|
FreeOTP
FreeOTP is a free and open-source software token that can be used for two-factor authentication. It provides implementations of HOTP and TOTP. Tokens can be added by scanning a QR code or by manually entering in the token configuration. It is maintained by Red Hat under the Apache 2.0 license, and supports Android and iOS. FreeOTP Plus (aka FreeOTP+) is a fork of FreeOTP with enhancements including exporting and importing settings. Both are available in the F-Droid software repository. See also * Google Authenticator * LinOTP * Security token * Comparison of TOTP applications The following is a general comparison of OTP applications that are used to generate one-time passwords for two-factor authentication (2FA) systems using the time-based one-time password (TOTP) or the HMAC-based one-time password (HOTP) algorithms. ... References External links * Computer access control Authentication methods Password authentication Red Hat software {{Mobile-so ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Google Authenticator
Google Authenticator is a software-based authenticator by Google that implements two-step verification services using the Time-based One-time Password Algorithm (TOTP; specified in RFC 6238) and HMAC-based One-time Password algorithm (HOTP; specified in RFC 4226), for authenticating users of software applications. When logging into a site supporting Authenticator (including Google services) or using Authenticator-supporting third-party applications such as password managers or file hosting services, Authenticator generates a six- to eight-digit one-time password which users must enter in addition to their usual login details. Google provides Android, BlackBerry, and iOS versions of Authenticator. An official open-source fork of the Android app is available on GitHub. However, this fork has not been updated since 2020. Likewise, for old versions of the Google Authenticator apps for iOS and BlackBerry, the source code is also freely available. Yet this source code, too, has not ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Comparison Of TOTP Applications
The following is a general comparison of OTP applications that are used to generate one-time passwords for two-factor authentication (2FA) systems using the time-based one-time password (TOTP) or the HMAC-based one-time password (HOTP) algorithms. Authenticated implementations See also * Password manager * List of password managers The list below includes the names of notable password managers with dedicated Wikipedia articles. Summary information Features See also * Password manager * Password fatigue Password fatigue is the feeling experienced by many people who ... References {{Use dmy dates, date=March 2023 Computer access control Authentication methods Password authentication ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Time-based One-time Password Algorithm
Time-based one-time password (TOTP) is a computer algorithm that generates a one-time password (OTP) that uses the current time as a source of uniqueness. As an extension of the HMAC-based one-time password algorithm (HOTP), it has been adopted as Internet Engineering Task Force (IETF) standard . TOTP is the cornerstone of Initiative for Open Authentication (OATH), and is used in a number of two-factor authentication (2FA) systems. History Through the collaboration of several OATH members, a TOTP draft was developed in order to create an industry-backed standard. It complements the event-based one-time standard HOTP, and it offers end user organizations and enterprises more choice in selecting technologies that best fit their application requirements and security guidelines. In 2008, OATH submitted a draft version of the specification to the IETF. This version incorporates all the feedback and commentary that the authors received from the technical community based on the prior v ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
One-time Password
A one-time password (OTP), also known as a one-time PIN, one-time authorization code (OTAC) or dynamic password, is a password that is valid for only one login session or transaction, on a computer system or other digital device. OTPs avoid several shortcomings that are associated with traditional (static) password-based authentication; a number of implementations also incorporate two-factor authentication by ensuring that the one-time password requires access to ''something a person has'' (such as a small keyring fob device with the OTP calculator built into it, or a smartcard or specific cellphone) as well as ''something a person knows'' (such as a PIN). OTP generation algorithms typically make use of pseudorandomness or randomness to generate a shared key or seed, and cryptographic hash functions, which can be used to derive a value but are hard to reverse and therefore difficult for an attacker to obtain the data that was used for the hash. This is necessary because otherwise ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Time-based One-time Password Algorithm
Time-based one-time password (TOTP) is a computer algorithm that generates a one-time password (OTP) that uses the current time as a source of uniqueness. As an extension of the HMAC-based one-time password algorithm (HOTP), it has been adopted as Internet Engineering Task Force (IETF) standard . TOTP is the cornerstone of Initiative for Open Authentication (OATH), and is used in a number of two-factor authentication (2FA) systems. History Through the collaboration of several OATH members, a TOTP draft was developed in order to create an industry-backed standard. It complements the event-based one-time standard HOTP, and it offers end user organizations and enterprises more choice in selecting technologies that best fit their application requirements and security guidelines. In 2008, OATH submitted a draft version of the specification to the IETF. This version incorporates all the feedback and commentary that the authors received from the technical community based on the prior v ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Red Hat
Red Hat, Inc. is an American software company that provides open source software products to enterprises. Founded in 1993, Red Hat has its corporate headquarters in Raleigh, North Carolina, with other offices worldwide. Red Hat has become associated to a large extent with its enterprise operating system Red Hat Enterprise Linux. With the acquisition of open-source enterprise middleware vendor JBoss, Red Hat also offers Red Hat Virtualization (RHV), an enterprise virtualization product. Red Hat provides storage, operating system platforms, middleware, applications, management products, and support, training, and consulting services. Red Hat creates, maintains, and contributes to many free software projects. It has acquired several proprietary software product codebases through corporate mergers and acquisitions and has released such software under open source licenses. , Red Hat is the second largest corporate contributor to the Linux kernel version 4.14 after Intel. On Octob ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Authentication Methods
