Security firm PinPlus has developed a one-time password system with 2.1 billion combinations.
The so-called pin+ system utilises the power of matrix-pattern authentication (MPA) to generate one-time codes without hardware tokens or card readers.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
Jonathan Craymer, managing director of PinPlus, said, "Pin+'s patent-pending system ensures "correct" codes can only be used once, while many other systems allow you to use codes again, leaving them susceptible to so-called replay attacks."
Steve Hope of pin+ partner Winfrasoft says, "We're offering improved resistance to reverse engineering as PinPlus's restriction of its standard character-set (using only the numbers one to six on a six-by-six matrix) increases repetition of characters on the matrix (each one appears six times) meaning an attacker would have to capture and analyse four to six successful logins to reverse a pattern, compared to just two or three for some other systems."
With the recent discovery of a flaw in RSA authentication, users are being urged to consider alternatives.