PDA

View Full Version : PocketStation as two-factor authentication



wraggster
October 30th, 2011, 18:16
http://hackadaycom.files.wordpress.com/2011/10/pocketstation.jpg?w=450&h=200
[DarkFader] sent in his build that implements two-factor authentication on a Sony PocketStation (http://darkfader.blogspot.com/2011/10/pocketstation-google-authenticator.html).
The PocketStation (http://en.wikipedia.org/wiki/PocketStation) was a PS1 accessory intended to be a competitor to the Dreamcast VMU (http://en.wikipedia.org/wiki/VMU). [DarkFader] wrote an app for his PocketStation using a fabulous PocketStation emulator (http://www.ngemu.com/122312/pocketstation-emulator-pk201-released) and uploaded it with the PS3 memory card adapter and MCRWwin (http://www.geocities.jp/altshibabou/win/MCRWwin.html).
The PocketStation app (available here (http://files.darkfader.net/ps/files/auth.compiled.zip)) takes a key and hashes it with the current time to generate a six digit code. Combined with Google’s support (http://googleblog.blogspot.com/2011/02/advanced-sign-in-security-for-your.html) for two-factor authentication, [DarkFader]‘s memory card provides access to his Google profile.
Two-factor authentication is also used in RSA SecurID (http://en.wikipedia.org/wiki/SecurID) key fobs that werecompromised (http://bits.blogs.nytimes.com/2011/04/02/the-rsa-hack-how-they-did-it/) earlier this year. This lead to a huge number (http://money.cnn.com/2011/10/27/technology/rsa_hack_widespread/) of companies being penetrated. For a single person, obscurity is a reasonable (but still ultimately futile) means of providing a little more security, but a PocketStation hack is still pretty cool.

http://hackaday.com/2011/10/30/pocketstation-as-two-factor-authentication/