Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 4:45 pm

All times are UTC + 1 hour

Post new topic Reply to topic  [ 1 post ] 
Author Message
PostPosted: Tue May 13, 2008 1:26 am 

Joined: Tue May 13, 2008 12:24 am
Posts: 49
Q: There are several types of OTP tokens out there. Which is the YubiKey?

A: Many OTP solutions today depend on time-synchronized tokens and verification service. Since each OTP is valid for only a limited time, this solution adds higher protection against phishing. Unfortunately the synchronization process is difficult to administer and out-of-synch tokens add frustration for users.

Other OTP solutions depend on a incremental internal sequence counter as the basis for the OTP generation. In this case an OTP does not expire, and thus the risks are higher, but at the same time it is generally an easier system to administer than time-based tokens.

YubiKeys combine the best of these two approaches. There is no need for the YubiKey tokens to be synchronized to a common server time. Each token has an internal sequence counter that is partly driven by its internal clock. YubiKey's unique design ensures that this counter is part of the generated OTP, so the system in effect lets the service check synchronization at the OTP validation time.

Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 1 post ] 

All times are UTC + 1 hour

Who is online

Users browsing this forum: No registered users and 4 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group