Authentication (from ''authentikos'', "real, genuine", from αὐθέντης ''authentes'', "author") is the act of proving an assertion, such as the identity of a computer system user. In contrast with identification, the act of indicating a person or thing's identity, authentication is the process of verifying that identity. It might involve validating personal identity documents, verifying the authenticity of a website with a digital certificate, determining the age of an artifact by carbon dating, or ensuring that a product or document is not counterfeit. Methods Authentication is relevant to multiple fields. In art, antiques, and anthropology, a common problem is verifying that a given artifact was produced by a certain person or in a certain place or period of history. In computer science, verifying a user's identity is often required to allow access to confidential data or systems. Authentication can be considered to be of three types: The first type of auth ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Computer Access Control
In computer security, general access control includes identification, authorization, authentication, access approval, and audit. A more narrow definition of access control would cover only access approval, whereby the system makes a decision to grant or reject an access request from an already authenticated subject, based on what the subject is authorized to access. Authentication and access control are often combined into a single operation, so that access is approved based on successful authentication, or based on an anonymous access token. Authentication methods and tokens include passwords, biometric scans, physical keys, electronic keys and devices, hidden paths, social barriers, and monitoring by humans and automated systems. Software entities In any access-control model, the entities that can perform actions on the system are called ''subjects'', and the entities representing resources to which access may need to be controlled are called ''objects'' (see also Access Control ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Security Token
A security token is a peripheral device used to gain access to an electronically restricted resource. The token is used in addition to or in place of a password. It acts like an electronic key to access something. Examples of security tokens include wireless keycards used to open locked doors, or in the case of a customer trying to access their bank account online, bank-provided tokens can prove that the customer is who they claim to be. Some security tokens may store cryptographic keys that may be used to generate a digital signature, or biometric data, such as fingerprint details. Some may also store passwords. Some designs incorporate tamper resistant packaging, while others may include small keypads to allow entry of a PIN or a simple button to start a generating routine with some display capability to show a generated key number. Connected tokens utilize a variety of interfaces including USB, near-field communication (NFC), radio-frequency identification (RFID), or Bluetoo ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
LinOTP
LinOTP is Linux-based software to manage authentication devices for two-factor authentication with one time passwords. It is implemented as a web service based on the python framework Pylons. Thus it requires a web server to run in. LinOTP is mainly developed by the German company KeyIdentity GmbH. Its core components are licensed under the Affero General Public License. It is an open source authentication server certified by the OATH initiative for open authentication for its 2.4 version. Overview As a web service LinOTP provides a REST-like web API. All functions can be accessed via Pylons controllers. Responses are returned as a JSON object. LinOTP is designed in a modular way enabling user store modules and token modules. Thus it is capable of supporting a wide range of different tokens. Features * Supported tokens: :* SafeNet eToken Pass :* SafeNet Safeword Alpine :* mOTP :* Lost token :* Paper token :* Feitian C-100 (HOTP) :* Feitian C-200 (TOTP) :* Feit ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
F-Droid
F-Droid is an app store and software repository for Android, serving a similar function to the Google Play store. The main repository, hosted by the project, contains only free and open source apps. Applications can be browsed, downloaded and installed from the F-Droid website or client app without the need to register for an account. "Anti-Features" such as advertising, user tracking, or dependence on non-free software are flagged in app descriptions. The website also offers the source code of applications it hosts, as well as the software running the F-Droid server, allowing anyone to set up their own app repository. History F-Droid was founded by Ciaran Gultnieks in 2010. The client was forked from Aptoide's source code. The project was initially run by the English nonprofit F-Droid Limited. As of 2021, F-Droid Limited was no longer used for donations, and was being shut down, according to spokesman Hans-Cristoph Steiner. In a 2014 interview for Free Software Foundatio ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
QR Code
A QR code (an initialism for quick response code) is a type of matrix barcode (or two-dimensional barcode) invented in 1994 by the Japanese company Denso Wave. A barcode is a machine-readable optical label that can contain information about the item to which it is attached. In practice, QR codes often contain data for a locator, identifier, or tracker that points to a website or application. QR codes use four standardized encoding modes (numeric, alphanumeric, byte/binary, and kanji) to store data efficiently; extensions may also be used. The quick response system became popular outside the automotive industry due to its fast readability and greater storage capacity compared to standard UPC barcodes. Applications include product tracking, item identification, time tracking, document management, and general marketing. A QR code consists of black squares arranged in a square grid on a white background, including some fiducial markers, which can be read by an imaging device suc ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
.svg "Click for more on -> Red Hat"){kind=logo}
