A new version of obov is available for download. Some nice new features were added:
Go get it!
I’ve got a working setup which might be of interest to others.
I’m using a ZyXEL hardware token. You find the details here: http://www.zyxel.com/web/product_family_detail.php?PC1indexflag=20040908175941&CategoryGroupNo=96C9CDE6-F2AA-4D84-9D62-311A7CCD996C
They are shipped with a CD containing the seeds. Look for a file called data01.sql located in ASAS\import.
Using the following parameters you should get the token running together with oboc in just a few minutes:
* secret = the seed you found in data01.sql next to your token’s ESN id within the insert into the table OTP
* codeDigits = 6
* addChecksum = false
* truncationOffset = 16 (this enforces dynamic truncation)
The token is event based. This means that the moving factor (or counter) is increased every time you push the button to get a new password. You can use resyncMovingFactor if you don’t know the counter of your token.
The ZyXEL tokens come from Authenex and are identical with their A-Key 3600 token. Though, I don’t know how they supply the seeds in the same way. See http://www.authenex.com/authenex-products/akey-token-3600.html
Pretty useful work, and obovweb is a nice complement for testing purposes, but… what happened to the product page? /obov link is broken! I would like to know if obov supports both time based and event based passwords