Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×

Comment Seems to last for a while (Score 1) 309

Besides the problem with wear and tear that some poeple may inflict on them, you might have a problem with the bubble keypad wearing or sticking on certain keys as you type in your PIN to get the password. The password is gotten by adding the pin modulo 10 to the currently displayed number. If you pick a PIN that is easy to add in your head then you can save on typing in the PIN.

This system is really a one time pad generated as a pseudo random sequence by the card and by the authentication server based on a common seed and starting time. The card will eventually drift out of sequence with the server and you will be required to enter some extra authentication steps to get back in sync. If you mess up with too many bad authentications, you get locked out and have to have the authentication server manually reset for your account.

Since if you know the algorithm (it's propietary with supposedly tamper resistant chips) and enough of the generated passwords, you could compromise that account, assuming you can guess the PIN before being locked out, it's a good idea not to lose or misplace the card, and to not use too trival a PIN or write it down.

Slashdot Top Deals

The earth is like a tiny grain of sand, only much, much heavier.

Working...