One-Time Passwords

From
Revision as of 00:29, 6 November 2004 by Henryk (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

One-Time Passwords are a special authentication scheme for use over insecure lines without the need for complex encryption and utilizing the normal login procedure. They can usually be safely used with telnet or plain ftp for example. The basic idea is to use a different password each time authentication is needed and to never reuse a used password. Also it must not be possible to easily compute yet unused passwords even with complete knowledge of all used passwords so far.

There are two types of One-Time Password systems:

  1. Pregenerated lists of completely random passwords, and
  2. Systems based on a non-inversible function, e.g. cryptographically secure hash functions

Pregenerated lists

Hash functions

Retrieved from "https://sarwiki.informatik.hu-berlin.de/index.php?title=One-Time_Passwords&oldid=88"