One time passwords


In 2009 I thought that it would be great to have an ability to log into TYPO3 using one-time-passwords (OTP) so as to beat any keyloggers if I want to log into the backend from an insecure computer. I researched various systems and decided that RFC 2289 fits the bill because there were existing J2ME calculators that I could use on my Java-enabled phone (the era of smartphones had already started but majority of the phones were still running “dumb” OS with some J2ME apps to make them smarter). However, I realized that there was no generic PHP class developers could use so I decided to write one and started PHP One-Time Passwords project on SourceForge.

Continue reading