This sort of thing? http://www.emc.com/collateral/data-sheet/h9061-sid-ds.pdf
It was the subject of a major breach of its own ... Charles -----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]] On Behalf Of Paul Gilmartin Sent: Saturday, May 24, 2014 3:02 PM To: [email protected] Subject: Re: Special characters for Passwords On Sat, 24 May 2014 15:18:04 -0400, Gerhard Postpischil wrote: >... >They used an egg-shaped device (sorry, I don't recall the brand) that >generated a time-sensitive password string. It was poorly designed >(i.e., cheap) with an LCD display that was hard to read (my cats don't >read over my shoulder), and had a clock that regularly drifted out of >synchronization, necessitating a three-hour trip ... > A former employer required a device of slightly better design. It was a response to a challenge generated by the server (I think; it may have used a counter in the device, incremented at each login attempt). How is a clock any better? Or, the protocol could have started by synchronizing the clock. Within a time bracket, did it generate the same password for all users? The employer was acquired by a larger corporation that relies on password expiration. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
