We are pleased to announce successful testing of Radiator with a range of OATH based One-Time-Password hardware tokens and soft tokens.
OATH is an open specification for One-Time-Passwords (OTP) developed by the Initiative for Open Authentication (http://www.openauthentication.org). It includes public, open specifications for event based authentication (HOTP) and time-based authentication (TOTP), both using the public and well regarded SHA encryption standards. With Event-Based tokens (HOTP), a new OTP is generated each time you press a button or activate the token. With Time-Based tokens (TOTP), a new OTP is generated automatically every 30 seconds. OATH is designed to be used on both hardware tokens (a small device you carry in your pocket which displays the OTP), and also on soft tokens (small programs which run on your mobile phone or PC). There are a number of commercial hardware tokens and both free and commercial soft tokens available from a range of vendors. Radiator RADIUS Server has supported the HOTP and TOTP specifications since very soon after their publication and a number of customers are now using them in production. Radiator's HOTP and TOTP support is flexible and highly configurable and works with any OATH compatible hard or soft token. See AuthBy SQLHOTP and AuthBy SQLTOTP modules included in the Radiator distribution. Some of the OATH compatible hardware tokens currently available include: Feitain http://www.ftsafe.com OTP C200, ORP C200, OTP C300 Tokens Vasco (http://www.casco.com) GO6 (HOTP) Event-based Token Some of the OATH compatible soft tokens currently available include: Google Authenticator for iPhone, Andrioid and Blckberry OATH Token for iPhone iOATH Token for iPhone DS3 Oath for iPhone Pledge Token for iPhone, Android, WindowsMobile, BlackBerry, JavaPhone Android Token for Android Mobile-OTP Token for JavaPhones, WindowsMobile, iPhone, Blackberry, Android iOTP Token for iPhone The Google Authenticator is particularly recommended, since it supports multiple time and event based soft tokens at the same time, and provides for secret key importing through the use of barcodes, and is available on a wide range of devices. And its free of cost! The availability of free or inexpensive OATH based soft tokens on ubiquitous devices such as iPhone, driven by the use of open specification One-Time-Password protocols means that organizations can now deploy highly secure, flexible One-Time-Password systems for much less cost than was previously possible. The days of expensive tokens that must be sourced, stocked and replaced periodically or which can get lost, broken or their batteries discharge, along with their expensive authentication software are now gone. Open System Consultants and Radiator are pleased to be involved in this revolution in secure one-time-password systems. -- Mike McCauley [email protected] Open System Consultants Pty. Ltd 9 Bulbul Place Currumbin Waters QLD 4223 Australia http://www.open.com.au Phone +61 7 5598-7474 Fax +61 7 5598-7070 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc. _______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator
