One-Time Passwords in Everything (OPIE): Experiences with Building and Using Strong Authentication
نویسندگان
چکیده
The U. S. Naval Research Laboratory's OPIE (Onetime Passwords In Everything) Software Distribution is an enhancement of Bellcore's S/Key 1.0 package. OPIE improves on S/Key in several areas, including FTP service with one-time passwords, and a stronger algorithm for generating one-time passwords. OPIE diverges from S/Key in select design decisions and in the behavior of certain programs. While not a total security solution, OPIE can be an important part of one. OPIE and its evolutionary predecessors have been used for over a year in parts of NRL. Its use has taught the authors lessons on implementation, usability, deployment, and future directions for improvement.
منابع مشابه
One Time Passwords In Everything (OPIE): Experiences with Building and Using Stronger Authentication
The U S Naval Research Laboratory s OPIE One time Passwords In Everything Software Distribu tion is an enhancement of Bellcore s S Key package OPIE improves on S Key in several areas including FTP service with one time passwords and a stronger algorithm for generating one time pass words OPIE diverges from S Key in select design decisions and in the behavior of certain programs While not a tota...
متن کامللبخوانی: روش جدید احراز هویت در برنامههای کاربردی گوشیهای تلفن همراه اندروید
Today, mobile phones are one of the first instruments every individual person interacts with. There are lots of mobile applications used by people to achieve their goals. One of the most-used applications is mobile banks. Security in m-bank applications is very important, therefore modern methods of authentication is required. Most of m-bank applications use text passwords which can be stolen b...
متن کاملOne-Time-Password-Authenticated Key Exchange
To reduce the damage of phishing and spyware attacks, banks, governments, and other security-sensitive industries are deploying one-time password systems, where users have many passwords and use each password only once. If a single password is compromised, it can be only be used to impersonate the user once, limiting the damage caused. However, existing practical approaches to one-time password...
متن کاملOne - time - password - authenticated key exchange ( full version ) Kenneth
To reduce the damage of phishing and spyware attacks, banks, governments, and other security-sensitive industries are deploying one-time password systems, where users have many passwords and use each password only once. If a single password is compromised, it can be only be used to impersonate the user once, limiting the damage caused. However, existing practical approaches to one-time password...
متن کاملThe usability of picture passwords
Executive summary In the context of growing identify theft, and especially phishing and related scams, conventional passwords no longer provide adequate authentication security for online services. 'Zero-footprint' strong authentication (i.e. requiring no software installs or hardware tokens) can be achieved with careful use of picture passwords, i.e. sequences of picture symbols. The pic...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 1995