Created by jjanesko over 6 years ago
Prerequisite: Server and user's smart token both share the same, agreed up key and password function.Steps to authentication with dynamic passwords: User makes a request to server to be able to authenticate. Server sends a randomly generated challenge back to user. User authenticates to the smart token using a pin. If authentication to token successful, the user then enters the challenge value into the token. The token then uses the password function to generate a response to the challenge. The user sends the response back to the server. The server checks for message freshness. The server uses the same challenge and password function to generate the correct response value and compares it against the response from the user. If they match, the user is granted access.