I know how to configure and use OPIE for one-time password authentication. I just can't seem to find a usable OTP password generator for other devices, such as mobiles and BlackBerrys. Does anyone have any advice for me? Specifically, for a BlackBerry 8320.

I know there *are* generator apps for mobile devices (I know there's one for Palm) but I always got the impression that Blackberry software was rather limited. If the OPIE homepage doesn't have anything, you might be out of luck. Have you tried their mailing list?

I remember looking into OPIE a while back and feeling that it was quite limited in terms of support for other devices.

I don't know what developing for the BB is like, but you may have to consider porting something.

**Note: one other option is if you have some way of encrypting memos or text files on the BB, or you don't mind putting plaintext passwords on it, you could use the OPIE password generator program to generate a hundred or so passwords, then sync them to your BB as a memo. Of course, this ends up placing the password list on your device *and* the computer you sync it to, so you'll probably actually *lose* security.

As a PS - this reminds me of a thread on password schemes on the SAGE (www.sage.org) mailing list a while back. Rather than use OTPs, a number of people said that they use a password scheme - a root portion, a host-specific portion, and a changing portion. I.e. all passwords for a person might start with a random 4-character string, then have the first 4 letters of the hostname with some sort of translation (rotation through the alphabet, keys next to them on the keyboard, etc.) and then have a string of 4 characters or so that changes every (week|month|etc.).

Not the absolute strength of OTPs, but does a lot to prevent brute-force passwords, guesses, etc.

Well, if OPIE isn't known for its support for other devices, what is? What ARE some good OTP implementations, anyway?