OATH Authentication

What is it?

The Initiative for Open Authentication (OATH) is based around the idea of authenticating with One-Time Passwords (OTPs) using a standard outlined in RFC 4226 which is referred to as Hash-based OTP (HOTP) and Time-based OTP (TOTP).

You can use Google Authenticator on your Android or Blackberry phone to provide second-factor authentication for Google accounts, Linux boxes, LastPass, and other services.

Links

• Google Authenticator

  • Android Market listing
  • Source code and documentation

• Google accounts

  • Blog post detailing the introduction of second factor for Google accounts

• LastPass

  • Download link
  • Help page on Google Authenticator

• PAM for UNIX

  • Example of how to set up OTP with Linux

• Amazon Web Services (AWS) accounts

  • AWS multi-factor account start page