A generic term for any secret value that an attacker could use to impersonate the subscriber in an authentication protocol.
These are further divided into short-term authentication secrets, which are only useful to an attacker for a limited period of time, and long-term authentication secrets, which allow an attacker to impersonate the subscriber until they are manually reset. The authenticator secret is the canonical example of a long-term authentication secret, while the authenticator output, if it is different from the authenticator secret, is usually a short-term authentication secret.
Source(s):
NIST SP 800-63-3
A generic term for any secret value that an attacker could use to impersonate the subscriber in an authentication protocol.
These are further divided into short-term authentication secrets, which are only useful to an attacker for a limited period of time, and long-term authentication secrets, which allow an attacker to impersonate the subscriber until they are manually reset. The authenticator secret is the canonical example of a long-term authentication secret, while the authenticator output, if it is different from the authenticator secret, is usually a short-term authentication secret.
Source(s):
NIST SP 800-63-3
A generic term for any secret value that could be used by an Attacker to impersonate the Subscriber in an authentication protocol.
These are further divided into short-term authentication secrets, which are only useful to an Attacker for a limited period of time, and long-term authentication secrets, which allow an Attacker to impersonate the Subscriber until they are manually reset. The token secret is the canonical example of a long term authentication secret, while the token authenticator, if it is different from the token secret, is usually a short term authentication secret.
Source(s):
NIST SP 800-63-2
[Superseded]
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
