KYPS

KYPS (Keep Your Password Secret) is a free web-based service that enables users to log into websites, which usually require a username/password combination, using one-time passwords. The main difference between KYPS and similar password management technologies is that the password is never disclosed to the local computer. This makes KYPS effective against password theft by spyware or keyloggers, particularly when using public computers such as in an Internet cafe.[1]

The following figure sketches the login method of KYPS. Note that the user's password is not disclosed to the computer he uses. It is, however, disclosed to the KYPS server. The system therefore requires that the user trusts the provider of the service.

A sketch of the KYPS login method.

More details about the internal workings of KYPS were published at the CSIE 2009 conference.[1] KYPS is also featured on Makeuseof,[2] and heise.de [3] Some of the internal workings of its predecessor, an open-source project called "Impostor",[4] were published at the peer-reviewed GLOBECOM conference in 2004.[5]

See also

References

  1. 1 2 Pashalidis, Andreas (2009). "Accessing Password-Protected Resources without the Password". WRI World Congress on Computer Science and Information Engineering. CSIE 2009. pp. 66–70. doi:10.1109/CSIE.2009.910.
  2. MakeUseOf Article
  3. Heise.de Entry
  4. http://impostor.sf.net
  5. Pashalidis, A.; Mitchell, C. J. (2004). "Impostor: a single sign-on system for use from untrusted devices.". IEEE Global Telecommunications Conference, 2004. GLOBECOM '04. 4. pp. 2191–2195. doi:10.1109/GLOCOM.2004.1378398.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.