OTP TOKEN-KingKey 20001,size:5.5cm*2.5cm*0.9cm2,Time-based or Event-based;3,Time-based: 60seconds/30seconds/20seconds renew one OTP4,Waterproof is good, can be put on the glasses in 10 minutes5,3rd floor, not dropped from the break6,The appearance of fine fashion, as the key, size, and the key to almostOne-time password server introduceCan run on the following operating systems: Windows 2000/Windows 2003 Server/Windows 2008/Windows XP Linux Unix and so on.Support the following database: SQL Server 2000/SQL Server 2005/SQL Server 2008 Oracle MySQL and so on.Provides the following development interface: Radius interface API interface, include C&C++/VB/JAVA/PB/DELPHI/ASP/JSP/PHP,and so on.Standard SupportOATH based, The detail please refer ietf standards RFC 4226 (Read RFC4226)1.What is OTP TOKENOne-time password (OTP) is a password that is only valid for a single login sessionor transaction. OTPs avoid a number of shortcomings that are associated withtraditional (static) passwords. The most important shortcoming that is addressedby OTPs is that, in contrast to static passwords, they are not vulnerable to replayattacks. This means that, if a potential intruder manages to record an OTP that wasalready used to log into a service or to conduct a transaction, he will not be ableto abuse it since it will be no longer valid. On the downside, OTPs cannot be memorizedby human beings. Therefore they require additional technology in order to work.2.How OTP are generated and distributed:OTP generation algorithms typically make use of randomness. This is necessarybecause otherwise it would be easy to predict future OTPs from observing previousones. Concrete OTP algorithms vary greatly in their details. Various approaches forthe generation of OTPs are listed below.A. Time-Based OTP: Based on time-synchronization between the authenticationserver and the client providing the password (OTPs are valid only for a shortperiod of time)B. Event-Based OTP: Based on event-synchronization between the authenticationserver and the client providing the password (OTPs are valid only for thesame event)C. Challenge-Response OTP: The OTP general will be based the Challengeinformation.There are also different ways to make the user aware of the next OTP to use. Somesystems consist of software that runs on the user's mobile phone,some systemsgenerate OTPs on the server-side and send them to the user using an out-of-bandchannel such as SMS messaging. Finally, in some systems, OTPs are printed on paperthat the user is required to carry with.
