Stacks Image 191

One Time Password

Supporting 2 Factor Authentication

Stacks Image 196
The [One Time Password authentication system] uses a secret pass-phrase to generate a sequence of one-time (single use) passwords. With this system the user's secret pass-phrase never need to cross the network at any time such as during authentication or during pass-phrase change. Thus, it is not vulnerable to replay attacks. Added security is provided by the property that no secret information need be stored on any system, including the server being protected.

OTP is an easy to use generator for One Time Passwords. OTP supports One Time Passwords based HOTP (RFC4226), TOTP (RFC6238) and RFC2289

TOTP is gaining popularity on many mainstream web sites, since its adoption by Google ® Authenticator, and OTP will generate One Time Passwords compatible with Google ® Authenticator using its default settings for TOTP.

Server side implementations for RFC2289 One Time Passwords are readily available on the internet and included in most linux distributions. Implementing such a system can provide an additional level of security, particularly when logging into servers across the public internet.

Key features of OTP include -

  • Quickly generate One Time Password responses to appropriate challenges

  • Save regular host details to speed up the generation process

  • Copy generated response details to the clipboard

 OTP Pro

Available as an In-App purchase, OTP Pro adds the following functionality -

  • Removes the banner adds displayed in the free app

  • Custom URL scheme to allow easy sharing of RFC2289 challenges and responses