References

Jump to bottom

David Whitlock edited this page Apr 28, 2017 · 1 revision

One Time Password

IETF - RFC 4226 - HOTP: An HMAC-Based One-Time Password Algorithm
IETF - RFC 6238 - TOTP: Time-Based One-Time Password Algorithm

Multiple Factor authentication

NIST - Digital Authentication Guidelines
NCSA - Stay Safe Online campaign

Authentication Vulnerabilities

Researchgate - Vulnerability of OTP implemented in internet banking systems of South Korea
TheHackerNews - End of SMS-based 2FA; Yes, it's Insecure!

Passwords and Password Hashing

See the Comeonin wiki for details