One-time password
Encyclopedia
A one-time password is a password that is valid for only one login session or transaction. OTPs avoid a number of shortcomings that are associated with traditional (static) passwords. The most important shortcoming that is addressed by OTPs is that, in contrast to static password
s, they are not vulnerable to replay attack
s. This means that, if a potential intruder manages to record an OTP that was already used to log into a service or to conduct a transaction, he or she will not be able to abuse it since it will be no longer valid. On the downside, OTPs are difficult for human beings to memorize. Therefore they require additional technology in order to work.
. This is necessary because otherwise it would be easy to predict future OTPs by observing previous ones. Concrete OTP algorithms vary greatly in their details. Various approaches for the generation of OTPs are listed below:
There are also different ways to make the user aware of the next OTP to use. Some systems use special electronic tokens that the user carries and that generate OTPs and show them using a small display. Other systems consist of software that runs on the user's mobile phone
. Yet other systems generate OTPs on the server-side and send them to the user using an out-of-band
channel such as SMS
messaging. Finally, in some systems, OTPs are printed on paper that the user is required to carry with them.
A time-synchronized OTP is usually related to a piece of hardware
called a security token
(e.g., each user is given a personal token that generates a one-time password). Inside the token is an accurate clock that has been synchronized with the clock on the proprietary authentication server
. On these OTP systems, time is an important part of the password algorithm since the generation of new passwords is based on the current time rather than, or in addition to, the previous password or a secret key. This token may be a proprietary
device, or a mobile phone
or similar mobile device which runs software that is proprietary, freeware
, or open-source. An example of time-synchronized OTP standard is TOTP
.
All of the methods of delivering the OTP below may use time-synchronization instead of algorithms.
, uses a one-way function
(call it f). The one-time password system works by starting with an initial seed s, then generating passwords
as many times as necessary. If an indefinite series of passwords is wanted, a new seed value can be chosen after the set for s is exhausted. Each password is then dispensed in reverse, with f(f(...f(s))...) first, to f(s). The S/KEY
one-time password system (and its confusingly-named derivative, OTP) are based on Lamport's scheme.
If an intruder happens to see a one-time password, he may have access for one time period or login, but it becomes useless once that period expires. To get the next password in the series from the previous passwords, one needs to find a way of calculating the inverse function
f−1. Since f was chosen to be one-way, this is extremely difficult to do. If f is a cryptographic hash function
, which is generally the case, it is (so far as is known) a computationally infeasible task.
In some mathematical algorithm schemes, it is possible for the user to provide the server with a static key for use as an encryption key, by only sending a one time password.
The use of challenge-response one-time passwords will require a user to provide a response to a challenge. For example, this can be done by inputting the value that the token has generated into the token itself. To avoid duplicates, an additional counter is usually involved, so if one happens to get the same challenge twice, this still results in different one-time passwords. However, the computation does not usually involve the previous one-time password; that is, usually this or another algorithm is used, rather than using both algorithms.
The methods of delivering the OTP which are token-based may use either of these types of algorithm instead of time-synchronization.
. Because text messaging is a ubiquitous communication channel, being available in nearly all handsets and with a large customer-base, text messaging has a great potential to reach all consumers with a low total cost to implement. However, the cost of each text messaging often for each OTP might not be suitable for some users. OTP over text messaging may also be encrypted using an A5/x standard which several hacking groups report can be successfully decrypted
within minutes or seconds, or the OTP over SMS might not be encrypted by one's service-provider at all. In addition to threats from hackers, the mobile phone operator becomes part of the trust chain. In the case of roaming, more than a single mobile phone operator has to be trusted. Anyone using this information may mount a man-in-the-middle attack. Recently Google has started offering OTP over text messages on all Google accounts. The user can either receive OTP as text message or via an automated call. Incase if the phone isn't accessible, the user can even use backup codes (up to 10) to sign-in to their accounts after signing in with their account password and then using OTP or one of the backup codes.
is starting to use a challenge-response algorithm (called "Chip Authentication Program
") for credit cards in Europe. On the other hand, in access control for computer networks, RSA Security
's SecurID
is one example of a time-synchronization type of token. Like all tokens, these may be lost, damaged, or stolen; additionally there is an inconvenience as batteries die (typically cannot plug these into a battery-charger, and this is one more battery that must be replaced, or in some cases the whole token must be replaced). A variant of the proprietary token was proposed by RSA in 2006 and was described as "ubiquitous authentication", in which RSA would partner with manufacturers to add physical SecurID
chips to devices such as mobile phones.
