mailing list archives
Re: Token based OTP: SafeWord or SecurID?
From: Stephen Legge <stephen () cryptocard com>
Date: 16 Nov 2000 18:48:41 -0000
There is a PIN PAD version of the SecureID in
which you type the
PIN into a keypad on the SecureID card or fob.
The PIN is
combined with the time dependent code number
shows up in the LCD in the standard version) and
factored number is displayed in the LCD. You
then type in and
send this new number to the remote prompt.
Therefore the PIN
is not sent across a communications channel in
SafeWord has similar functionality in
their 'Platinum' token, as does
Axent and CryptoCard. The SafeWord token is
interesting in that it appears
to offer the option of storing up to ten(?) distinct
host keys, including
one SecureNetKey/DES token . SNK is the DES
Challenge-Response scheme used by
Axent, and supported by Gauntlet, FWTK, and
SafeWord auth servers.
We've seen too many of the large-format tokens
destroyed by user error, so
this project is focusing on the smaller 'keyfob'
It appears that CryptoCard actually supports
entering a PIN into their keyfob
format token, even though it only has a single
button. The sales person I
spoke with couldn't give a very good description as
to how this works.
I spotted this posting and I thought I'd chime in and
hopefully clear this up for you.
The Cryptocard KeyChain Token (or KeyFob token)
does accepts pins and uses only a single button.
They way we accomplished this was quite clever (if I
do say so myself ;-).
The first pin digit gently cycles from 0 to 9 (and
also "<" for backspace, and "E" for enter). The user
simply presses the button when the required first digit
is shown. Then the second pin digit cycles the same
way. The third, the fourth, and so on.
When the full pin has been entered, the user
selects "E" to enter (or "<" to backspace).
Also, keep in mind that the use of the pin is optional
and the administrator can be easily initialize a user's
token with no pin required.
I hope this clears things up. We're very proud of our
entire line of Secure Password tokens -- and we feel
they are a better value and more cost effective than
the alternatives in the industry.
Please feel free to contact me with any questions you
have, I'd be very interested in hearing about how you
are planning to deploy a strong-authentication system!
Have a nice day,
Stephen () Cryptocard com
firewall-wizards mailing list
firewall-wizards () nfr com
- Re: Token based OTP: SafeWord or SecurID? Stephen Legge (Nov 18)