[Cryptography] Clever physical 2nd-factor authentication

Jerry Leichter leichter at lrw.com
Wed Apr 2 07:01:53 EDT 2014


It's a challenge/response style technique with a clever cheap low-tech implementation.  Basic idea:  The user gets a credit card with a transparent window on which a user-specific mask - a pattern of lines - is pre-printed.  The server sends an image that, when viewed through the mask, forms a passcode to be sent back to the server.

I didn't spend enough time exploring the site to get a feel for all the details, or how secure it might actually be.  But it's nice to see people coming up with new approaches and doing the necessary engineering work (e.g., the client side software lets you easily adjust the size and position of the image as presented so that it matches the credit card).

http://passwindow.com/
                                                        -- Jerry



More information about the cryptography mailing list