fotolia
A one-time password won't compromise security if it falls in the wrong hands. OPIE and OTPW bring the safety of one-time password security to Linux.
Despite the biometrics boom, passwords are still the most popular means of authentication. In hostile environments, rogue users try to sniff or log password entries. You can foil these attempts by using one-time passwords. A one-time password becomes obsolete after it is used.
Even if an attacker were to sniff the password en route to the authentication server, the password would be useless.For a one-time password to work, the client must have some means for determining what password to use, and the server must know what password to expect.
Techniques
Security experts have developed several techniques for generating one-time passwords. Some methods base a new password on a mathematical manipulation of the previous password – or on a mathematical manipulation of the current time. Another technique known as challenge-response starts with the server sending a random number to the client. The client then calculates a response using a process that is known to both parties.
[...]
Buy this article as PDF
(incl. VAT)