One time password Authenticator - Mobile App?

[Orophin]

I would like to see this since I don't want to bring my keyfob with me to work and sometimes I get logged out on the forums.

[Endigiont]

Is this the Asura HBU Orophin?

[Sartori]

Uhhh, we already have a security token, why have something like this. I'll stick with the token thank you

[Seirra_Lanzce]

Uhhh, we already have a security token, why have something like this. I'll stick with the token thank you

then stick with it, why can't they give us more option on how our security works? some prefer to have tokens (like you) some prefer smartphones, so why not both? eh?

[Syrokko]

This is a good idea...
But...
Cell phone connections are quite easily compromised when connected online.

You might even be putting your account at risk if the security is not heavy enough.
That said, banking/paypal apps seem to work without any security faults (knock on wood >_>), so I guess it wouldn't be too difficult to develop a piece of software capable of providing security whilst protecting itself against any threats.

[Soukyuu]

This is a good idea...
But...
Cell phone connections are quite easily compromised when connected online.

The idea is to reduce risk by separating the authentication process. To compromise an account, you would have to compromise the pc AND the cell phone at the same time.

The probability of this happening is pretty low. The codes generated by the token/app are only valid once, and only for a duration of about 30 seconds after generation. Compromising the cell phone and stealing a code won't help you at all.

As for banking apps on mobile phones, there have been cases of them getting compromised already, mainly because the implementation of SSL/TLS was faulty, etc (see article here) So yes, security is an issue, if done wrong.

[Orophin]

Is this the Asura HBU Orophin?

Newp, I played on Gilgamesh back in the day.

[Delsus]

This is a good idea...
But...
Cell phone connections are quite easily compromised when connected online.

You might even be putting your account at risk if the security is not heavy enough.
That said, banking/paypal apps seem to work without any security faults (knock on wood >_>), so I guess it wouldn't be too difficult to develop a piece of software capable of providing security whilst protecting itself against any threats.

The main way of compromising the data on a phone, is not with it being online it's Bluetooth, Bluetooth has virtually no security so if someone's phone has it's Bluetooth switched on it is easily compromised, I believe it is even possible when your Bluetooth is not discoverable, that is why it should be switched off when not in use.