OCRA Algorithm Explained
OCRA, or OATH challenge-response algorithm is the most reliable multi-factor authentication algorithm yet. OCRA algorithm is proved to be the safest one created by the OATH (OpenAuTHentication initiative) as it allows a challenge input to be used for one-time passcode generation alongside the secret key (seed) and a counter or time. The key difference of the challenge-response authentication algorithm from the older OATH...
Remote Work: How to Transition Team to Working From Home During the COVID-19 Pandemic
In this article, we’ve gathered everything you need to know about remote work. We share our own experiences and talk about how to organize remote access to company resources, how to protect the accounts of users who are working from home, what remote team working tools you can use for communicating and managing tasks, and how to keep in touch with your remote teams. Working remotely during the pandemic is not a mere trend....
HOTP Algorithm Explained
HOTP algorithm, or HMAC based one-time password algorithm, was first published by OATH as RFC 4226 back in 2005. What is OATH? OATH or Initiative for Open AuTHentication is an organization which specified, put together and published the OATH OTP algorithms that lie at the heart of MFA (multi-factor authentication). It is time we look closely at these algorithms, specifically — OATH-HOTP. HOTP algorithm is what allows creating one-time...
Twitter Two-Factor Authentication in Details
With over 145 million active users Twitter is widely used not only for personal entertainment but for business and political agendas too. Yet, surprisingly (or not, considering that they did admit to using phone numbers for targeting ads) Twitter has been reluctant to forgo SMS to deliver one time passwords for their 2 step verification for a very, very long time. Until finally, in November last year, they gave in and allowed for...
TOTP Tokens Protectimus Slim NFC: FAQ
The first programmable TOTP tokens Protectimus Slim NFC were released just a couple years ago. Since then, we’ve received hundreds of orders, as well as hundreds of questions about how it works, how programmable security key differs from the classic one, how to program tokens, and whether or not using this kind of OTP token is secure. In this article, I’ll explain how classic TOTP hardware token and programmable TOTP token...