Abstract

One-time password (OTP) systems, or one-time passwords, are an authentication method in which the user is provided with a password that is active only for one login session or transaction in an information system. Currently, the systems are not implemented in their pure form, but are one of the components in multi-factor authentication systems. Despite its widespread use in the financial sector, a one-time password does not guarantee secure login authentication.

Highlights

  • The human factor continues to be one of the fundamental threats in the modern information system model

  • Despite the fact that multifactor authentication technologies should increase the authenticity of user authentication in the information system, attackers deceiving the One-time password (OTP) system password received full access to the system, the attack scheme is shown in Figure 1 [4]

  • OTP systems in their pure form, with rare exceptions, have left the market, but at the same time they are widely used as a second method of authentication in multi-factor authentication systems

Read more

Summary

Introduction to authentication problems in corporate systems

The human factor continues to be one of the fundamental threats in the modern information system model. The traditional mechanism for ensuring password strength in an organization is the organization's password policy, which involves a number of organizational and technical measures designed to strengthen password protection. These methods include applying requirements for complex password complexity, applying requirements for password uniqueness, determining the password lifetime, and so on. The process is similar to the technology of using a classic cipher block, in which a new encoding sequence is used for each encryption transaction. One Time Password ) and is described in RFC 2289 .OTP ( One Time Password ) technology allows the user to use only one permanent password to log in to the information system [1]

OTP technology implementation principles
Implementation of attacks on OTP systems using social engineering methods
Conclusions
Full Text
Paper version not known

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
QR 코드를 이용한 모바일 이중 전송 OTP 시스템
Se Hyeon Seo ... Hwang Kyu Choi
The Journal of Korea Information and Communications Society | VOL. 38B
Se Hyeon Seo, et. al.Se Hyeon Seo ... Hwang Kyu Choi
31 May 2013
OPA: a one-time password system
J.A Harris
-
J.A HarrisJ.A Harris
10 Dec 2002
Secured 6-Digit OTP Generation using B-Exponential Chaotic Map
Rasika Naik ... Udayprakash Singh
International Journal of Advanced Computer Science and Applications | VOL. 12
Rasika Naik, et. al.Rasika Naik ... Udayprakash Singh
01 Jan 2020
OTP on Demand - An Embedded System for User Authentication
Siva Janakiraman ... Sundararaman Rajagopalan
-
Siva Janakiraman, et. al.Siva Janakiraman ... Sundararaman Rajagopalan
01 Jan 2018
View more papers

More From: E3S Web of Conferences

Paper Title
Journal
Date
Author
Optimization of parameters and operating modes of the unit for preparing soil for planting rice in Burundi
Angelos Niyomuvunyi ... I Kovalev
E3S Web of Conferences | VOL. 486
Angelos Niyomuvunyi, et. al.Angelos Niyomuvunyi ... I Kovalev
01 Jan 2024
Organisational and technological reliability of pile foundation construction flow in permafrost
Igor Stoyanov ... Y.A Laamarti
E3S Web of Conferences | VOL. 535
Igor Stoyanov, et. al.Igor Stoyanov ... Y.A Laamarti
01 Jan 2024
Targeted generative adversarial network (TWGAN-GP)-based emotion recognition of ECG signals
Wutong Wei ... M Li
E3S Web of Conferences | VOL. 522
Wutong Wei, et. al.Wutong Wei ... M Li
01 Jan 2024
Comprehensive Assessment of Land Requirements for 100% Solar Energy Transition in Smart Cities
Girija Shankar Sahoo ... Ratish Sharma
E3S Web of Conferences | VOL. -
Girija Shankar Sahoo, et. al.Girija Shankar Sahoo ... Ratish Sharma
01 Jan 2024
View more papers