(Page 1 of 2)   1 2  Next >

Category: Authentication » One Time Passwords

Added 2007-03-29
by Ergun Çoruh
ZippyLock is a free and extremely easy to use password management utility. Your password entries are kept in a 'private file' and nowhere else. ZippyLock uses Windows clipboard to transfer your data into forms (see the Demo at web site). When you run ZippyLock for the first time, it prompts you to create a new private file, and asks you to specify a MASTER PASSWORD. Later you will be prompted to save your private file. The private file will be stored on your hard-disk (or a USB Disk). The private file will be Triple-DES encrypted using a unique hash number generated from your MASTER PASSWORD. The hash number too will be encrypted by itself and stored in the same private file along with your encrypted passwords. Note that your MASTER PASSWORD is not stored anywhere. Your encrypted passwords are not stored anywhere other than the private file. No other auxiliary or reference information is kept in hidden places like registry, WINDOWS directory etc. Everything is stored in your private file that you control and nowhere else. In general TDES with three different keys (3TDES) has a key length of 168 bits: three 56-bit DES keys (with parity bits 3TDES has the total storage length of 192 bits), but due to the meet-in-the-middle attack the effective security it provides is only 112 bits. As of 2005, the best attack known on 3TDES requires around 232 known plaintexts, 2113 steps, 290 single DES encryptions, and 288 memory. This is not currently practical.

One-Time Password Generator
Added 2004-12-17
by Marcin Simonides
A One-Time Password Generator for Java-enabled mobile phones. The interface has been designed to minimize the number of necessary keypresses.

Added 2004-02-05
by UMich Web Team
cosign is a Web single sign on system that allows users to authenticate once per session and access any protected Web resources at the institution. If used, passwords are sent only to a single, central URL. Sessions have both idle and hard timeouts, and users can logout of all protected services by visiting a single URL. The use of public key cryptography ensures that a compromise of a protected Web server has no impact on the security of other participating servers.

Added 2003-10-22
by John ValdesJ
pilOTP is a one-time password (OTP) generator for the Palm Pilot. Key features incude RFC 1938 compliance, MD4, MD5 and SHA-1 support, and its compatible with S/KEY and OPIE.

PassGuard Framework
Added 2002-06-12
by RUAUDEL Frédéric
PassGuard Framework is a library for the PassGuard suite of programs that is used to manage numerous passwords in an encrypted file. Encryption is managed with a plugin system, which allows easy support for any kind of encrypted file.

Added 2002-06-12
by RUAUDEL Frédéric
TPassguard is designed for working with Unix systems or the Web, where you need to remember a number of passwords. This program manages passwords in an encrypted file, so that you only have to remember one. It uses the PassGuard Framework and can be interfaced with any kind of encryption via a plugin system.

Added 2002-04-23
FourEyes allows network administrators to enforce a four-eyes policy on Windows NT, 2000 and XP by requiring two users to authenticate during a local logon. FourEyes uses the existing software and hardware for authentication, so it will work with passwords, smart cards, tokens or biometrics.

Secure|Password 2002
Added 2002-02-11
by Security Storm
Secure|Password is the latest security tool in the Secure Product line. Secure|Password allows administrators, security enthusiasts, as well as home users to perform several tasks. From generating secure passwords to checking a passwords complexity, Secure|Password is a great password security suite. Users using Windows 95, Windows 98, or Windows Me are also able to recover passwords that have been cached by Windows.

Added 2001-10-22
by Craig Metz
OPIE is a freely redistributable kit that will drop into most *IX systems and replace your login and FTP daemon with versions that use OTP for user authentication. It also includes an OTP generator and a library to make it easy to add OTP authentication to existing clients and servers.

Added 2001-10-22
by ADM CreW
ADM smb is a security scanner for Samba/LAN Manager Server Message Blocks/Window Shares from the ADM CreW

Search Tools
Browse by category
Log Analysis, Host, Passwords, Network, File Integrity, PSTN, Forensics, Backdoors, Source Code
Passwords, Filesystem, Network, System, Compiler, Log Management, Usage Monitoring, Email
One Time Passwords, User Authentication, Password Management, Web, Server, Certificates, Tokens
Intrusion Detection
Network, Host, Web, Evasion
Access Control
Network, Firewall, user privileges, RPC, Bootup, File System, Applications, Mandatory Access Control, Server, X-Windows, ACLs, Privileges
Libraries, Applications
Libraries, Random Numbers, Traffic Encryption, Data Encryption, Cryptoanalysis, Steganography, E-mail
Network Monitoring
Policy Enforcement
Web Access, Email
System Security Management
Accounts, Console, Windows NT, Firewall, Configuration, Filesystem, Linux, Solaris, Monitoring
Network Utilities
Tunneling, Miscellaneous, Monitoring
Secure Deletion
Linux, FreeBSD, NT, Solaris
Hostile Code
Detection, Removal, Sandbox


Privacy Statement
Copyright 2010, SecurityFocus