One-Time Password Authenticator

From MgmtWiki
Revision as of 09:59, 22 May 2021 by Tom (talk | contribs) (Problem)

Jump to: navigation, search

Full Title or Meme

Authenticators are devices in the user possession that can generate a one-time password.


  • Security Dynamics invented and patented the "Time-Based One-Time Password Algorithm" which has since come off-patent and standardized as RFC 6238 in May 2011.


  • Give users a hand-held device that can generate password for access to secure accounts.
  • All of the security is in the place that generates the OTP. The secret key if a very high-value target and has been hacked at is source from the beginning. [1]


  • The original Security Dynamics (later RSA, now Dell) Authenticator was a small hand held device that continually generated a password every (eg 30) seconds that could be sync'd with the server.
  • Now Microsoft, Google and others offer Authencators as Smart Phone Native Apps.

The following is a list of some of the Authentictors now in use.

  1. RSA SecurID is the original device. It came in multiple form factors.
  2. Symantec VIP Security Card size of a credit card.
  3. Symantec VIP Security Token size of a key fob.
  4. Feitian MultiPass FIDO Security Key
  5. Google Authenticator Native App


  1. Andy Greenberg The Full Story of te Stunning RSA Hack can Finally be Told World (2021-05-20)