Definition Edit

In a challenge-response system a password is never sent over the network. When the user enters his or her account name at a terminal, the central server issues the user a random challenge. The user sees the challenge, and transcribes it and a password into the keypad of a handheld authenticator (the size of a credit card or small calculator). The authenticator calculates a unique response; the user enters that response into the terminal and sends it to the central server. The central server repeats the calculation and compares its result with the user’s result. An intruder cannot imitate the user without access to the identical authenticator and its associated password.

Overview Edit

Secure tokens or a laptop computer can also substitute for the authenticator. Also, the user’s token can generate a response based on a card-unique secret key and the local time (synchronized with the central server), instead of the challenge sent by the central server.

See also Edit

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.