gOTP: OTP generator for iPhone |
Tweet
|
|
With the gOTP experimental application, Safelayer proposes a new mechanism based on one-time passwords generated from graphical passwords that are far more secure and easy to use. Download the application from AppStore. You can use it as an authentication mechanism at Safelayer Sandbox's Semantic Web Trust Portal (remember that you must register and set a graphical password). As the criticality of the online systems and the data they store has increased, more secure and robust authentication mechanisms have been developed. The most common authentication mechanism is still, however, username and password, which is a low-security mechanism vulnerable to different attacks, ranging from social engineering to brute-force attacks. gOTP is an iPhone application that generates one-time passwords. To activate the application, instead of using a traditional password containing alphanumeric characters, a graphical password made up of a minimum of four different images is used. gOTP uses this graphical password in combination with the HOTP algorithm (RFC 4226) to generate a one-time password. This temporary password can be used to access the experimental applications of Semantic Web Trust Portal in Safelayer Sandbox.
Click the image below to learn how to configure your graphical password and iPhone application.
Click the image below to see how to use gOTP to authenticate at the Semantic Web Trust Portal.
When establishing the graphical password, the user chooses the theme of the images to be used. As these themes are known only to the server and the user, the risk of phishing is reduced as the user can easily detect this kind of attack where a fraudulent server displays unexpected images. This work was co-funded by the Spanish government's Center for the Development of Industrial Technology (CDTI, Centro para el Desarrollo Tecnológico Industrial) as part of the SEGUR@ project, reference CENIT-2007 2004 of the CENIT program (part of the INGENIO 2010 initiative). gOTP Manager lets you configure a graphical password both for gOTP application and for Semantic Web Trust Portal. Use it also to link your iPhone to your Semantic Web Trust Portal account.
|