Recently, it has become possible to take the electronic components associated with regular keyfob OTP tokens and embed them in a credit card form factor. However, the thinness of the cards, at 0.79mm to 0.84mm thick, prevents standard components or batteries from being used. Special polymer-based batteries must be used which have a much lower battery life than coin (button) cells. Semiconductor components must not only be very flat but must minimise power used in standby and when operating. Identita and NagraID Security produce thin "display card OTP" devices.
Yubico offers a small USB token with an embedded chip that creates a OTP when a key is pressed and simulates a keyboard to facilitate easily entering a long password.
A new version of this technology has been developed that embeds a keypad into a payment card
of standard size and thickness. The card has an embedded keypad, display, microprocessor and proximity chip.
s'). Some banks even dispatch such TANs to the user's mobile phone via SMS, in which case they are called mTANs (for 'mobile TANs').
electronic token
s and SMS
messaging.
For systems that rely on electronic tokens, algorithm-based OTP generators must cope with the situation where a token drifts out-of-sync with its server if the system requires the OTP to be entered by a deadline. This leads to an additional development cost. Time-synchronized systems, on the other hand, avoid this at the expense of having to maintain a clock in the electronic tokens (and an offset value to account for clock drift
). Whether or not OTPs are time-synchronized is basically irrelevant for the degree of vulnerability, but it avoids a need to re-enter passwords if the server is expecting the last or next code that the token should be having because the server and token have drifted out-of-sync.
Use of an existing mobile device avoids the need to obtain and carry an additional OTP generator. The battery may be recharged; most small card devices do not have rechargeable, or indeed replaceable, batteries. However, most proprietary tokens have tamper-proof features.
attacks in which phishers steal OTPs by tricking customers into providing one or more OTPs that they used in the past. In late 2005 customers of a Swedish bank were tricked into giving up their one-time passwords (The Register article). In 2006 this type of attack was used on customers of a US bank (Washington Post Security Blog). Even time-synchronized OTPs are vulnerable to phishing, by two methods: The password may be used as quickly by the attacker as the legitimate user must use the OTP, if the attacker can get the OTP in plaintext
quickly enough. The other type of attack—which may be defeated if one's OTP system implements using the hash chain
as discussed above -- is that after the phisher uses this social engineering, the phisher must then use the information gained (past OTP codes which are no longer valid) to predict what OTP codes will be used in the future (e.g. an OTP password-generator that is pseudo-random rather than truly random might or might not be able to be compromised, because pseudo-random numbers are often predictable once one has the past OTP codes (see also main article
); the code
implemented in the programming of each Direct OTP or token will determine whether one is vulnerable to this type of attack.
Although OTPs are in some ways more secure than a memorized password, users of OTP systems are still vulnerable to man-in-the-middle attack
s. OTPs should therefore not be disclosed to any third parties, and using an OTP as one layer in layered security
is safer than using OTP alone; one way to implement layered security is to use an OTP in combination with a password that is memorized by the user (and never transmitted to the user, like OTPs often are). An advantage to using layered security is that a single sign-on
combined with one master password or password manager
becomes safer than using only 1 layer of security during the sign-on, and thus the inconvenience of password fatigue
is avoided if one usually has long sessions with many passwords that would need to be entered mid-session (to open different documents, websites, and applications); however, the disadvantage of using many forms of security all at once during a single sign-on is that one has the inconvenience of more security precautions during every login—even if one is logging-in only for a brief usage of the computer to access information or an application that doesn't require as much security as some other top-secret items that computer is used for. See also Related technologies, below.
(T-FA). T-FA is a form of layered security
where it is unlikely that both layers would be disabled by someone using only one type of attack. Some single sign-on
solutions make use of one-time passwords. One-time password technology is often used with a security token
.
Newer, interactive T-FA approaches, such as Duo Security's Duo Push technology and ENTERSECT Technologies' Interactive Transaction Authentication (ITA) system, attempt to close the loop where attackers could get hold of OTPs, by prompting a user on a paired mobile phone about the transaction taking place. When accepting the transaction, the message is again relayed (over GPRS or SMS technology) to the authentication server. The whole transaction is encrypted using standard Public/Private Key Encryption.
), RFC 2289 (OTP), and RFC 4226 (HOTP
).
Password
A password is a secret word or string of characters that is used for authentication, to prove identity or gain access to a resource . The password should be kept secret from those not allowed access....
s, they are not vulnerable to replay attack
Replay attack
A replay attack is a form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it, possibly as part of a masquerade attack by IP packet...
s. This means that, if a potential intruder manages to record an OTP that was already used to log into a service or to conduct a transaction, he or she will not be able to abuse it since it will be no longer valid. On the downside, OTPs are difficult for human beings to memorize. Therefore they require additional technology in order to work.
How OTPs are generated and distributed
OTP generation algorithms typically make use of randomnessRandomness
Randomness has somewhat differing meanings as used in various fields. It also has common meanings which are connected to the notion of predictability of events....
. This is necessary because otherwise it would be easy to predict future OTPs by observing previous ones. Concrete OTP algorithms vary greatly in their details. Various approaches for the generation of OTPs are listed below:
- Based on time-synchronization between the authentication server and the client providing the password (OTPs are valid only for a short period of time)
- Using a mathematical algorithm to generate a new password based on the previous password (OTPs are effectively a chain and must be used in a predefined order).
- Using a mathematical algorithm where the new password is based on a challenge (e.g., a random number chosen by the authentication server or transaction details) and/or a counter.
There are also different ways to make the user aware of the next OTP to use. Some systems use special electronic tokens that the user carries and that generate OTPs and show them using a small display. Other systems consist of software that runs on the user's mobile phone
Mobile phone
A mobile phone is a device which can make and receive telephone calls over a radio link whilst moving around a wide geographic area. It does so by connecting to a cellular network provided by a mobile network operator...
. Yet other systems generate OTPs on the server-side and send them to the user using an out-of-band
Out-of-band
The term out-of-band has different uses in communications and telecommunication. In case of out-of-band control signaling, signaling bits are sent in special order in a dedicated signaling frame...
channel such as SMS
SMS
SMS is a form of text messaging communication on phones and mobile phones. The terms SMS or sms may also refer to:- Computer hardware :...
messaging. Finally, in some systems, OTPs are printed on paper that the user is required to carry with them.
Time-synchronized
Hardware
Hardware is a general term for equipment such as keys, locks, hinges, latches, handles, wire, chains, plumbing supplies, tools, utensils, cutlery and machine parts. Household hardware is typically sold in hardware stores....
called a security token
Security token
A security token may be a physical device that an authorized user of computer services is given to ease authentication...
(e.g., each user is given a personal token that generates a one-time password). Inside the token is an accurate clock that has been synchronized with the clock on the proprietary authentication server
Server (computing)
In the context of client-server architecture, a server is a computer program running to serve the requests of other programs, the "clients". Thus, the "server" performs some computational task on behalf of "clients"...
. On these OTP systems, time is an important part of the password algorithm since the generation of new passwords is based on the current time rather than, or in addition to, the previous password or a secret key. This token may be a proprietary
Proprietary hardware
Proprietary hardware is computer hardware which is owned by the proprietor.Historically, most early computer hardware was designed as proprietary until the 1980s, when IBM PC changed this paradigm...
device, or a mobile phone
Mobile phone
A mobile phone is a device which can make and receive telephone calls over a radio link whilst moving around a wide geographic area. It does so by connecting to a cellular network provided by a mobile network operator...
or similar mobile device which runs software that is proprietary, freeware
Freeware
Freeware is computer software that is available for use at no cost or for an optional fee, but usually with one or more restricted usage rights. Freeware is in contrast to commercial software, which is typically sold for profit, but might be distributed for a business or commercial purpose in the...
, or open-source. An example of time-synchronized OTP standard is TOTP
Time-based One-time Password Algorithm
TOTP - Time-based One-time Password Algorithm is an extension of the HMAC-based One Time Password algorithm HOTP to support a time based moving factor. TOTP is an Internet Engineering Task Force standard and a cornerstone of Initiative For Open Authentication .-Applications:TOTP can be used to...
.
All of the methods of delivering the OTP below may use time-synchronization instead of algorithms.
