VULHUB ™

OPIE is a software package allowing remote authentication via one time passwords. A user authenticates using a sequence of pre-generated passwords, and is given a prompt including the current sequence number. A standard security precaution with any login system is to not distinguish between an invalid password and an invalid account. While OPIE attempts to print a valid login prompt for a non existent account, the sequence number for the prompt is chosen randomly. As a result, repeated attempts to connect with the same account will have wild fluxuations in this value, which would normally remain constant until a successful authentication occurs. It could be very reasonably assumed that this account does not in fact exist.

OPIE is a software package allowing remote authentication via one time passwords. A user authenticates using a sequence of pre-generated passwords, and is given a prompt including the current sequence number. A standard security precaution with any login system is to not distinguish between an invalid password and an invalid account. While OPIE attempts to print a valid login prompt for a non existent account, the sequence number for the prompt is chosen randomly. As a result, repeated attempts to connect with the same account will have wild fluxuations in this value, which would normally remain constant until a successful authentication occurs. It could be very reasonably assumed that this account does not in fact exist.