Javier Fernández-Sanguino Peña wrote:
> Sure, and one time passwords for either case is even better.
Even though it's not production ready yet, i wrote a PAM module that
generates a password, encrypts it using SSL(RSA) or PGP (asymmetric
keys) and then sends it to a mobile phone or PDA using bluetooth. I also
wrote a small Symbian application (j2me) that decrypts the password (it
takes about 4 seconds on a Nokia 6630).
At that point the user can login with that password for a limited period
It doesn't really apply in this case here because it's limited to the
bluetooth range (100m), but i intend to adapt it so the password can be
send over sms or mms.