AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Keeotp10/13/2023 You could however create a more complex scenario with HOTP (not TOTP!) and encrypt the seed with the next OTP value. How would you protect the seed against a thieve with local access? Encrypt it! How? With a passphrase? => only one factor. So as pointed out: How should OTP help you? You need to store the seed. The threat is the physical theft of your file.protected by your passphrase. Everyone would choose the first, to be able to change the passphrase. How does encryption work? You have a symmetric AES key which is either encrypted by your passphrase or which is generated out or your passphrase. You are using keepass, because you want to avoid a thieve who is grabbing the file to access this file. You encrypt your harddisk, because you want to avoid an thieve getting into your data. You are encrypting things to protect against local attacks. If you try to use OTP for encryption, this is just eye candy. But it will not protect you against local attacks.īut the question is, if you do not have a bigger problem, if someone is able to perform a local attack. This may very well protect you against shoulder surfers or maybe keyloggers. So you store the seed on this local machine. When you are using OTP based on HOTP or TOTP locally you need to store the seed somewhere.
0 Comments
Read More
Leave a Reply. |