Difference between revisions of "One-Time Password Authenticator"
From MgmtWiki
(→Solution) |
(→Context) |
||
Line 3: | Line 3: | ||
==Context== | ==Context== | ||
− | Security Dynamics invented and patented the "Time-Based One-Time Password Algorithm" which has since come off-patent and standardized as RFC 6238. | + | *Security Dynamics invented and patented the "Time-Based One-Time Password Algorithm" which has since come off-patent and standardized as RFC 6238. |
+ | *TOTP: Time-Based One-Time Password Algorithm, RFC 6238 was finalized in May 2011 and is now available for all. | ||
==Problem== | ==Problem== |
Revision as of 17:29, 21 August 2018
Contents
Full Title or Meme
Authenticators are devices in the user possession that can generate a one-time password.
Context
- Security Dynamics invented and patented the "Time-Based One-Time Password Algorithm" which has since come off-patent and standardized as RFC 6238.
- TOTP: Time-Based One-Time Password Algorithm, RFC 6238 was finalized in May 2011 and is now available for all.
Problem
Give users a handle held device that can generate password for access to secure accounts.
Solution
- The original Security Dynamics (later RSA, now Dell) Authenticator was a small hand held device that continually generated a password every (eg 30) seconds that could be sync'd with the server.
- Now Microsoft, Google and others offer Authencators as Smart Phone Native Apps.
The following is a list of some of the Authentictors now in use.
- RSA SecurID is the original device. It came in multiple form factors.
- Symantec VIP Security Card size of a credit card.
- Symantec VIP Security Token size of a key fob.