Register

Forgot Password

Site FAQ

Home > IT Blogs > Irregular Expressions > Protecting online banking – Part 3

Irregular Expressions

Jan 23 2012 1:08AM GMT

Protecting online banking – Part 3

Posted by: Dan O'Connor

My personal choice would be a OTP ( One Time Pad ) setup.

The setup should be fairly simple;

Create a system to create random sets of 8 ( or more ) character pads, they should be random but careful to make it easy for users to separate 0 and O. Maybe only upper and lower case with no numbers?
These should not be guessable or form any sort of pattern, so maybe use a hashing function. Just don’t hash 1, 2, 3, 4.
When creating the pad one copy is associated with the user and stored as part of the authentication system and the other is handed off.
The system should know when a user is nearing the end of the current pad and prompt for the creation of the next.

Comment

RSS Feed

Leave a comment:

Community Blog | About Us | Contact Us | FAQ | Terms of Use | DMCA Policy

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organization's IT projects - with its network of technology-specific Web sites, events and magazines.
All Rights Reserved, Copyright 1999-2013, TechTarget | Read our Privacy Policy
Questions and Answers Index 1 | Questions and Answers Index 2 | IT Topics Index 1 | IT Topics Index 2 | Blogs Index | Blogs Tags