Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

One time password(otp)

About one time passwords, a method of verification in modern days.

  • Login to see the comments

One time password(otp)

  1. 1. Presented by: Saumya varshney
  2. 2. • What is password? • What is secure password? • One time password. • How OTP’s are generated? • Method to deliver OTP. • Conclusion.
  3. 3. • A password is an unpacked sequence of characters used to determine that a user requesting access to a system is really that particular user. • A password is typically somewhere between four and 16 characters, depending on how the system is set up.
  4. 4. • A password that includes uppercase letters, lowercase letters, and symbols or numbers, and is not a word found in a dictionary. Also called a strong password. • Characteristics of secure password: *use length to your advantage. *don’t use dictionary words, and form a random sequence of words or letters. *add number and symbol. *create complexity with upper and lowercase letters
  5. 5. • A one-time password (OTP) is a password that is valid for only one login session or transaction. OTPs avoid a number of shortcomings that are associated with traditional (static) passwords. In contrast to static passwords, they are not easy to replay attacks. OTPs are difficult for human beings to memorize. Therefore they require additional technology to work.
  6. 6. •OTP generation algorithms typically make use of pseudo randomness or randomness. This is necessary because otherwise it would be easy to predict future OTPs by observing previous ones. Various approaches for the generation of OTPs are:
  7. 7. • Time synchronization. • Algorithm to generate new password using previous one. • Algorithm where new password is based on challenge.
  8. 8. 1. Time synchronization: A time-synchronized OTP is usually related to a piece of hardware called a security token i.e. each user is given a personal token that generates a one- time password. An example of time- synchronized OTP standard is TOTP.
  9. 9. 2. Mathematical algorithm: we use some mathematical equations to generate random numbers used as OTP. The methods of delivering the OTP which are token-based may use either of these types of algorithm instead of time- synchronization.
  10. 10. 1. Text message: Text messaging is a everywhere available communication channel, being directly available in nearly all mobile handsets . The user can receive the OTP either as a text message or via an automated call using text-to-speech conversion. e.g.: Gmail account security key.
  11. 11. 2. Web based methods: Each time the user logs into the website they are presented with a randomly generated grid of pic alphanumeric character overlaid on it. The user looks for the pictures that fit their pre-chosen categories and enters the associated alphanumeric characters to form a one-time access code.
  12. 12. 3. Hard copy: In some countries, in online banking, the bank sends to the user a numbered list of OTPs that are printed on paper. Other thing is plastic cards with actual OTPs obscured by a layer that the user has to scratch off to reveal a numbered OTP.
  13. 13. One time password is used in most common thing that is used by locality. It has a number of advantages like “creating any Gmail account”, “recharging your phone”, ”anti-virus packages” and many more.
  14. 14. •Thank you

×