An Enhanced One-Time Password Implementation
نویسنده
چکیده
We propose here a number of enhancements to the RFC 2289 One Time Password System (or S/KeyTM). The enhancements take into account the vulnerabilities of RFC 2289 as well as the practical usage issues in deploying this standard for modern day 2-factor authentication. More significantly, with the introduction of a user-originated “bias”, the enhancements allow for various user-end implementations, both on hardware or software, to be supported with the possibility of extending this support into 3 factor biometric authentication.
منابع مشابه
LabVIEW implementation of an enhanced nonlinear PID controller based on harmony search for one-stage servomechanism system
This paper presents a practical implementation for a new formula of nonlinear PID (NPID) control. The purpose of the controller is to accurately trace a preselected position reference of one stage servomechanism system. The possibility of developing a transfer function model for experimental setup is elusive because of the lack of system data. So, the identified model has been developed via gat...
متن کاملImplementing Strong Authentication with OTP: Integrated System
Due to the arising problems with using static passwords, there is a strong need of implementing more secure protocols for authentication. The One-Time Password protocol is implementation for two-factor authentication; the two factors being something you own (a token) and something you know (PIN). This paper presents an open algorithm for OTP and implements a clientserver system for secure OTP a...
متن کاملA Secure Hash-Based Strong-Password Authentication Protocol Using One-Time Public-Key Cryptography
Secure communication is an important issue in networks and user authentication is a very important part of the security. Several strong-password authentication protocols have been introduced, but there is no fully secure authentication scheme that can resist all known attacks. We propose enhanced secure schemes with registration and login protocols, and add the “forget password” and password/ve...
متن کاملWebsite Credential Storage and Two-Factor Web Authentication with a Java SIM
In this paper two mobile website authentication schemes are proposed. The first enables authentication credentials (username and password) to be stored and retrieved securely from a mobile handset, and requires no changes to existing websites. The second scheme, which may optionally be used with the first, utilises a one-time password and is intended for applications requiring an enhanced level...
متن کاملEnhanced Password Authentication the Dynamic Password Unrevealed
Advanced Password Encryption Technology Based On The New Concept Of Dynamic Passwords For Users Based On Their Current Location/Time/Parameters. The Basic Password Remains Intact & Users Enter Few 2-3 Additional Information Characters In Addition To Basic Password Which Are Dynamic & Provided At Run Time.
متن کامل