IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [hardware-token]

35 questions
0
votes
1 answer

Protect server-side key with client token

I'd like to encrypt some data on the server using a user-managed secret. I could just ask for a password and derive a key from that, but ideally I'd like to offer users the option of using a yubikey to safeguard the data. This way it would be more…
Felipe
  • 123
  • 4
0
votes
1 answer

synchronization of keyfob token generator

At work, years ago, I used to have a key-fob device that was about the size of a thumb-drive. It had a 4 digit LCD screen that the numbers changed every 60 seconds. When logging onto certain servers, after entering my user ID and password, it…
Mark Stewart
  • 159
  • 1
  • 2
  • 15
0
votes
1 answer

can a token be used for sql injection

I have a token that is restricted to read only access. If someone obtains that token, can they use it to do a sql injection attack? Given that the token is permissioned for read only, can someone embed a delete query in the request, have it read…
nanonerd
  • 157
  • 1
  • 1
  • 7
0
votes
4 answers

Token FIPS 140-2 level 3 with support for Android, iPhone and Web

I'm testing a SafeNet 5100 token FIPS 140-2 level 3. It comes with programs to access and manage it, but only for desktop machines. I would like to create applications that use level 3 tokens. Is there any level 3 token that provides access from…
Jonathan Barbero
  • 93
  • 6
0
votes
1 answer

One time password with Hardware Token

I am researching software authentication methods that are easy yet secure to implement in my own projects. IDEAS: Steps to authenticate apps The application is running from a USB drive as it is never installed on any one computer. Upon each run,…
ProGrammer
  • 111
  • 3
1 2
3