Mathematical algorithms
Each new OTP may be created from the past OTPs used. An example of this type of algorithm, credited to Leslie LamportLeslie Lamport
Leslie Lamport is an American computer scientist. A graduate of the Bronx High School of Science, he received a B.S. in mathematics from the Massachusetts Institute of Technology in 1960, and M.A. and Ph.D. degrees in mathematics from Brandeis University, respectively in 1963 and 1972...
, uses a one-way function
One-way function
In computer science, a one-way function is a function that is easy to compute on every input, but hard to invert given the image of a random input. Here "easy" and "hard" are to be understood in the sense of computational complexity theory, specifically the theory of polynomial time problems...
(call it f). The one-time password system works by starting with an initial seed s, then generating passwords
- f(s), f(f(s)), f(f(f(s))), ...
as many times as necessary. If an indefinite series of passwords is wanted, a new seed value can be chosen after the set for s is exhausted. Each password is then dispensed in reverse, with f(f(...f(s))...) first, to f(s). The S/KEY
S/KEY
S/KEY is a one-time password system developed for authentication to Unix-like operating systems, especially from dumb terminals or untrusted public computers on which one does not want to type a long-term password. A user's real password is combined in an offline device with a short set of...
one-time password system (and its confusingly-named derivative, OTP) are based on Lamport's scheme.
If an intruder happens to see a one-time password, he may have access for one time period or login, but it becomes useless once that period expires. To get the next password in the series from the previous passwords, one needs to find a way of calculating the inverse function
Inverse function
In mathematics, an inverse function is a function that undoes another function: If an input x into the function ƒ produces an output y, then putting y into the inverse function g produces the output x, and vice versa. i.e., ƒ=y, and g=x...
f−1. Since f was chosen to be one-way, this is extremely difficult to do. If f is a cryptographic hash function
Cryptographic hash function
A cryptographic hash function is a deterministic procedure that takes an arbitrary block of data and returns a fixed-size bit string, the hash value, such that an accidental or intentional change to the data will change the hash value...
, which is generally the case, it is (so far as is known) a computationally infeasible task.
In some mathematical algorithm schemes, it is possible for the user to provide the server with a static key for use as an encryption key, by only sending a one time password.
The use of challenge-response one-time passwords will require a user to provide a response to a challenge. For example, this can be done by inputting the value that the token has generated into the token itself. To avoid duplicates, an additional counter is usually involved, so if one happens to get the same challenge twice, this still results in different one-time passwords. However, the computation does not usually involve the previous one-time password; that is, usually this or another algorithm is used, rather than using both algorithms.
The methods of delivering the OTP which are token-based may use either of these types of algorithm instead of time-synchronization.
Text messaging
A common technology used for the delivery of OTPs is text messagingText messaging
Text messaging, or texting, refers to the exchange of brief written text messages between fixed-line phone or mobile phone and fixed or portable devices over a network...
. Because text messaging is a ubiquitous communication channel, being available in nearly all handsets and with a large customer-base, text messaging has a great potential to reach all consumers with a low total cost to implement. However, the cost of each text messaging often for each OTP might not be suitable for some users. OTP over text messaging may also be encrypted using an A5/x standard which several hacking groups report can be successfully decrypted
Cryptanalysis
Cryptanalysis is the study of methods for obtaining the meaning of encrypted information, without access to the secret information that is normally required to do so. Typically, this involves knowing how the system works and finding a secret key...
within minutes or seconds, or the OTP over SMS might not be encrypted by one's service-provider at all. In addition to threats from hackers, the mobile phone operator becomes part of the trust chain. In the case of roaming, more than a single mobile phone operator has to be trusted. Anyone using this information may mount a man-in-the-middle attack. Recently Google has started offering OTP over text messages on all Google accounts. The user can either receive OTP as text message or via an automated call. Incase if the phone isn't accessible, the user can even use backup codes (up to 10) to sign-in to their accounts after signing in with their account password and then using OTP or one of the backup codes.
