A One Time Password (OTP) is a password valid only for a single use and, once used, cannot be used again for authentication. OTPs avoid a number of shortcomings that are associated with traditional (static) passwords.
michael@0:This application serves one purpose only. It calculates and prints a OTP.
michael@0:Most people use OTPs to log in to their website administration, CMS, or remote console.
michael@0:No. Google uses OTPs, but in a slightly nonstandard way. OTPWCalc cannot calculate OTPs useful for Google authentication yet.
michael@0:Yes, but some work is needed on the Windows/OSX/Oracle computer to configure the authentication subsystem.
michael@0:Yes, by using PAM and it's quite easy.
michael@0:OTPWCalc might not be compatible with your platform of choice, usually because the necessary hardware isn't available to the author for development.
michael@0:Take a look at the entry point in michael@0: main.js:
michael@0:
michael@0: var secr = $('#paswrd').val();
michael@0: var resp = hash(secr, user, iter);
michael@0:
michael@0: In other words, the password you enter is neither stored nor transmitted. In fact, OTPWCalc doesn't store or transmit any data input at all (see James Bond question later.) It's a calculator in the true sense, just like a pocket calculator that adds numbers.
michael@0:The algorithms of OTP have proven worthy of high security applications. OTPWCalc has been carefully designed and is tested thoroughly. It's both secure and safe to use.
michael@0:Yes. Custom built enterprise versions are available accompanied with commercial support. Visit the OTPWCalc homepage for information.
michael@0:Maybe, but spies probably just look over shoulders or use cameras to steal the static passwords used in OTP systems.
michael@0:Yubikey, RSA SecurID, and OTPWCalc use similar technologies for similar applications, but OTPWCalc is strictly software and doesn't depend on the time or date.
michael@0:This varies according to the operating system used so there's no single answer.
michael@0:OTPWCalc is the property of the copyright holder, Michael Schloh von Bennewitz.
michael@0:OTPWCalc is distributed under the terms of the European Union Public Licence. This liberal license grants you freedom to use the software and much more.
michael@0:OTPWCalc is built using the HTML, CSS, and JavaScript languages.
michael@0:The jQuery Mobile and Apache Cordova development frameworks provide important additional features.
michael@0:OTPWCalc is both active and stable, and follows a project management plan.
michael@0:To request features or pose questions please write to the mailing list.
michael@0:Please write to the mailing list stating the OTPWCalc version and platform. Thanks for every bug report!
michael@0:Please turn to the mailing list and ask for help there. Answers appear in a day.
michael@0:General security concerns should be directed to the mailing list, while those of a private nature should be sent directly to the author. X.509 certificates (for exchanging S/MIME encrypted email) and GnuPG keys (to verify released software signatures) reside on the author's website.
michael@0:Please monitor the mailing list and keep your installation of OTPWCalc up to date!
michael@0:This application implements
the following standards: