It seems to me that a simpler solution than challenge-response would be to emultate the tear-sheet crypto systems and just have a series of one-shot passwords generated. Each time you log in, it requires the next password from the sheet, so capturing the old one does no good (just as breaking the one-time codes from tear sheets doesn't help). Now if I could just figure out a simple way to do this on UNIX... See @article{lamport-pw, author = {Leslie Lamport}, journal = {Communications of the ACM}, month = {November}, number = 11, pages = {770--772}, title = {Password Authentciation with Insecure Communication}, volume = 24, year = 1981 } The Bellcore S-Key system implements this scheme, and is, I think, freely available. I know that it's included in TIS's firewall toolkit: \software{ftp.tis.com}{/pub/firewalls/toolkit}