Home / Products / Openotp

OATH HOTP and TOTP(RFC-4226) Hardware Token

Static passwords are not secure enough for protecting sensitive web sites. And you want a hardware-based Token solutions for your mobile users. Then OpenOTP Hardware Token is the perfect solution for you.

OpenOTP supports a wide range of Hardware authenticators including OATH Event-based (HOTP), Time-based (TOTP) and Challenge-Response (OCRA) Hardware Tokens.

See here for a list of hardware Token clients compatibles with OpenOTP.
OpenOTP work with OATH-compliant Software Tokens too.

How does it work? 
OpenOTP Software Token does 2-Factor authentication with the help of an OATH client token hardware.
  • User pushes a button on his hardware token to generate a new password.
  • In direct mode, user enters login name, LDAP password (i.e. Domain LDAP password) and generated OTP password to log in.
  • In challenge mode, user enters login name, LDAP password (i.e. Domain LDAP password). A challenge prompt is displayed, asking for the One-Time Password. User types in the OTP password to the prompt and logs in.

Officially Supported Hardware Tokens 
OpenOTP supports a large variety of OATH Hardware Tokens from many Token manufacturers.
In fact, any Token working in OATH HOTP/TOTP or OCRA mode is compatible.
Feitian
c100, c200
(HOTP, TOTP) 		SecuTech
300, 500
(HOTP, TOTP) 		SmartDisplayer
e1010, t1020, e2010
(HOTP, TOTP, OCRA) 		Vasco
GO6, GO3
(HOTP, TOTP) 		Yubico Yubikey
(Yubikey, OATH)

What are the key features? 
  • Usable in combintion with LDAP passwords (for increased security)
  • OpenOTP works so that a hacker never knows what password was wrong (LDAP or OTP)
  • Very simple integration APIs (SOAP / RADIUS)
  • Supports any OATH (RFC-4226) HOTP, TOTP and OCRA compliant hardware tokens
  • Per-user application settings (login mode, session timeouts...)
  • OpenOTP user metadata are directly store in the LDAP users (no need to import/duplicate the users in another database)
  • Token Keys and States are stored encrypted in the LDAP accounts (with AES-256)
  • Multilingual and customizable end-user messages

Quick Links

  • What is a WebApp
  • What is a Web Service
  • User Questions (FAQ)
  • Installation Requirements
  • Online Demos
  • Why Choosing OpenOTP
  • Licenses and Pricing

    • OpenOTP Server

  • Compatible Software Tokens
  • Compatible Hardware Tokens
  • Completely FREE for 25 users

    • Certified Solutions

    RCDevs is a contributor of OATH and OpenOTP Server is an OATH Certified Solution since 2011.

    OpenOTP and TiQR Server recieved the commendation award at SC Awards 2012 for the Best SME Security Solution.

       

    © Copyright RCDevs SARL - Email: info(at)rcdevs.com - Fax: +33 (0)9 72 14 52 97 - Voicemail: +33 (0)9 72 14 53 03