One time PIN?

Discussion in 'General' started by Patrick_elx, Feb 11, 2009.

  1. Patrick_elx

    Joined:
    Dec 14, 2008
    Messages:
    1,120
    Likes Received:
    0
    I was wondering about increasing the security of DISA for remote extensions.

    Based on the assumption that hackers are monitoring SIP exchanges and recording all DTMF transaction to log credit card number or access code and that a VPN remote extension connection is not always practical (like on my Nokia SIP client), is there an easy way to have a changing/rolling code for the Authenticate function.

    I was thinking about the following:

    - having a 15 digit/letter pass phrase and let Asterix asking only a few digits randomly(i.e. 'Please enter the 5th,7th,10th and 12th digit' )

    - having a base PIN plus a variable part (hour, minutes, date, etc...)

    - a list of multiple PIN associated with their own voice request ('please enter password #5' or 'What is the name of your first pet' )...


    Patrick
     
  2. Chilling_Silence

    Joined:
    Sep 23, 2008
    Messages:
    488
    Likes Received:
    0
    What gives you that idea?

    Mate, seriously, its easier to hack a PSTN line than a SIP line ;)
     
  3. Patrick_elx

    Joined:
    Dec 14, 2008
    Messages:
    1,120
    Likes Received:
    0
    I'm just getting older and climbing on the phone pole is getting tougher on my poor muscle. :S
     

Share This Page