Mobile phones
A mobile phone keeps costs low because a large customer-base already owns a mobile phone for purposes other than generating OTPs. The computing power and storage required for OTPs is usually insignificant compared to that which modern camera-phones and smartphones typically use. Mobile tokens additionally support any number of tokens within one installation of the application, allowing a user the ability to authenticate to multiple resources from one device. This solution also provides model-specific applications to the user's mobile phone. However, a cellphone used as a token can be lost, damaged, or stolen.Proprietary tokens
EMVEMV
EMV stands for Europay, MasterCard and VISA, a global standard for inter-operation of integrated circuit cards and IC card capable point of sale terminals and automated teller machines , for authenticating credit and debit card transactions.It is a joint effort between Europay, MasterCard and...
is starting to use a challenge-response algorithm (called "Chip Authentication Program
Chip Authentication Program
thumb|right|250px|A GemAlto EZIO CAP Device Whitelabeled as Barclays PINSentryThe Chip Authentication Program is a MasterCard initiative and technical specification for using EMV banking smartcards for authenticating users and transactions in online and telephone banking. It was also adopted by...
") for credit cards in Europe. On the other hand, in access control for computer networks, RSA Security
RSA Security
RSA, the security division of EMC Corporation, is headquartered in Bedford, Massachusetts, United States, and maintains offices in Australia, Ireland, Israel, the United Kingdom, Singapore, India, China, Hong Kong and Japan....
's SecurID
SecurID
SecurID, now known as RSA SecurID, is a mechanism developed by Security Dynamics for performing two-factor authentication for a user to a network resource.- Description :...
is one example of a time-synchronization type of token. Like all tokens, these may be lost, damaged, or stolen; additionally there is an inconvenience as batteries die (typically cannot plug these into a battery-charger, and this is one more battery that must be replaced, or in some cases the whole token must be replaced). A variant of the proprietary token was proposed by RSA in 2006 and was described as "ubiquitous authentication", in which RSA would partner with manufacturers to add physical SecurID
SecurID
SecurID, now known as RSA SecurID, is a mechanism developed by Security Dynamics for performing two-factor authentication for a user to a network resource.- Description :...
chips to devices such as mobile phones.
Recently, it has become possible to take the electronic components associated with regular keyfob OTP tokens and embed them in a credit card form factor. However, the thinness of the cards, at 0.79mm to 0.84mm thick, prevents standard components or batteries from being used. Special polymer-based batteries must be used which have a much lower battery life than coin (button) cells. Semiconductor components must not only be very flat but must minimise power used in standby and when operating. Identita and NagraID Security produce thin "display card OTP" devices.
Yubico offers a small USB token with an embedded chip that creates a OTP when a key is pressed and simulates a keyboard to facilitate easily entering a long password.
A new version of this technology has been developed that embeds a keypad into a payment card
Payment card
The term payment card covers a range of different cards that can be presented by a cardholder to make a payment.-Types:Typically a payment card is backed by an account holding funds belonging to the cardholder, or offering credit to the cardholder. Payment cards can be classified into types...
of standard size and thickness. The card has an embedded keypad, display, microprocessor and proximity chip.
Web-based methods
Authentication-as-a-service providers offer various web-based methods for delivering one-time passwords without the need for tokens. One such method relies on the user’s ability to recognize pre-chosen categories from a randomly-generated grid of pictures. When first registering on a website, the user chooses several secret categories of things; such as dogs, cars, boats and flowers. Each time the user logs into the website they are presented with a randomly-generated grid of pictures. Each picture in the grid has a randomly-generated alphanumeric character overlaid on it. The user looks for the pictures that fit their pre-chosen categories and enters the associated alphanumeric characters to form a one-time access code.Paper
In some countries online banking, the bank sends to the user a numbered list of OTPs that are printed on paper. For every online transaction, the user is required to enter a specific OTP from that list. In Germany (and Austria too), those OTPs are typically called TANs (for 'transaction authentication numberTransaction authentication number
A Transaction authentication number, TAN or T.A.N. is used by some online banking services as a form of single use one-time passwords to authorize financial transactions...
s'). Some banks even dispatch such TANs to the user's mobile phone via SMS, in which case they are called mTANs (for 'mobile TANs').
Comparison of OTP implementations
The cheapest OTP solutions are those that deliver OTPs on paper, and those that generate OTPs on an existing device, without the costs associated with (re-)issuing proprietaryProprietary hardware
Proprietary hardware is computer hardware which is owned by the proprietor.Historically, most early computer hardware was designed as proprietary until the 1980s, when IBM PC changed this paradigm...
electronic token
Token
A token is an object of value, and may refer to:* In logic, computational linguistics, and information retrieval, a token is an instance of a type; see Type-token distinction...
s and SMS
SMS
SMS is a form of text messaging communication on phones and mobile phones. The terms SMS or sms may also refer to:- Computer hardware :...
messaging.
