Security firm PinPlus has developed a one-time password system with 2.1 billion combinations.
The so-called pin+ system utilises the power of matrix-pattern authentication (MPA) to generate one-time codes without hardware tokens or card readers.
Jonathan Craymer, managing director of PinPlus, said, "Pin+'s patent-pending system ensures "correct" codes can only be used once, while many other systems allow you to use codes again, leaving them susceptible to so-called replay attacks."
Steve Hope of pin+ partner Winfrasoft says, "We're offering improved resistance to reverse engineering as PinPlus's restriction of its standard character-set (using only the numbers one to six on a six-by-six matrix) increases repetition of characters on the matrix (each one appears six times) meaning an attacker would have to capture and analyse four to six successful logins to reverse a pattern, compared to just two or three for some other systems."
With the recent discovery of a flaw in RSA authentication, users are being urged to consider alternatives.