Jump to content

OPIE Authentication System

Add links
From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by Cpiral (talk | contribs) at 06:06, 6 December 2009 (rewrite the article). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

OPIE is the initilism of "One time Passwords In Everything". Opie is a mature, Unix-like login and password package installed on the server and the client which makes untrusted networks safer against password-sniffing packet-analysis software like dSniff and safe against Shoulder surfing. It works by circumventing the delayed attack method because you never use the same password twice after installing Opie. Opie implements a one-time password (OTP) scheme based on S/key, which will require a secret passphrase (not echoed) to generate a password for the current session, or a list of passwords you can print and carry on your person.

OPIE uses an MD4 or MD5 hash function to generate passwords.

OPIE can restrict it's logins based on IP address. It uses it's own passwd and login modules.

If you press the Enter key at the password prompt, it will turn echo on, so you can see what you are typing when entering an unfamiliar password from a printout.

OPIE will improve security when accessing online banking at conferences, hotels and airports. Some countries require banks to implement OTP.

OPIE shipped with FreeBSD 8.0 and OpenSUSE 10.3. You can install it on your Unix-like server and clients for improved security.

The commands are

  • opiepasswd
  • opiekey
  • opiepasswd

References

Stub icon

This Unix-related article is a stub. You can help Wikipedia by expanding it.

Retrieved from "https://en.wikipedia.org/w/index.php?title=OPIE_Authentication_System&oldid=330015025"