Home / Products / Openotp

OATH HOTP and TOTP(RFC-4226) Software Token

Static passwords are not secure enough for protecting sensitive web sites. And the distribution and maintenance of Hardware Tokens is too expensive for you. Then OpenOTP Software Token is the perfect solution for you.
OpenOTP Software Token solutions is cost efficient, user friendly and provides Two-Factor authentication.
No new client hardware is required, just mobiles phones, PDAs or iPhone.

OpenOTP supports a wide range of Software authenticators including OATH Event-based (HOTP), Time-based (TOTP) and Challenge-Response (OCRA) Software Tokens.

See here for a list of free Software Tokens compatibles with OpenOTP.
OpenOTP work with OATH-compliant Hardware Tokens too.

How does it work? 
OpenOTP Software Token does 2-Factor authentication with the help of an OATH client token software.
  • User starts his mobile Token application to generate a new password.
  • In direct mode, user enters login name, LDAP password (i.e. Domain LDAP password) and generated OTP password to log in.
  • In challenge mode, user enters login name, LDAP password (i.e. Domain LDAP password). A challenge prompt is displayed, asking for the One-Time Password. User types in the OTP password to the prompt and logs in.

Supported Mobile Devices 
OpenOTP strictly implements the OATH One-time password standards (HOTP/TOTP/OCRA).
Many OATH-compliant Software Tokens from various vendors are available for:
Java Phones (J2ME) Windows Mobile, Blackberry, Palm Apple iPhone, iPod Google Android

Click here for a list of compatible (Free) Software Tokens from various vendors.

What are the key features? 
  • Usable in combination with LDAP passwords (for increased security)
  • OpenOTP works so that a hacker never knows what password was wrong (LDAP or OTP)
  • Very simple integration APIs (SOAP / RADIUS)
  • Supports any OATH (RFC-4226) HOTP, TOTP and OCRA compliant software tokens
  • Per-user application settings (login mode, session timeouts...)
  • OpenOTP user metadata are directly store in the LDAP users (no need to import/duplicate the users in another database)
  • Token Keys and States are stored encrypted in the LDAP accounts (with AES-256)
  • Multilingual and customizable end-user messages

Quick Links

  • What is a WebApp
  • What is a Web Service
  • User Questions (FAQ)
  • Installation Requirements
  • Online Demos
  • Why Choosing OpenOTP
  • Licenses and Pricing

    • OpenOTP Server

  • Compatible Software Tokens
  • Compatible Hardware Tokens
  • Completely FREE for 25 users

    • Certified Solutions

    RCDevs is a contributor of OATH and OpenOTP Server is an OATH Certified Solution since 2011.

    OpenOTP and TiQR Server recieved the commendation award at SC Awards 2012 for the Best SME Security Solution.

       

    © Copyright RCDevs SARL - Email: info(at)rcdevs.com - Fax: +33 (0)9 72 14 52 97 - Voicemail: +33 (0)9 72 14 53 03