Time-synchronized OTPs are widely deployed but are subject to problems caused by clock skew. Both approaches typically require the user to carry a small hardware device (often on a key chain) that is synchronized with a server, and both typically use some algorithm to generate the password. The passwords themselves are generated in one of two ways: either as time-synchronized or counter-synchronized. Unlike a static password, a one-time password changes each time the user logs in. In this environment, a simple static password solution can become a liability. They also hire temporary employees and vendors. Many businesses give employees laptops and open their networks to remote access. This is especially a concern for laptops since they can be easily stolen. Because passwords are cached on computer hard drives and stored on servers, they are susceptible to cracking. But what kind of one-time password options are out there, and why is OTP better than traditional passwords anyway? Well, let's see.Ī traditional, static password is usually only changed when necessary: either when it has expired or when the user has forgotten it and needs to reset it. However, you should note that SecureID is not based on a standard, which can cause incompatibilities and licensing overhead.Ī third option is to use a standards-based OTP solution. This kind of trade-off of high cost for high security is a common theme.Īlternatively, you could use SecureID, which is the one-time password solution from RSA. It can also be difficult to manage certificates for remote users, especially if you are using a hardware-based token, such as a smart card. You could use certificate authorities to issue certificates to your users, but this requires a public key infrastructure (PKI) and is expensive to set up and maintain. There are a few ways that you could go about eliminating standard passwords for your remote users. First, though, I want to briefly take a broader look at password-replacement technologies. Knowing these limitations, how can you mitigate these types of security problems when remote users access your network? Seeing that many users write down their passwords, how would you make your company's password solution more robust? I'll show you how to use standards-based technologies with C# and C to develop a one-time password (OTP) proof of concept. In addition, there are few secure and efficient procedures for resetting passwords. Users often create simple passwords or write their passwords down to make sure that they'll remember them. Passwords can be a big security and manageability headache for enterprise IT administrators. This article uses the following technologies: Building a Web service-based OTP solution.Safer Authentication with a One-Time Password SolutionĬode download available at: OTPAuthentication2008_05.exe(496 KB)
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |