One time password simply means that each time you press the button on the Yubikey, a new "password" is generated. All passwords generated by the Yubikey can be authenticated and verified by the server.
As far as how this works, without going too in-depth, the "password" generated by the Yubikey is an encrypted string containing a device id, some other information which can be used to authenticate the user, and some randomness. A server then can verify that password provided is genuine by decrypting the string and making sure the device id is associated with the user. One time passwords are generally used as a second factor in multifactor authentication system. In other words to login to a system using the Yubikey a user will need something they know, their username and password, as well as something they have, their Yubikey. -- ____________________________ Sean O'Connor http://seanoc.com _______________________________________________ Mid-Hudson Valley Linux Users Group http://mhvlug.org http://mhvlug.org/cgi-bin/mailman/listinfo/mhvlug Upcoming Meetings (6pm - 8pm) MHVLS Auditorium Jun 4 - Sqeak! and eToys Jul 2 - KVM (Tenative) Aug 6 - Zenos Sep 3 - TBD
