Secure authentication - OTP? Token?
Hello,
I'm interested in experimenting with secure authentication methods - specifically, one-time passwords and/or hardware tokens. As to OTP, I've seen OPIE but don't like the idea of hard-printing a list of passwords, and am not very interested in running an OPIE generator on my Palm-based smartphone - an inherently insecure device. I've considered the idea of building a small microcontroller-based unit to either generate OPIE passwords or, more realistically (due to the capabilities of these units) store a pre-generated list. More to the point, I really like the idea of a hardware password generator like the SecurID or SafeWord card, but don't have the budget for their server software. Does anyone know of a hardware solution which can be paired with an F/OSS server, or a PAM module? |
I am too interested in any hardware implementations of open source OTP -- possibly an SKEY fob. Haven't seen or heard of any other than the popular SecurID.
Any Ideas? |
secure computing make one called safeword. It implentments one-time passwords and each keyfob requires a pin number.
|
I'm familiar with SafeWord cards - I actually have 3 from various machines at various jobs.
Unfortunately, I know that their infrastructure is quite expensive. I was looking for something that I could reasonably use for 3 users on a development network - essentially dirt cheap. |
All times are GMT -5. The time now is 11:22 PM. |