Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
S/KEY
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
{{Short description|One-time password system}} '''S/KEY''' is a [[one-time password]] system developed for [[authentication]] to [[Unix-like]] [[operating system]]s, especially from [[dumb terminals]] or untrusted public computers on which one does not want to type a long-term password. A user's real password is combined in an offline device with a short set of characters and a decrementing counter to form a single-use password. Because each password is only used once, they are useless to [[Packet sniffer|password sniffers]]. Because the short set of characters does not change until the counter reaches zero, it is possible to prepare a list of single-use passwords, in order, that can be carried by the user. Alternatively, the user can present the password, characters, and desired counter value to a local calculator to generate the appropriate one-time password that can then be transmitted over the network in the clear. The latter form is more common and practically amounts to [[challenge–response authentication]]. S/KEY is supported in [[Linux]] (via [[pluggable authentication modules]]), [[OpenBSD]], [[NetBSD]], and [[FreeBSD]], and a generic open-source implementation can be used to enable its use on other systems. [[OpenSSH]] also implements S/KEY since version OpenSSH 1.2.2 was released on December 1, 1999.<ref>{{cite web | url=https://www.openssh.com/history.html | title=OpenSSH Project History | publisher=[[OpenSSH]] | accessdate=2019-12-05}}</ref> One common implementation is called [[OPIE Authentication System|OPIE]]. S/KEY is a trademark of [[Telcordia Technologies]], formerly known as Bell Communications Research (Bellcore). S/KEY is also sometimes referred to as [[Lamport's scheme]], after its author, [[Leslie Lamport]]. It was developed by Neil Haller, [[Phil Karn]] and John Walden at Bellcore in the late 1980s. With the expiration of the basic patents on [[public-key cryptography]] and the widespread use of [[laptop computers]] running [[Secure Shell|SSH]] and other cryptographic protocols that can secure an entire session, not just the password, S/KEY is falling into disuse.{{citation needed|date=January 2013}} Schemes that implement [[two-factor authentication]], by comparison, are growing in use.<ref>{{cite web | url = https://www.researchandmarkets.com/reports/4368880/global-multi-factor-authentication-market-2017 | title = Global Multi-factor Authentication Market 2017-2021 | date = August 2017 | publisher = TechNavio | url-access = subscription | accessdate = 2019-12-05 }}</ref>
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)