Web Hosting How-Tos

  Home arrow Web Hosting How-Tos arrow One-time Passwords - Tight Security fo...
Web Hosting Articles  
Web Hosting FAQs  
Web Hosting How-Tos  
Web Hosting News  
Web Hosting Reviews  
Web Hosting Security  
Weekly Newsletter 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us 
Contact Us 
Site Map 
Privacy Policy 
  >>> SIGN UP!  
  Lost Password? 

One-time Passwords - Tight Security for Sensitive Data and Responsible Users
By: Blue Moon
  • Search For More Articles!
  • Disclaimer
  • Author Terms
  • Rating: 5 stars5 stars5 stars5 stars5 stars / 9

    Table of Contents:
  • One-time Passwords - Tight Security for Sensitive Data and Responsible Users
  • What Exactly is OTP?
  • OTP and Web Hosting
  • Where on the Web is OTP?

  • Rate this Article: Poor Best 
      Del.ici.ous Digg
      Blink Simpy
      Google Spurl
      Y! MyWeb Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article




    One-time Passwords - Tight Security for Sensitive Data and Responsible Users

    (Page 1 of 4 )

    Online security is an issue for every business on the Web, and this is doubly true for Web hosters. Passwords have become the common coin for authenticating users, but they have some serious weaknesses. What can a concerned company do? One time passwords (OTP) offer an alternative.

    With the advance of technology, hackers' attacks become more and more difficult to prevent, and the damage they can do is considerable. It has often been said that the main reason for most security breaches is not that hackers are so clever, but that security technology lags so far behind or is so improperly implemented that it does not require special skills to break.

    One of the cornerstones of today's security is the password. It is not news that, while passwords still pose at least a minor obstacle for hackers, they are not something one can rely on to protect sensitive data. Why? The long list of reasons includes:

    • passwords can be guessed (this applies not only to weak passwords that can be discovered using a simple dictionary attack; often, passwords used include the user's name, their nickname, their spouse's name, and so forth).

    • passwords can be stolen (network sniffers or a simple keylogger can capture even the most difficult-to-guess password).

    • a password can be learned in a legitimate way and re-used by an abuser (even encrypted passwords are vulnerable when stored locally -- not to mention the security risks associated with storing them in plain text).

    It is still true that the majority of users are not aware of the risks associated with using passwords for accessing sensitive data. Very often users write their “secret” passwords on a post-it note which they then stick on their monitor, or tell them to their friends and colleagues. And even when users act more responsibly, sensitive data is far from safe with passwords (encrypted or not).

    Despite all the weaknesses of passwords, they are still widely used as the only means for authentication in almost everything – from e-commerce, to Virtual Private Networks (VPNs), to logging into company intranets. Even when the transaction itself is encrypted, sensitive data is still not safe because abusers can simply steal the password and impersonate the victim, charging his or her account with hundreds or thousands of dollars, or binding him or her to activities he or she has never done. News about identity theft and other scams on the Web has been reported frequently for the last decade, and one starts wondering if this will ever change.

    Yes, it is going to change simply because it cannot stay the way it is now. New security products and technologies are constantly being developed and implemented. One of these technologies is called One-Time Passwords (OTP). OTP is often implemented together with hardware tokens and is also known as Two-Factor Authentication. But due to its relative difficulty to use, and in some cases its high cost, it is still not the standard.

    More Web Hosting How-Tos Articles
    More By Blue Moon


    - Phishing Scams: An Overview and How to Detec...
    - Tips for Safe Downloading Online
    - How To Avoid Spam
    - How to Get Into Ethical Hacking
    - How to Prevent Drive-by Downloads
    - Facebook Timeline Tips and Tricks
    - How to Keep Up with Facebook`s Changes
    - Wi-Fi Network Security Tips
    - Tips for Safe Online Holiday Shopping
    - Facebook Privacy: Keeping Up with the Const...
    - Tips for Facebook Privacy
    - How to Cover Your Tracks on the Web
    - SSH Keys for FileZilla and Putty in Cpanel
    - How to Create a Filezilla FTP User
    - How to Install FileZilla Server

    Developer Shed Affiliates


    © 2003-2019 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap