Thanks all for your valuable response. Regards, Ivan
On Wed, Jul 9, 2008 at 12:57 AM, Jason Stone <[EMAIL PROTECTED]> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > > On the bright side, it should be fairly easy to write an OTP calculator >> that run on a cell phone >> > > These already exist for J2ME-enabled mobiles (which is most of them?): > > http://tanso.net/j2me-otp/ > http://otp-j2me.sourceforge.net/ > > > Systems like OPIE, where the challenge is actually issued to the user >> and not just to the user's software, require the user to have access to >> a response calculator, or to carry a sheet of precalculated responses. >> > > There exist apps (i.e., browsers, FTP clients, mailers, etc) that integrate > OPIE and can transparently respond to challenges. The user just puts in his > password, and he doesn't worry about plaintext or OPIE or whatever; the app > just does the right thing. Fetch, an FTP client for the Mac, is one such > app. > > One could argue that this encourages users to just punch in their password > and not understand if it's going to go over the wire in the clear or be used > to answer a challenge, but it's very useful when you have users who are > incapable of making such distinction in the first place and you just need to > make sure their password is secure for _your_ service. > > > -Jason > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.7 (FreeBSD) > Comment: See https://private.idealab.com/public/jason/jason.gpg > > iD8DBQFIc7+YswXMWWtptckRAoaAAJkBnis9pNHnwuXCc6zjqESrDh8zGwCfTYWC > 41JZRoD12LhIpG3QK7cfhMU= > =w11K > -----END PGP SIGNATURE----- > _______________________________________________ > [email protected] mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "[EMAIL PROTECTED] > " > _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[EMAIL PROTECTED]"
