KYPS
KYPS (Keep Your Password Secret) is a free web-based service that enables users to log into websites, which usually require a username/password combination, using one-time passwords. The main difference between KYPS and similar password management technologies is that the password is never disclosed to the local computer. This makes KYPS effective against password theft by spyware or keyloggers, particularly when using public computers such as in an Internet cafe.[1]
The following figure sketches the login method of KYPS. Note that the user's password is not disclosed to the computer he uses. It is, however, disclosed to the KYPS server. The system therefore requires that the user trusts the provider of the service.
More details about the internal workings of KYPS were published at the CSIE 2009 conference.[1] KYPS is also featured on Makeuseof,[2] and heise.de [3] Some of the internal workings of its predecessor, an open-source project called "Impostor",[4] were published at the peer-reviewed GLOBECOM conference in 2004.[5]
See also
- Entering Passwords on a Spyware Infected Machine Using a Shared-Secret Proxy (KLASSP).
- Comparison of password managers
- List of password managers
- Password manager
- Cryptography