At work, years ago, I used to have a key-fob device that was about the size of a thumb-drive. It had a 4 digit LCD screen that the numbers changed every 60 seconds. When logging onto certain servers, after entering my user ID and password, it would prompt me for the 4 digit passcode.
Now the key-fob was so small, I wonder how the process handled time drift. Especially 15 years ago.
Possible ideas how this may work I came up with in my mind, not being too smart about such marvels:
- The manufacturer is certain enough that the battery will last long enough, and the key-fob would stand up to dropping, being bashed in pockets/purses
- The token has an atomic clock receiver in it to sync up every so often
- When the server receives the token, it looks to seen when it last sent out that particular 4-digit code, and if it was "recently" (say within 15 seconds or so) it would say "okay"
But I doubt any of those are right. Any ideas how that was handled? I was always nervous about using a number that was about ready to expire. I don't remember if I had to push a button on the key-fob to get a code. I do remember it being fairly unreliable; worked about 80% the first try.