Thursday, March 4, 2010

opie keys: One-time Passwords In Everything

OPIE is the initialism of "One time Passwords In Everything". Opie is a mature, Unix-like login and password package installed on the server and the client which makes untrusted networks safer against password-sniffing packet-analysis software like dSniff and safe against Shoulder surfing. It works by circumventing the delayed attack method because the same password is never used twice after installing Opie. OPIE implements a one-time password (OTP) scheme based on S/key, which will require a secret passphrase (not echoed) to generate a password for the current session, or a list of passwords you can print and carry on your person.

OPIE uses an MD4 or MD5 hash function to generate passwords.

OPIE can restrict its logins based on IP address. It uses its own passwd and login modules.

Sources:

http://en.wikipedia.org/wiki/OPIE_Authentication_System

http://www.freebsd.org/doc/handbook/one-time-passwords.html

No comments:

Post a Comment