摘要 |
A security system for controlling access to a computer, a software package or a website, or another protected entity, employs two-factor security. A token in the form of a smart card is issued to authorized users. The smart card generates one-time-only access codes on the basis of a fixed secret key and variable input value such as a counter value. A reader device is selectively interfaceable to the smart card to receive the access code generated by the smart card and to display the access code to the user. The user enters the displayed access code into the protected entity, which duplicates the access code generation process carried out in the smart card to validate the entered access code. <IMAGE> |