| 摘要 |
Access to a target system is secured by use of an encrypted passphrase that is supplied on-site at the target system by a user requesting access. The encrypted passphrase includes an access credential portion and a one-way encoded portion. The one-way encoded portion is an encoded version of at least some of the access credential portion. A validator at the target system receives and decrypts the encrypted passphrase and identifies the access credential portion and one-way encoded portion. The validator one-way encodes the identified access credential portion and compares the result to the identified one-way encoded portion from the decrypted passphrase. If the results do not match, the validator denies access to the user requesting access. The encoding and decrypting of the passphrase may be performed using keys generated from a secret key/seed related to the target system, unencrypted information such as time/date information, and a user PIN.
|
