A USB dongle for one-time passwords

Secret Stick

© Ivan Mikhaylov, 123RF

© Ivan Mikhaylov, 123RF

Article from Issue 107/2009
Author(s): , Author(s): , Author(s):

If you are ready to experiment, an OpenKubus USB stick just might solve your password problems.

When it comes to authenticating users, most Linux administrators rely on passwords. Of course, this causes no end of problems: If users are allowed to choose their own passwords, they are often too short and too easily guessed. If a random password generator creates the passwords, they are likely to be so complicated that users will forget them, or else the users will write down their passwords then leave the notes out in public places. Secrecy is difficult to ensure in unfamiliar environments where key loggers and shoulder surfers lurk. One-time passwords (OTPs) solve this dilemma: Because one-time passwords become invalid after one use, nobody is likely to worry about whether they are sniffed.

Password generators create lists with huge numbers of passwords and store a copy of the list on the server on which the user needs to authenticate. The idea is that the user carries a second copy of the list. For each authentication, the user and server just use the next password on the list. An example of this technique is the TAN method used by many banks for secure transfers in online banking.

When a user logs in, the system can prompt for, say, the tenth password on the list. Anybody with the password list can look up the matching password and authenticate. The disadvantage of this approach is that it is often impractical. Users need to carry the list around with them at all times; when they log on, they need to grab the list and painstakingly type the password. Of course, this technique also does not prevent the possibility that the list could fall into the wrong hands.

[...]

Use Express-Checkout link below to read the full article (PDF).

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Nitrokey Pro 2

    The Nitrokey Pro 2 is a small device that covers a wide range of cryptographic functions.

  • One-Time Passwords

    A one-time password won't compromise security if it falls in the wrong hands. OPIE and OTPW bring the safety of one-time password security to Linux.

  • Linux Secure Boot with Shim

    The Shim bootloader lets Linux users regain some control over the Secure Boot process.

  • Password Management Services Vulnerable to Attack

    Should you trust an online service to store your online passwords?

  • Ask Klaus!

    Klaus Knopper is the creator of Knoppix and co-founder of the LinuxTag expo. He currently works as a teacher, programmer, and consultant. If you have a configuration problem, or if you just want to learn more about how Linux works, send your questions to: klaus@linux-magazine.com

comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More

News