Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Comment Seems to last for a while (Score 1) 309

Besides the problem with wear and tear that some poeple may inflict on them, you might have a problem with the bubble keypad wearing or sticking on certain keys as you type in your PIN to get the password. The password is gotten by adding the pin modulo 10 to the currently displayed number. If you pick a PIN that is easy to add in your head then you can save on typing in the PIN.

This system is really a one time pad generated as a pseudo random sequence by the card and by the authentication server based on a common seed and starting time. The card will eventually drift out of sequence with the server and you will be required to enter some extra authentication steps to get back in sync. If you mess up with too many bad authentications, you get locked out and have to have the authentication server manually reset for your account.

Since if you know the algorithm (it's propietary with supposedly tamper resistant chips) and enough of the generated passwords, you could compromise that account, assuming you can guess the PIN before being locked out, it's a good idea not to lose or misplace the card, and to not use too trival a PIN or write it down.

Slashdot Top Deals

If God had not given us sticky tape, it would have been necessary to invent it.