1. Field of the Invention
This invention generally relates to one time password authentication devices and more particularly to using a portable device to decode encrypted passwords.
2. Background
An authentication factor is a piece of information used to verify a person's identity for security purposes. Factors are generally classified as: (a) something the user has (for example, an ID card or a security token like a mobile phone SMS token, USB token, smart card reader or One Time Password (OTP) token, etc.); (b) something the user knows (for example, a password, personal identification number (PIN), etc.); and (c) something the user is or does (for example, a fingerprint or retinal pattern, signature or voice recognition, other biometric information, etc.).
Traditional authentication schemes implement the use of passwords to authenticate users. Such “static” password schemes are comprised of one-factor authentication (i.e., the password) and are viewed as providing minimal security. One-factor authentication is therefore known as weak authentication. By contract, two-factor authentication (T-FA), also known as strong authentication, requires the use of two different factors for authentication in order to achieve a higher level of authentication assurance. T-FA systems are often used to deliver increased security for corporate networks, applications, and all forms of highly-valued information assets.
However many of the technologies required by some of the authentication factors can present certain problems like: cost, specific hardware requirements, support of specific wireless protocols where a trust pairing procedure needs to be completed in advance, and required time synchronization between the token card and the authentication service.