Skip to content

Instantly share code, notes, and snippets.

View danbev's full-sized avatar
🖥️
Studying AI

Daniel Bevenius danbev

🖥️
Studying AI
View GitHub Profile
@cvasilak
cvasilak / gist:4286866
Created December 14, 2012 16:53
AeroGear and OTP

AeroGear and OTP

If you happen to use online banking systems, certainly you will have come across small security devices that provide you with an extra password during your login process. That is, in addition to your standard username/password combination, you are asked to provide an extra password, the so called "One Time Password" (OTP). That has two effects a) the bank can verify that you are the actual person making the transaction because of the possession of this device that only you can have, the so called possession factor in the two-factor authentication system and b) prevents replay attacks cause the password is only valid for a limited amount of time. This generation of the OTP password can either be done using a hardware device (hardware token) as we described earlier or with the help of a mobile application running on a smartphone (softwar