Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



WebApp Sec: Re: outlook web access authentication

Re: outlook web access authentication

From: Andy Steingruebl <steingra_at_gmail.com>
Date: Fri, 11 Jul 2008 06:30:10 -0700

Sorry to reply to my own post, but I suppose there isn't technically
any reason you can't write this yourself. You need a way to deliver
SMS messages, a good PRNG, and storage for them.

A user signs up and registers their mobile.
You generate an OTP for them, store it, and SMS it to them
They enter it after receiving it on their phone within XX minutes.

The vendors I mentioned offer packages for doing this....

On Fri, Jul 11, 2008 at 6:26 AM, Andy Steingruebl <steingra_at_gmail.com> wrote:
> There are a number of companies that specialize in doing
> one-time-passwords with SMS as a delivery channel. It might be a good
> fit. I'm fairly certain Verisign does this for their tokens. I think
> Arcot does this as well.
>
> - Andy
>
> On Thu, Jul 10, 2008 at 9:31 PM, charlesparker <alyosha.kumar_at_gmail.com> wrote:
>>
>> I'm looking for a 2-factor authentication solution for Outlook Web Access.
>> I'd like to avoid certificates and tokens, and it would be great if the
>> solution were out of band. Any suggestions?
>> --
>> View this message in context: http://www.nabble.com/outlook-web-access-authentication-tp18396603p18396603.html
>> Sent from the Web App Security mailing list archive at Nabble.com.
>>
>>
>> -------------------------------------------------------------------------
>> Sponsored by: Watchfire
>> Methodologies & Tools for Web Application Security Assessment
>> With the rapid rise in the number and types of security threats, web application security assessments should be considered a crucial phase in the development of any web application. What methodology should be followed? What tools can accelerate the assessment process? Download this Whitepaper today!
>>
>> https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
>> -------------------------------------------------------------------------
>>
>>
>
>
>
> --
> Andy Steingruebl
> steingra_at_gmail.com
> 

-- 
Andy Steingruebl
steingra_at_gmail.com
-------------------------------------------------------------------------
Sponsored by: Watchfire 
Methodologies & Tools for Web Application Security Assessment 
With the rapid rise in the number and types of security threats, web application security assessments should be considered a crucial phase in the development of any web application. What methodology should be followed? What tools can accelerate the assessment process? Download this Whitepaper today! 
https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
-------------------------------------------------------------------------
Received on Jul 11 2008
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos