Two Factor Authentication
cryptoparty @hsgr
by ebal
1
How am I ?
●

http://ebalaskas.gr (blog/wiki)

●

@ebalaskas twitter/identica

●

plz interrupt during this awesome talk

...
Whats the problem ?
●

My Pin/Password is: 123456

●

My Pin/Password is: r(>X5^&3Z*;evqxJ9&=1$

●

Login Site saves passw...
What is the ideal ?
●

Different Passwords for different accounts !
–
–

●

●

●

Predefined list ?
Sync ?

Could i use so...
Do i need to use my eye ?
●

Yes and No
–

you can use biometrics but do you really want to 
put your eye/finger to a hole...
hardware

6
Plz tell me some acronyms
●

OTP

●

RFC 2289

●

OTPW

●

http://www.cl.cam.ac.uk/~mgk25/otpw.html

●

HOTP

●

RFC 4226
...
Questions ?
http://gr.linkedin.com/in/evaggelosbalaskas

8
Upcoming SlideShare
Loading in...5
×

Two-factor authentication

595

Published on

cryptoparty @hsgr

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
595
On Slideshare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
36
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Two-factor authentication"

  1. 1. Two Factor Authentication cryptoparty @hsgr by ebal 1
  2. 2. How am I ? ● http://ebalaskas.gr (blog/wiki) ● @ebalaskas twitter/identica ● plz interrupt during this awesome talk ● this presentation has only 8 pages! 2
  3. 3. Whats the problem ? ● My Pin/Password is: 123456 ● My Pin/Password is: r(>X5^&3Z*;evqxJ9&=1$ ● Login Site saves passwords cleartext or unsalted ● Login Site is not over httpS ● This isnt my PC ! ● This is a public network ● I use my android/iphone/etc 3
  4. 4. What is the ideal ? ● Different Passwords for different accounts ! – – ● ● ● Predefined list ? Sync ? Could i use something that i dont have to type ? Is it possible to use something i have and  something to type ? Is it possible the password changes automaticaly  every minute? 4
  5. 5. Do i need to use my eye ? ● Yes and No – you can use biometrics but do you really want to  put your eye/finger to a hole? ● Crypto­tokens ● ibuttons ● Smart cards (bank cards) ● Usb (yubikey) 5
  6. 6. hardware 6
  7. 7. Plz tell me some acronyms ● OTP ● RFC 2289 ● OTPW ● http://www.cl.cam.ac.uk/~mgk25/otpw.html ● HOTP ● RFC 4226 ● TOTP ● RFC 6238 A One-Time Password System ● A one-time password login package ● An HMAC-Based One-Time Password Algorithm ● Time-Based One-Time Password Algorithm ● 7
  8. 8. Questions ? http://gr.linkedin.com/in/evaggelosbalaskas 8
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×