One Time Passwords Research Paper Example | Topics and Well Written Essays - 1250 words

One Time Passwords - Research Paper ExampleThe new passwords are generated by the remains using a one-way hash function (Bhaiji, 2009).Challenge/response This event also uses numerical algorithm, but with a challenge function. In this type, the user needs to generate a one- conviction password by entering a challenge (a random number or secret key), received at the time of login, into the password-generating token/software. Since new passwords are based on a challenge mechanism instead of macrocosm based on previous password, this type offers more security as compared to mathematical algorithm type (Bhaiji, 2009).Time-synchronized In this type, passwords are generated by the system using a physical hardware token that has an blameless clock synchronized with the clock on the credential server (Bhaiji, 2009).OTP technology is a type of multifactor ( ii-factor) au hencetication chafe control which provides strong user authentication for secure access. Two-factor authentication re fers to the combination of any two of the three basic forms of one-factor authentication mechanism something the user knows such as a password, pass phrasal idiom or PIN (personal identification number), something the user possesses such as a smart card or access token (hardware or software), and something physically unique about the user such as a fingerprint, voice, retina or iris scan, or DNA sequence (Samuelle, 2008).If the intruder is able to guess a promiscuously generated OTP somehow, he will be able to access the system only once because subsequent access would require him to get lucky again guessing a randomly generated OTP.The major problem of OTPs is that no user can ever able to remember them because they are generated in bulk and stored in a file on a system. Therefore, OTPs are vulnerable to eavesdropping because if someone knows that the passwords are stored in the file, and then he can gain unauthorized access to the users account where he can then install keystrok e-capturing