[lug] onetime login / rotating passwords - avoiding keyboard sniffers

Bear Giles bgiles at coyotesong.com
Wed Apr 23 19:14:36 MDT 2003


John Hernandez wrote:
> On Wednesday 23 April 2003 05:17 pm, Eric Peers wrote:
> 
>>Is s-key the login method I'm looking for?
> 
> Yes, S/Key or OPIE would work for OTP schemes.  In your case, you should not 
> generate new passwords on the untrusted (potentially keystroke-monitored) 
> machine -- you'll need to carry a password list for it to be secure.

You can also find S/Key calculators for PDAs.  I ported one to 
PalmOS years ago, as have others.

(I haven't touched mine in years, so I don't know if it will run 
under the latest PalmOS).





More information about the LUG mailing list