For systems that rely on electronic tokens, algorithm-based OTP generators must cope with the situation where a token drifts out-of-sync with its server if the system requires the OTP to be entered by a deadline. This leads to an additional development cost. Time-synchronized systems, on the other hand, avoid this at the expense of having to maintain a clock in the electronic tokens (and an offset value to account for clock drift
Clock drift
Clock drift refers to several related phenomena where a clock does not run at the exact right speed compared to another clock. That is, after some time the clock "drifts apart" from the other clock. This phenomenon is also used for instance in computers to build random number generators...
). Whether or not OTPs are time-synchronized is basically irrelevant for the degree of vulnerability, but it avoids a need to re-enter passwords if the server is expecting the last or next code that the token should be having because the server and token have drifted out-of-sync.
Use of an existing mobile device avoids the need to obtain and carry an additional OTP generator. The battery may be recharged; most small card devices do not have rechargeable, or indeed replaceable, batteries. However, most proprietary tokens have tamper-proof features.
OTPs versus other methods of securing data
One-time passwords are vulnerable to social engineeringSocial engineering (security)
Social engineering is commonly understood to mean the art of manipulating people into performing actions or divulging confidential information...
attacks in which phishers steal OTPs by tricking customers into providing one or more OTPs that they used in the past. In late 2005 customers of a Swedish bank were tricked into giving up their one-time passwords (The Register article). In 2006 this type of attack was used on customers of a US bank (Washington Post Security Blog). Even time-synchronized OTPs are vulnerable to phishing, by two methods: The password may be used as quickly by the attacker as the legitimate user must use the OTP, if the attacker can get the OTP in plaintext
Plaintext
In cryptography, plaintext is information a sender wishes to transmit to a receiver. Cleartext is often used as a synonym. Before the computer era, plaintext most commonly meant message text in the language of the communicating parties....
quickly enough. The other type of attack—which may be defeated if one's OTP system implements using the hash chain
Hash chain
A hash chain is the successive application of a cryptographic hash function to a piece of data. In computer security, a hash chain is a method to produce many one-time keys from a single key or password...
as discussed above -- is that after the phisher uses this social engineering, the phisher must then use the information gained (past OTP codes which are no longer valid) to predict what OTP codes will be used in the future (e.g. an OTP password-generator that is pseudo-random rather than truly random might or might not be able to be compromised, because pseudo-random numbers are often predictable once one has the past OTP codes (see also main article
Cryptographically secure pseudorandom number generator
A cryptographically secure pseudo-random number generator is a pseudo-random number generator with properties that make it suitable for use in cryptography.Many aspects of cryptography require random numbers, for example:...
); the code
Computer program
A computer program is a sequence of instructions written to perform a specified task with a computer. A computer requires programs to function, typically executing the program's instructions in a central processor. The program has an executable form that the computer can use directly to execute...
implemented in the programming of each Direct OTP or token will determine whether one is vulnerable to this type of attack.
Although OTPs are in some ways more secure than a memorized password, users of OTP systems are still vulnerable to man-in-the-middle attack
Man-in-the-middle attack
In cryptography, the man-in-the-middle attack , bucket-brigade attack, or sometimes Janus attack, is a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other...
s. OTPs should therefore not be disclosed to any third parties, and using an OTP as one layer in layered security
Layered security
Layered security, also known as layered defense, describes the practice of combining multiple mitigating security controls to protect resources and data....
is safer than using OTP alone; one way to implement layered security is to use an OTP in combination with a password that is memorized by the user (and never transmitted to the user, like OTPs often are). An advantage to using layered security is that a single sign-on
Single sign-on
Single sign-on is a property of access control of multiple related, but independent software systems. With this property a user logs in once and gains access to all systems without being prompted to log in again at each of them...
combined with one master password or password manager
Password manager
A password manager is software that helps a user organize passwords and PIN codes. The software typically has a local database or a file that holds the encrypted password data for secure logon onto computers, networks, web sites and application data files. Many password managers also work as a form...
becomes safer than using only 1 layer of security during the sign-on, and thus the inconvenience of password fatigue
Password fatigue
Password fatigue, also known as password chaos or identity chaos, is the feeling experienced by many people who are required to remember an excessive number of passwords as part of their daily routine, such as to logon to a computer at work, undo a bicycle lock or conduct banking from an ATM.The...
is avoided if one usually has long sessions with many passwords that would need to be entered mid-session (to open different documents, websites, and applications); however, the disadvantage of using many forms of security all at once during a single sign-on is that one has the inconvenience of more security precautions during every login—even if one is logging-in only for a brief usage of the computer to access information or an application that doesn't require as much security as some other top-secret items that computer is used for. See also Related technologies, below.
Related technologies
More often than not, one-time passwords are an embodiment of two-factor authenticationTwo-factor authentication
Two-factor authentication is an approach to authentication which requires the presentation of two different kinds of evidence that someone is who they say they are. It is a part of the broader family of multi-factor authentication, which is a defense in depth approach to security...
(T-FA). T-FA is a form of layered security
Layered security
Layered security, also known as layered defense, describes the practice of combining multiple mitigating security controls to protect resources and data....
where it is unlikely that both layers would be disabled by someone using only one type of attack. Some single sign-on
Single sign-on
Single sign-on is a property of access control of multiple related, but independent software systems. With this property a user logs in once and gains access to all systems without being prompted to log in again at each of them...
solutions make use of one-time passwords. One-time password technology is often used with a security token
Security token
A security token may be a physical device that an authorized user of computer services is given to ease authentication...
.
Newer, interactive T-FA approaches, such as Duo Security's Duo Push technology and ENTERSECT Technologies' Interactive Transaction Authentication (ITA) system, attempt to close the loop where attackers could get hold of OTPs, by prompting a user on a paired mobile phone about the transaction taking place. When accepting the transaction, the message is again relayed (over GPRS or SMS technology) to the authentication server. The whole transaction is encrypted using standard Public/Private Key Encryption.
Standardization
Many OTP technologies are patented. This makes standardization in this area more difficult, as each company tries to push its own technology. Standards do, however, exist -- for example, RFC 1760 (S/KEYS/KEY
S/KEY is a one-time password system developed for authentication to Unix-like operating systems, especially from dumb terminals or untrusted public computers on which one does not want to type a long-term password. A user's real password is combined in an offline device with a short set of...
), RFC 2289 (OTP), and RFC 4226 (HOTP
HOTP
HOTP is an HMAC-based One Time Password algorithm. It is a cornerstone of Initiative For Open Authentication .HOTP was published as an informational IETF RFC 4226 in December 2005, documenting the algorithm along with a Java implementation...
).
See also
- Initiative For Open AuthenticationInitiative For Open AuthenticationInitiative for Open Authentication is an industry-wide collaboration to develop an open reference architecture using open standards to promote the adoption of strong authentication...
(OATH) - One-time padOne-time padIn cryptography, the one-time pad is a type of encryption, which has been proven to be impossible to crack if used correctly. Each bit or character from the plaintext is encrypted by a modular addition with a bit or character from a secret random key of the same length as the plaintext, resulting...
(OTP) - KYPSKYPSKYPS is a free web-based service that enables users to log into websites, which usually require a username/password combination, using one-time passwords. The main difference between KYPS and similar password management technologies is that the password is never disclosed to the local computer...
(OTP system based on One-time padOne-time padIn cryptography, the one-time pad is a type of encryption, which has been proven to be impossible to crack if used correctly. Each bit or character from the plaintext is encrypted by a modular addition with a bit or character from a secret random key of the same length as the plaintext, resulting...
s) - S/KEYS/KEYS/KEY is a one-time password system developed for authentication to Unix-like operating systems, especially from dumb terminals or untrusted public computers on which one does not want to type a long-term password. A user's real password is combined in an offline device with a short set of...
- Security tokenSecurity tokenA security token may be a physical device that an authorized user of computer services is given to ease authentication...
- Two-factor authenticationTwo-factor authenticationTwo-factor authentication is an approach to authentication which requires the presentation of two different kinds of evidence that someone is who they say they are. It is a part of the broader family of multi-factor authentication, which is a defense in depth approach to security...