On Wednesday 25 March 2009 14:25:30 Robert G. Brown wrote: > in fact, to me it seems to be less > secure, because it is at least partially keyed and there seems to be no > point in having a key if you're going to carry a table of shared secrets > around with you.
Well, I think that the point of otpw is indeed to use OTPs which are made of a password prefix and a generated key suffix. So each time you log on, it requires something you know (the password), and something you have (the generated key on paper). It seems much more secure to me than say the traditional OPIE or S/KEY, as those only use the generated keys list to authenticate. And moreover, in those traditional schemes, the generated keys are deduced from each other, so that if you know the last one, you can basically regenerate the whole list. Cheers, -- Kilian _______________________________________________ Beowulf mailing list, [email protected] To change your subscription (digest mode or unsubscribe) visit http://www.beowulf.org/mailman/listinfo/beowulf
