Secure authentication - OTP? Token?
I'm interested in experimenting with secure authentication methods - specifically, one-time passwords and/or hardware tokens.
As to OTP, I've seen OPIE but don't like the idea of hard-printing a list of passwords, and am not very interested in running an OPIE generator on my Palm-based smartphone - an inherently insecure device. I've considered the idea of building a small microcontroller-based unit to either generate OPIE passwords or, more realistically (due to the capabilities of these units) store a pre-generated list.
More to the point, I really like the idea of a hardware password generator like the SecurID or SafeWord card, but don't have the budget for their server software. Does anyone know of a hardware solution which can be paired with an F/OSS server, or a PAM module?