Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Seems to last for a while (Score 1) 309

Besides the problem with wear and tear that some poeple may inflict on them, you might have a problem with the bubble keypad wearing or sticking on certain keys as you type in your PIN to get the password. The password is gotten by adding the pin modulo 10 to the currently displayed number. If you pick a PIN that is easy to add in your head then you can save on typing in the PIN.

This system is really a one time pad generated as a pseudo random sequence by the card and by the authentication server based on a common seed and starting time. The card will eventually drift out of sequence with the server and you will be required to enter some extra authentication steps to get back in sync. If you mess up with too many bad authentications, you get locked out and have to have the authentication server manually reset for your account.

Since if you know the algorithm (it's propietary with supposedly tamper resistant chips) and enough of the generated passwords, you could compromise that account, assuming you can guess the PIN before being locked out, it's a good idea not to lose or misplace the card, and to not use too trival a PIN or write it down.

Slashdot Top Deals

/* Halley */ (Halley's comment.)