Questions tagged [hardware-token]
35 questions
0
votes
1 answer
Protect server-side key with client token
I'd like to encrypt some data on the server using a user-managed secret. I could just ask for a password and derive a key from that, but ideally I'd like to offer users the option of using a yubikey to safeguard the data. This way it would be more…
![](../../users/profiles/86180.webp)
Felipe
- 123
- 4
0
votes
1 answer
synchronization of keyfob token generator
At work, years ago, I used to have a key-fob device that was about the size of a thumb-drive. It had a 4 digit LCD screen that the numbers changed every 60 seconds. When logging onto certain servers, after entering my user ID and password, it…
![](../../users/profiles/108949.webp)
Mark Stewart
- 159
- 1
- 2
- 15
0
votes
1 answer
can a token be used for sql injection
I have a token that is restricted to read only access.
If someone obtains that token, can they use it to do a sql injection attack?
Given that the token is permissioned for read only, can someone embed a delete query in the request, have it read…
![](../../users/profiles/180928.webp)
nanonerd
- 157
- 1
- 1
- 7
0
votes
4 answers
Token FIPS 140-2 level 3 with support for Android, iPhone and Web
I'm testing a SafeNet 5100 token FIPS 140-2 level 3. It comes with programs to access and manage it, but only for desktop machines.
I would like to create applications that use level 3 tokens. Is there any level 3 token that provides access from…
![](../../users/profiles/125059.webp)
Jonathan Barbero
- 93
- 6
0
votes
1 answer
One time password with Hardware Token
I am researching software authentication methods that are easy yet secure to implement in my own projects.
IDEAS: Steps to authenticate apps
The application is running from a USB drive as it is never installed on any one computer.
Upon each run,…
![](../../users/profiles/127104.webp)
ProGrammer
- 111
- 3