Security of One Time Passwords (OTP)
Category : Uncategorized
One time passwords are short numeric strings of a fixed length. Each time you want to log on somewhere with OTP, the string you enter will be different. The OTP string would change with the time or after each time you use one OTP value.
If you ask whether OTP is more secure than passwords, people may say different things. Their answers would depend on what aspects of security they talk about.
There are at least three main types of attacks that are worth mentioning and OTP is not always the more secure option.
Guessing – OTP is easier to guess compared to “good” passwords. A good password is longer than 6 characters (the length of OTP codes) and it shouldn’t be in any dictionary.
Eavesdropping – OTP is much better is it can’t be re-used. If someone eavesdrops your OTP code, they have either use it straight-away or it becomes useless. The attackers will have to disconnect you, or pretend that your OTP was wrong. They can logon instead of you, if they succeed to do that.
Server hacking – password databases are harder to hack than server databases for OTP. However improbably it sounds, that’s the truth. Passwords are stored as “hash” values and one has to find the correct password – basically by guessing.
OTP passwords must contain plain-text secrets for computing OTP codes. These secrets can be hacked without any computational effort and exploited, re-sold, … pretty much straight-away.
However, stolen OTP database is only useful for the given server while stolen passwords can be tested against many other servers and services you may use. After all, most of us will use just a handful of passwords for anything we want to do on the internet.
Protecting OTP server
The weakest point of OTP systems is security of secrets stored on servers. If you want to make this better, you will have to either:
- store OTP secrets elsewhere – somewhere more secure; or
- store OTP secrets encrypted and verify OTP codes somewhere more secure.
My company, Enigma Bridge, created a service that takes the second approach. It encrypts all secrets with keys that are only present in tamper-resistant hardware (with independent validations of this security). This means that if the server database gets hacked, it will only contain a lot of random data that will be completely useless.