Along with HOTP and TOTP, OCRA is one of the algorithms for generating one-time passwords and certified by OATH. Starting with HOTP, algorithms have evolutioned for having their vulnerabilities destroyed and to get more reliable result. Then, TOTP algorithm has been introduced as a way to bound time to one-time password generation. Among the other two, OCRA algorithm is one of a kind. It is the most modernized solution with the highest reliability level. OATH challenge response algorithm is what we mean under the ‘OCRA’ abbreviation. You may try it with our Protectimus ULTRA and SMART tokens.
Overall, we can say that all three authentication algorithms - HOTP, TOTP and OCRA are something you can count on when it comes to data security issues prevention. However, every next algorithm contains new features and are overall better because of having previous versions’ weaknesses removed. OCRA is probably most secure because of its challenge response system. This algorithm is applicable in systems with the preferred asynchronous authorization. It is generally considered, that OCRA is less vulnerable in terms of malicious authentication server substitution or disalignment attacks.
OCRA token can be a hardware device or a software application that you can use or distribute among your co-workers to protect your company’s or project’s data. Today, all the information you keep secured with a static login and password can be violated by techniques, such as phishing, easily. It is essential to take care of enforcing your authorization process. One can do it by using additional feature - one-time password. OATH has delivered several algorithms for OTP generation. Challenge-response token uses one of them - an algorithm based on random server values instead of an event timer.
At Protectimus, we do our best to provide our Customers with the most secure two-factor authentication solutions. Our products are OATH certified and operate through applicable algorithms. Protectimus ULTRA is one of the products to be proud of. Actually, it does not look like a device to deliver OTPs, so no perpetrator would think to possess it. Even if someone steals your device, he would not manage using it as it is protected with a PIN. If the PIN is entered incorrectly six times, Protectimus ULTRA gets blocked. This token is extremely reliable and comes at a moderate and affordable price.
All our Protectimus tokens have been created for you to stop feeling the danger of having one’s user account hacked. Protectimus ULTRA is a challenge response token, which gives you an opportunity to test the experience of protecting your most sensitive data. Uniqueness of a challenge token implies a possibility of having a secret key set by the admin. It means no third party would know the secret key meaning. What’s more, Protectimus ULTRA supports two OATH algorithms - TOTP and OCRA. You can easily switch between them using the arrow keys on your device.