Difference between revisions of "One-Time Password Authenticator"

From MgmtWiki
Jump to: navigation, search
(Problem)
(Solution)
Line 16: Line 16:
 
#[https://www.amazon.com/dp/B06XY6F14J Symantec VIP Security Card] size of a credit card.
 
#[https://www.amazon.com/dp/B06XY6F14J Symantec VIP Security Card] size of a credit card.
 
#[https://www.amazon.com/dp/B06XY422T9 Symantec VIP Security Token] size of a key fob.
 
#[https://www.amazon.com/dp/B06XY422T9 Symantec VIP Security Token] size of a key fob.
#
+
#[https://support.google.com/accounts/troubleshooter/4430955?hl=en#ts=4430956 Google Authenticator] [[Native App]]

Revision as of 16:52, 21 August 2018

Full Title or Meme

Authenticators are devices in the user possession that can generate a one-time password.

Context

  • Security Dynamics invented and patented the "Time-Based One-Time Password Algorithm" which has since come off-patent and standardized as RFC 6238 in May 2011.

Problem

Give users a hand-held device that can generate password for access to secure accounts.

Solution

  • The original Security Dynamics (later RSA, now Dell) Authenticator was a small hand held device that continually generated a password every (eg 30) seconds that could be sync'd with the server.
  • Now Microsoft, Google and others offer Authencators as Smart Phone Native Apps.

The following is a list of some of the Authentictors now in use.

  1. RSA SecurID is the original device. It came in multiple form factors.
  2. Symantec VIP Security Card size of a credit card.
  3. Symantec VIP Security Token size of a key fob.
  4. Google Authenticator Native App