views:

314

answers:

2

We have a system that uses password authentication to access a database, the usernames and encrypted passwords are stored in the database. when a user forgets their password, (or the administrator leaves for greener pastures) we want to be able to generate a new password for the current administrator or generate a new administrator.

We deal with our clients via telephone support. So we want to use this scenario:

user rings up - forgotten password.

client software generates a challenge code based on their site license

user tells phone support staff the challenge code

phone support staff give a response code

user enters challenge and response code, and goes in the backdoor (either new user created or password of current user reset)

We want the challenge/response to only work once, we dont want to leave the backdoor open.

how should we go about it?

A: 

generate challenge code based on both site license and database stored password. With the new password, necessarily the next challenge code will be different. No backdoor.

Krugar
whatabout the case where the administrator has left, and nobody knows his username?
Aran Mulholland
anyway i was more interested in ways to generate the challenge and response codes.
Aran Mulholland
we used a variation of this, with a random string and the site license. thanks.
Aran Mulholland
+2  A: 

RFC4226, HTOP

This is the theory behind PIN calculators and you can get different implementations for it, so that you even don't have to pick up the phone but the client can generate it herself, with a mobile phone for example.

martin