-
December 26th, 2009, 04:07 PM
#1
Junior Member
Distributing one-time passwords
I'm working on a web service that needs two factor authorization, and therefore I need a way of securely distributing one-time passwords. The primary method will be sending a SMS to the users phone with the password, but I need a fall back method in case the user don't have the phone where he is.
So, there is imho two practical ways for me to do this.
Create a "card" with n number of predefined password and e-mail this to the user in advance.
Or e-mail the user just one password instead of sending the password on SMS.
The problem is that e-mail isn't the most secure way of communicating, so any ideas on how to do this more secure, or any thoughts at all?
Similar Threads
-
By Irongeek in forum The Security Tutorials Forum
Replies: 43
Last Post: July 22nd, 2007, 09:28 AM
-
By pwaring in forum Other Tutorials Forum
Replies: 60
Last Post: October 22nd, 2004, 09:15 PM
-
Replies: 1
Last Post: July 15th, 2002, 03:46 AM
-
By Badassatchu in forum Non-Security Archives
Replies: 1
Last Post: November 23rd, 2001, 11:13 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|