Mobile-One-Time-Password for Wondows Phone 7
(Description taken from: http://motp.sourceforge.net/)
Mobile-OTP was introduced in 2003. As of 2010 there are more than 30 independent implementations of the Mobile-OTP algorithm making it a de facto standard for strong mobile authentication. See Add-Ons and Links for various contributions to the project.
How it's done
The MIDlet generates one time passwords by hashing the following data with MD5:
1. the current epoch-time in a 10 second granularity
2. the 4-digit PIN that a user enters
3. a 16-hex-digit secret that has been created when the device was initialized
When entering a PIN, the MIDlet displays the first 6 digits of the MD5-hash. This is the one time password. The password can be verified by the server, as the server also knows the current time, Init-Secret and PIN of the user. To compensate time differences, the server will accept passwords from 3 minutes in the past to 3 minutes in the future. In addition, different time offsets can be specified for each user on the token and/or the server. Each password will be accepted only once. After 8 successive failed authentication attempts a user gets locked out.
Authentication is based on two factors: a PIN known by the user and the Init-Secret stored on the mobile device.
More info / Source
Rated by 2 people
960 KB Installed
395 KB Download
- English (All)
QR Code Link
Scan with Bing Vision to Download:
Share and Comments